[21/01/07] Page Permissions

All new MODs released in our MOD Database will be announced in here. All support for released MODs needs to take place in here. No new MODs will be accepted into the MOD Database for phpBB2
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Post Reply

Rating:

Excellent!
24
80%
Very Good
4
13%
Good
1
3%
Fair
1
3%
Poor
0
No votes
 
Total votes: 30

Extensions Robot
Extensions Robot
Extensions Robot
Posts: 27693
Joined: Sat Aug 16, 2003 7:36 am

[21/01/07] Page Permissions

Post by Extensions Robot » Sat Jan 20, 2007 3:48 pm

MOD Name: Page Permissions
Author: drathbun
MOD Description: Allows a board owner to set up permissions for any page that uses the phpBB permissions system. The /contrib folder includes some instructions on how to add new pages that use the permissions system as well.

MOD Version: 1.2.2
Tested on phpBB Version: 2.0.22

Download File: page_permissions.1.2.2.zip
mods overview page: View
File Size: 43376 Bytes



Support for this MOD needs to be asked within this topic. The phpBB Teams are not responsible or required to give anyone support for this MOD. By installing this MOD, the phpBB Support Team or phpBB MODifications Team may not be able to provide support.

This MOD has only been tested by the phpBB MOD Team with the phpBB version listed in the topic. It may not work in any other versions of phpBB.
Last edited by Extensions Robot on Mon Apr 30, 2007 12:31 am, edited 1 time in total.
(this is a non-active account manager for the phpBB Extension Customisations Team)

User avatar
Kellanved
Former Team Member
Posts: 2635
Joined: Wed Jan 26, 2005 2:48 pm
Location: Meta-level

Post by Kellanved » Sun Jan 21, 2007 7:41 pm

MOD Validated/Released

Notes:
This MOD offers a sophisticated set of tools to apply the permission system on all pages of the board.
Nocando is in Idontwanna county. No support via PM

User avatar
Dog Cow
Registered User
Posts: 2491
Joined: Fri Jan 28, 2005 12:14 am
Contact:

Post by Dog Cow » Sun Jan 21, 2007 10:07 pm

looks interesting; I'm about to download it now!
Moof!
Mac GUI Vault: Retro Apple II & Macintosh computing archive.
Inside Allerton bookMac GUIMac 512K Blog

User avatar
igorw
Former Team Member
Posts: 8024
Joined: Fri Dec 16, 2005 12:23 pm
Location: {postrow.POSTER_FROM}
Name: Igor Wiedler

Post by igorw » Sun Jan 21, 2007 10:07 pm

Congratulations, sir!
Igor Wiedler | area51 | GitHub | trashbin | Formerly known as evil less than three

found it
Registered User
Posts: 215
Joined: Mon Oct 25, 2004 8:51 am
Contact:

Post by found it » Sun Jan 21, 2007 11:51 pm

I double that I have been using this mod since first beta....

A fantastic job...

:D :D

User avatar
stickerboy
Former Team Member
Posts: 7349
Joined: Mon Mar 29, 2004 2:27 pm
Location: Airdrie, UK (127.0.0.1)
Name: Kenny Cameron
Contact:

Post by stickerboy » Mon Jan 22, 2007 12:22 am

Glad to see it's finally released.
Nice work drathbun :)
I'm a web-designing code-decrypting tech-support musician
|| Twitter || Flickr || BandCamp || phpBB Snippets ||
Formerly known as cherokee red

User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Post by drathbun » Mon Jan 22, 2007 2:11 pm

So much for reserving the first posts for FAQ :lol:

There is one minor change from 1.2.1 (contained a security fix) to 1.2.2 (released version). I posted the changes in the DEV topic and will copy them here shortly.

Release party is at my house. 8)
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image

User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

FAQ

Post by drathbun » Mon Jan 22, 2007 2:21 pm

Frequently Asked Questions... please read the questions and see if your question is here. If it is, scroll down in the post to find the answer.
  • What does this MOD do?
  • Does this MOD replace the existing permissions system?
  • How do I use it?
  • Will this MOD make my board more difficult to upgrade?
  • I have "unknown" for several groups. Can I fix that?
  • I have pages outside of the phpBB script path. Can I still use this MOD?
  • I want to add new pages, can I do that?
  • eXtreme Styles clears out my cache, what can I do?
  • I want guests to be able to view topic subjects but they have to be registered to read them. Can I do that?
  • I want "bots" to be able to view content that regular users cannot.
  • Does it work with PostgreSQL? Other databases?
  • I can't run SQL commands, did you write an installer?
  • Does it work with Category Hierarchy? or with <insert MOD here>?
  • Does it work with EasyMOD?
  • Can this MOD be used to replace other MODs?
What does this MOD do?
In a nutshell, you can set an access level for any php page that includes the phpBB session handling logic in it. Access levels include:

Public (Guest)
Registered
Private
Moderator
Administrator

If you set a page permission to Registered then only users that are logged in can view that page. Private requires membership in a group. Group membership is checked before granting access to a page. Moderator access simply checks moderator status. So if you have users that are moderators for only one forum (as opposed to board-wide moderators which is more common) they will still be able to access moderator level pages.

Are there other options?
Sure. Pages can require (in addition to access levels) certain post counts. For example, I don't allow access to the memberlist on my board until a member has reached a set post count, even if they are registered. So in this case the access level would be Registered and the minimum post count would be 5.

Sounds cool, anything else?
Yes, there's more! This MOD provides a page counter for each page that you set up. If you don't want to use the access control features you can still use the page counter. I find that I want to know not just how many pages my server is providing, but which pages my users are using. And the counter is broken down into Guest views and Registered User views.

You may turn this feature off to improve performance if you like, but it only adds one query to your board.

Anything else?
Yes, there's still more! :-D You can disable individual pages while you are working on them without disabling the entire board. You can provide a custom disable message for each page. So if you are installing a MOD on the memberlist and you don't want users to see errors while you are working, you can disable the memberlist page and users will receive a custom message like, "The memberlist is currently offline for maintenance" or whatever you like. As a board admin you can still access the page even while it's disabled so you can test the code changes you are making.

Does this MOD replace the existing permissions system?
No, it does not. It supplements it. But you would not want to use this MOD to grant access to forums.

How do I use it?
Here's a screen shot of the admin control panel (ACP) page:

Image

The first column is a list of pages that you want to count or protect. You don't have to list every page here if you don't want to; the ones shown here are fairly standard. You can see the different columns for guest and member views. The series of checkboxes lets you enable or disable an entire group of pages all at once without having to edit them individually. The Access Level shows you the minimum level of user that is allowed to access the page. A moderator is also registered, and so can see all pages that require "Registered" access. The min / max posts is shown here; note that in this case you must be registered and have at least one post before you can view the memberlist.

Clicking Add new page will allow you to add a new page to your list. Any page that is not listed here will not be protected and no page view counters will be incremented.

Clicking Update Selected Pages will process the checkboxes for disabling pages. This features was requested during development to make it easy to disable more than one page at a time, and I felt it was an excellent suggestion. This way you can disable any number of pages all at once by clicking the checkboxes and then clicking the "update" button.

Clicking Rebuild cache will rebuild your cache file if it has become corrupted. Since the page permissions don't change very often the permissions information is cached to a file in the /cache folder. If for some reason your cache is destroyed or becomes out of date you can refresh it here. Making any alterations to the configuration information (by adding / editing / removing a page or even the using the Update Selected Pages button) will automatically update the cache.

The Increment page view counters option allows you to turn that feature on or off. If you turn off page view counters your guest views and member views will not be incremented, but you will save one update query per view on each protected page. That setting is stored in the phpbb_config table and defaults to "on" should that row ever be removed from your database because of an upgrade or any other reason.

One item that might need explaination is the Page Name. You might have noticed that there are two entries for profile.php. One is for viewing profiles, and the other is for new user registration. When you add a new page to the list you have the opportunity to include a URL parameter like "mode" to help distinquish one function of a particular page from another function. You can even use this to allow users to see a forum on the index but require a certain access level in order to view topics from that forum. To be honest, while this MOD would work for that, the "Forum Auth by Post Count" is a better choice, and it is fully compatible with this MOD.

Here's a shot of the Edit page:
Image
On this page I show the memberlist.php settings. You can see the custom disable message which will be displayed if I ever disable that page. At the moment it has not been disabled. The Access level is set to Registered meaning guests cannot view the page; they will be prompted to log in first. And even a user that is logged in must have at least one post in order to view the page. And the best part? There is not one single line of code of memberlist.php that has been changed by this MOD. 8) It's all done via the session handling process. If you have a valid session and you request a valid page then it can be protected via this MOD.

The other important fields on this screen are the Parameter and Value. This is how we can protect pages that have more than one function. The default installation sets the access level to Registered for viewing profiles (profile.php?mode=viewprofile) while allowing guests to click to the registration page (profile.php?mode=register). If guests had to be registered before they could register for your board that would be a bit of a problem. ;-)

At this time I only allow for a single parameter=value pair. I did not find any reason to need more than one, and the added complexity was more than I felt was needed. At some future date if there is a compelling reason to add this I will consider it. I do not need more than one parameter for any of the boards where I am using this MOD.

Will this MOD make my board more difficult to upgrade?
In theory, installing any MODs makes your board more difficult to update. However I have used external language files and mostly external code for this MOD. You do NOT have to alter the php code for every page you want to protect, which is nice! You only modify several standard phpBB files (common.php, constants.php, and functions.php) so any updates are fairly simple. Or just about as simple as they can be for a MOD with the features that this one has.

I have "unknown" for several groups. Can I fix that?
I have written code for all of the standard group types in phpBB. If you have installed a MOD that includes new group types, then they should have included code in includes/constants.php that defined the new group types. If so, you can open admin/admin_page_permissions and find the code that sets up the text for each group type and include those new groups. Someone suggested they had added a PayPal MOD that included a new group type called "Paid". If that MOD included a constant called GROUP_PAID and a language entry called $lang['Group_paid'] (I'm guessing) then the code to fix the list would look like this:

Code: Select all

			switch ($group_row['group_type']) 
			{ 
				case GROUP_OPEN: 
					$group_type = $lang['Group_open']; 
					break; 
				case GROUP_CLOSED: 
					$group_type = $lang['Group_closed']; 
					break; 
				case GROUP_HIDDEN: 
					$group_type = $lang['Group_hidden']; 
					break; 
				case GROUP_PAID: 
					$group_type = $lang['Group_paid']; 
					break; 
				default: 
					$group_type = 'Unknown'; 
			}
If the group constant or language entry is different then you would have to do a bit of investigation. Note that this MOD will function just fine without these changes.

I have pages outside of the phpBB script path. Can I still use this MOD?
With this release, no. It only works on pages within the same location as your forum files. I hope to add this to a future release, but at this point I am not even working on that.

I want to add new pages, can I do that?
Sure! There is even a tutorial and a sample script contained within the /contrib folder that will help you get started. Just unzip "newpage.zip" and load it onto your server. You can copy "newpage.php" to whatever filename you like, edit the template, and you are all set. The instructions include information on how to properly set up your new page so that it appears as a valid location in the "Who's Online" screen as well.

eXtreme Styles clears out my cache, what can I do?
Bug the eXtreme Styles MOD author to fix their code. :-P Seriously, the eXtreme Styles MOD is very popular and for a very good reason. I use it myself. But the routine that totally clears out the cache folder does just that: it totally clears out the folder. There is a list of exclusions contained within the code, so that "known" MODs do not get affected. For example, the Attachment MOD cache file is protected. There are instructions in the MOD Author notes as to how to prevent this from happening, and I have reproduced them here:
OPEN

Code: Select all

admin/xs_cache.php
FIND

Code: Select all

$skip_files = array(
	'.',
	'..',
	'.htaccess',
	'index.htm',
	'index.html',
	'index.php',
	'attach_config.php',
	);
IN-LINE FIND

Code: Select all

);
IN-LINE BEFORE, ADD

Code: Select all

	'cache_page_permissions.php'
Note that in my version this line
'attach_config.php',
has an extra comma at the end, which should not be there. If your version does not have this extra comma then you will need to add one in order to avoid a syntax error, then add in the extra line as noted above. The final block of code should look something like this:

Code: Select all

$skip_files = array(
	'.',
	'..',
	'.htaccess',
	'index.htm',
	'index.html',
	'index.php',
	'attach_config.php',
	'cache_page_permissions.php'
	);

That should fix is so that if you clear out the cache folder using the eXtreme Styles process that your cache file remains.

I want guests to be able to view topic subjects but they have to be registered to read them. Can I do that?
Interesting question, and the answer is Yes. :-) You cannot do that with the standard phpBB permissions system. But with this MOD in place you can set permissions on viewforum.php to Public and set permissions on viewtopic.php to Registered. That means that anyone can view the list of topics, but in order to actually read them they have to be logged in.

I want "bots" to be able to view content that regular users cannot.
Well, hm. I have no idea how to do that, and won't be adding that feature to this MOD.

Does it work with PostgreSQL?
Member R45 posted the required schema changes for PostgreSQL here. I have not tested with databases other than MySQL. If you can get the tables created then you should be fine.

I can't run SQL commands, did you write an installer?
I did not, but you can find several on the web including the following:
http://phpbbstyles.com/sql.php
http://www.phpbbhacks.com/forums/db_generator.php
Please do not post in this topic asking for support on those utilities. I did not write them and do not support them, I am only linking for your convenience.

Does it work with Category Hierarchy? or with <insert MOD here>?
I do not know, test it and see. I did not write it specifically to support Category Hierarchy but it might work. I do not intend to test every other released MOD with this one to determine compatibility, if you are interested in trying it with another MOD make sure you have backups and give it a try. If it works, feel free to post a note in this topic and I will update it.

Does it work with EasyMOD?
It's supposed to, as that's part of the standard MOD validation process. But I do not personally use EasyMOD and do not offer support for it. I have seen posts where EasyMOD has some complaints about perfectly valid SQL that are not always correct.

Can this MOD be used to replace other MODs?
Yes, actually, there are quite a few MODs that can be replaced by this one single MOD. And in many cases this MOD (Page Permissions) is easier to handle during upgrades because there are really very few edits to existing phpBB program files. Some examples of MODs that this can replace:
  • Any MOD that protects the member listing, as Page Permissions can
    • Restrict access to logged in users only
    • Set a minimum post count required to view the memberlist
    • Restrict access to the memberlist to Moderators or Administrators
  • MODs that disable the ability to register, as Page Permissions allows you to disable that specific feature of profile.php while also adding a specific disable message
  • MODs that prevent guests from viewing user profiles (same reasons as given above for protecting memberlist)
  • MODs that disable your board while still allowing the Admin to use it (for testing new features, as an example). Simply disable every page on your list. Admins are exempt from the page disable process, so you (as admin) are free to do anything on the board while other users will see whatever message you issue.
And the best part, in my opnion, is that all of these options are available without having to edit other files like memberlist.php or profile.php or index.php! Since everything is tied to the session handler, and since every phpbb page calls that code, the changes are all handled in a central location.
Last edited by drathbun on Thu Feb 15, 2007 3:44 am, edited 2 times in total.
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image

simon78
Registered User
Posts: 35
Joined: Sat Dec 23, 2006 4:53 pm
Location: In Front Of PC
Contact:

Post by simon78 » Mon Jan 22, 2007 3:04 pm

any demo shot ..... :lol: :lol: :lol:

User avatar
Fridge
Registered User
Posts: 307
Joined: Sat Nov 11, 2006 1:41 am
Location: Rotterdam, The Netherlands
Name: Martin
Contact:

Post by Fridge » Mon Jan 22, 2007 3:05 pm

Awsome mod, using it for a while now and its working great :D

Congratulations with the validation 8)

User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Post by drathbun » Mon Jan 22, 2007 4:44 pm

simon78 wrote: any demo shot ..... :lol: :lol: :lol:

I just updated the FAQ post, you were a bit too fast with your question. :-)

The FAQ post includes a description of the functions / features of this MOD along with some suggested uses. I also reviewed the development topic and copied some of the questions and answered them as well. There really isn't a way to create links within a post so I listed all of the questions at the top of the post. If you see a question that you want the answer for, simply scroll down through the post.

Thank you to everyone that participated in the development topic. Your comments and feedback helped make this MOD what it ultimately became. I use this MOD on every board I manage. It's the first MOD I install. I hope you find it useful. 8)
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image

User avatar
Dog Cow
Registered User
Posts: 2491
Joined: Fri Jan 28, 2005 12:14 am
Contact:

Post by Dog Cow » Mon Jan 22, 2007 10:13 pm

Sorry for stealing first post!! :oops:
Moof!
Mac GUI Vault: Retro Apple II & Macintosh computing archive.
Inside Allerton bookMac GUIMac 512K Blog

User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Post by drathbun » Mon Jan 22, 2007 11:34 pm

Dog Cow wrote: Sorry for stealing first post!! :oops:

No problem. :-) It's not like you were the only one that got to post before I did. :-P
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image

User avatar
stickerboy
Former Team Member
Posts: 7349
Joined: Mon Mar 29, 2004 2:27 pm
Location: Airdrie, UK (127.0.0.1)
Name: Kenny Cameron
Contact:

Post by stickerboy » Tue Jan 23, 2007 1:46 am

eeps, sorry drath. :oops:
maybe you could ask the dev's to insert a post for you :wink:
I'm a web-designing code-decrypting tech-support musician
|| Twitter || Flickr || BandCamp || phpBB Snippets ||
Formerly known as cherokee red

User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Post by drathbun » Tue Jan 23, 2007 2:52 am

Yeah, like that's going to happen. :-P It's no worries, I got my FAQ post on the first page, that's fine. Because if I wanted to abuse my moderator permissions (and get kicked off the team, surely) I could just delete all of those posts... :twisted:

I won't be doing that.
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image

Post Reply

Return to “[2.0.x] MOD Database Releases”

Who is online

Users browsing this forum: No registered users and 11 guests