Geeklog Forums

Is it possible to set things up so that a certain group of registered users are not allowed to post stories (or links and calendar events for that matter) and other registered users can post to these areas?
Or is it only an "all or nothing" case where if you're registered you can post, and anonymous can't?

Thanks.

No you can change that in the setup configuration internally. E.g. guests may post stories / comments or not, stories / comments may be reviewed by moderators or not.

Most other systems have to lock down these features for guests as they can`t handle spam posts or comments propperly. GL doesn`t have many problems with that.

I'm not referring to guest users, but users who have registered and have logins. Is it possible to further break down the signed up member users into a group who can submit items and a group who can't?

In the last line you DID refer to guests!

Anyway, yes you can take away the right so submit stories and have a group of "editors" and a group of "members". Or you could have them all submit stories but moderate those of the non editors.

At the risk of showing my ignorance, how does one remove the right to submit an item from a registered user?

I'd be interested in that answer, too, since I don't think it's possible :wink: Otherwise, we wouldn't need this feature request.

When a user can see a topic, they can submit a story for that topic. You can hide the "Contribute" link to make it less obvious, but they will still be able to do it.

bye, Dirk

Adding a story.contrib feature to the system is relatively simple. It mostly involves changing submit.php. To use this you have to add a feature to the database. Then you add that feature to a user group. Users whom you wish to be able to contribute stories must be added to the new group in order to have access to the submit feature.

insert into gl_features (ft_name, ft_descr, ft_gl_core) values ('story.contrib','Allowed to contribute stories',0)

In submit.php:

And you need to add the function I created. It should go into lib-security.php but if you are doing this as a patch, just add it to submit.php

I didn't test it but this should also work with other contributable items. If you add a calendar.contrib (or is it event.contrib) feature to the database, event submission would be disabled for anyone without the feature.

My geeklog hacking may be rusty. Did I forget anything?

You can do this very easy.

To create a group that cannot post stories go to Groups > New > Then make sure they do not have story.submit ticked, assign any other permission you wish and save.

Then assign the group to the users you wish. Then make another group, give them story.submit permission and assign to who you wish.

Did you try that? story.submit is the right to skip the story submission queue. Users without that right can still submit stories - they'll only end up in the submission queue.

bye, Dirk

After upgrading to GL 1.6.1 all of a sudden I'm getting hammered (again) by spam posts from anonymous users.

I looked for an option in the configuration menu to only allow registered users with a password to be allowed to submit stories. I'm assuming it's there and that I just can't find it, so can someone please point the way? Also, I had some issues with these menus after the upgrade, so maybe they are still screwed up and not showing all of the options?

In any event, where (should) this option be appearing?

Thanks...

Don
www.panama-guide.com

Configuration > Geeklog > Users and Submissions > Login Settings > Submit Login Required?

bye, Dirk

Right. I have that set to "true" but according to the docs for that option - "When set to 1, only registered users can submit stories and items handled by plugins, e.g. links and events"

For some reason, anonymous (meaning, not registered and not logged in) are still able to submit stories.

Are stories and articles handled by plugins? I don't think so, right?

So maybe therefore random anonymous users are still allowed to spam my website, even though this is currently set to "true?"

It's either that, or something's broke.

Try it - visit the website, don't log in, and try to submit something... The system allows it to happen, and the spam ends up in my submission queue. I mean, I just go in there and delete about 20 per day, but it's a pain in the butt.

Don
www.panama-guide.com

Indeed. The interesting thing, however, is that it offers me a "Log Out" option - as anonymous user.

My guess is that the anonymous user account - for some reason - is also in the group "Logged-In Users".

Can you do SQL requests, e.g. in phpMyAdmin? Try something like this (this is from the command line):
This is how it should be - the anonymous user account (uid 1) is only in group #2 (All Users).


If it also lists 13 (Logged-In Users), then that's your problem. In that case, try:

bye, Dirk

OK, I checked and the first part was as it should be (2,1,null)

I also ran:



Now what... I don't know if that fixed the problem.

Don
www.panama-guide.com

Nope, when I logged out and came back as an anonymous user it still allows me to submit articles and if still also displays the "log out" option like you said.

Problem still there.

Don
www.panama-guide.com

Very odd. Another thing worth trying may be to clear out all sessions from anonymous users:

Or maybe you have a user with uid 0 - could you check that?

bye, Dirk

I did check, and actually the first user ID listed is 2.

There is no 0 or 1.

Don
www.panama-guide.com

Dirk;

Please check your email and get back to me. Thanks.

Don
www.panama-guide.com

You should have a user with the Id of 1 called Anonymous.

---

One of the Geeklog Core Developers.

Yeah, I know. Apparently that's part of my problem. I've been having all kinds of weird database related problems since I upgraded to GL 1.6.1. I don't think the database ever got properly and completely updated.

Don
www.panama-guide.com