Page 1 of 1

Hide member list?

Posted: Thu Feb 24, 2005 4:39 am
by Colliope
I just realized that I can view the member list while logged out. Is it possible to set things so that only registered/logged-in members can view the member list? I thought this was an option in the config panel, but don't see it.

Thanks,
Col

Re: Hide member list?

Posted: Thu Feb 24, 2005 4:49 am
by flogger12
Colliope wrote: I just realized that I can view the member list while logged out. Is it possible to set things so that only registered/logged-in members can view the member list? I thought this was an option in the config panel, but don't see it.

Thanks,
Col


*********************************
making memberlist viewable by admins only
**********************************
Drexion wrote: I really didn't test this much, so backup all files before editing them. Since you don't want a mod this is probably as simple as your'e going to get.

Open memberlist.php
In it find around line 30 or so

Code: Select all

$userdata = session_pagestart($user_ip, PAGE_VIEWMEMBERS);
init_userprefs($userdata);
//
// End session management
//
On the next line add

Code: Select all

if($userdata['username'] == 'Anonymous' || $userdata['user_level'] < 1)
	message_die(GENERAL_MESSAGE, 'Sorry, access denied.');
Save/upload etc.

Open profile.php
In it find around line 31 or so

Code: Select all

$userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata);
//
// End session management
//
On the next line add

Code: Select all

if($userdata['username'] == 'Anonymous' || $userdata['user_level'] < 1)
	message_die(GENERAL_MESSAGE, 'Sorry, access denied.');
Save/upload etc.
**********************************

Posted: Thu Feb 24, 2005 3:00 pm
by Colliope
I want the member list to be accessible to everyone who is registered, not just administrators. The only people I want to block out are anonymous/unregistered people who might happen across my forum.
If unregistered visitors try to open any forum topic, they get the log-in screen - can't read any posts. Seems there ought to be a way to also make them register before viewing the member list, in order to protect the members email addies that show on the list.
Thanks for any more input,

Col

Posted: Thu Feb 24, 2005 10:49 pm
by trax1
I have tried this and it works well but anyone can still access the memberslist via the direct URL - is there anyway of protecting this.

cheers
Keith

Re: Hide member list?

Posted: Thu Feb 24, 2005 10:54 pm
by Yawner
flogger12 wrote: *********************************
making memberlist viewable by admins and registered users
**********************************
Drexion wrote:I really didn't test this much, so backup all files before editing them. Since you don't want a mod this is probably as simple as your'e going to get.

Open memberlist.php
In it find around line 30 or so

Code: Select all

$userdata = session_pagestart($user_ip, PAGE_VIEWMEMBERS);
init_userprefs($userdata);
//
// End session management
//
On the next line add

Code: Select all

if($userdata['username'] == 'Anonymous'/* || $userdata['user_level'] < 1*/)
	message_die(GENERAL_MESSAGE, 'Sorry, access denied.');
Save/upload etc.

Open profile.php
In it find around line 31 or so

Code: Select all

$userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata);
//
// End session management
//
On the next line add

Code: Select all

if($userdata['username'] == 'Anonymous'/* || $userdata['user_level'] < 1*/)
	message_die(GENERAL_MESSAGE, 'Sorry, access denied.');
Save/upload etc.
**********************************

That shoudl work..

Posted: Thu Feb 24, 2005 11:04 pm
by StefanL
This is tested and works:

Open memberlist.php
FIND

Code: Select all

//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_VIEWMEMBERS);
init_userprefs($userdata);
//
// End session management
//
AFTER, ADD

Code: Select all

// Added log in control
if ( !$userdata['session_logged_in'])
{
   redirect(append_sid("login.$phpEx?redirect=memberlist.$phpEx", true));
   exit;
}
// End log in control
Open profiles.php:

FIND

Code: Select all

//
// Start of program proper
//
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
	$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
	$mode = htmlspecialchars($mode);

	if ( $mode == 'viewprofile' )
	{
AFTER, ADD

Code: Select all

		// Added log in control
		if ( !$userdata['session_logged_in'])
		{
			redirect(append_sid("login.$phpEx?redirect=profile.$phpEx&mode=viewprofile&u=$u", true));
			exit;
		}
		// End log in control

Posted: Thu Feb 24, 2005 11:20 pm
by Colliope
After I posted this question, I found this other thread

http://www.phpbb.com/phpBB/viewtopic.php?t=266399

about just removing the memberlist icon from unlogged in viewers, which sounded good, but there are other code changes reccommended in that thread, to do as is being suggested here - leave the link, but redirect where it takes you.

Now I'm a little befuddled as to which of the redirect code changes is best to use?

Col