Adding more security...

This forum is now closed as part of retiring phpBB2.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

This forum is now closed due to phpBB2.0 being retired.
Post Reply
wendas
Registered User
Posts: 11
Joined: Sat Jul 24, 2004 3:37 am

Adding more security...

Post by wendas »

I am trying to build & put, a totally secure area for our boyscout troop web site, using the phpbb registration & login with added items. That way noone needs to login twice, and the phpbb must be as secure as the rest of the site anyway.

For registration I want to put
1. troop login with a password only known to troop members
2. the 13 year old page (not sure if it is fed law when it is a members only site, but Scouts don't like to break the law!)
3. the phpbb registration with removing the profile info & adding other items.

Then lock the forum from veiwing unless you are logged in.

Questions
#1.. I have learned I can lock the groups but not the entire forum to registered members. I looked for a mod & did not find it (in fact no mods seem to deal with changing security, or the registration). But, this seems like a not too uncommon request.. Is there this feature?
#2.. If there is the ability to lock down, what is this code so I can use it on the rest of my pages.. If not I saw a session page going on..(which is more indepth then a normal session.. If I add a session to check for valid logins will I conflict with what you have going on..? If yes where can I learn about session pages?
#3.. When in the login area can I wipe out the link to info on the members & the member groups? we like to keep our kids names secure.
#4.. I know how to get to profile & change the info in the profile area, with the language page and have done so successfully, but if I wanted to change the type of box to a drop down, or the validation checking? what page?

Yes, I know I sound very green, and I am.. But, I am a VB / SQL programmer, just new to php.. So, I can take my lumps & learn this, with a little direction as to the correct path.. Please.. Thanks
SupremeDementia
Registered User
Posts: 30
Joined: Tue Apr 27, 2004 5:51 pm
Contact:

Post by SupremeDementia »

well you can close the entire forum to registered members only. also, you can close the registration procedure, so that way only you and a trusted few can register new members.

would that solve your security needs ?
wendas
Registered User
Posts: 11
Joined: Sat Jul 24, 2004 3:37 am

Post by wendas »

Each FORUM yes, but not the entire site.. I did find something that helped a lot.. It was a mod to Redirect Anonymous to the login page instead of showing user information items.. (groupcp,memberlist,viewonline) I added the same logic to the index page & the search page and I think I got it.. I believe everything is locked down unless you register (YES??)..

Question ? if I do a mod to someones mod.. Can I eventually post that giving them co-credit??? In fact their name first because they did more of this beautiful code, I only did a simple add on.. Or is that taboo?

(this also helped with what I need to put in, & check for the other secureity pages that are part of our web site.. (Obviously not something I can put in a mod, but helpful..) Thank you Stefan Kuhlins (whoever you are.. I will vote yours highly..)

That piece takes care of items 1, 2 & 3... Whoopie!

Question : only # 4 is left.. Can anyone direct me to how I can change a Registration pages field verification & field layout?

Wenda Stephens
ycl6
Translator
Posts: 5696
Joined: Sat Feb 15, 2003 10:35 am
Location: Taiwan
Contact:

Post by ycl6 »

For developing add-ons, I believe as long as you give the original mod author credit, it will be enough. And you will remian as the first author for your add-on.

~Mac
SupremeDementia
Registered User
Posts: 30
Joined: Tue Apr 27, 2004 5:51 pm
Contact:

Post by SupremeDementia »

an easier solution would be to remove the memberlist link from everyone who isnt a moderator. give memberlist.php a new name and you're all set
wendas
Registered User
Posts: 11
Joined: Sat Jul 24, 2004 3:37 am

Post by wendas »

yc16 - I see what you mean, though they by rights deserve top billing for the fact is is more their code then mine, they would not appreciate questions dealing with my part of the code.

SupremeDementia - I may be missing something you are trying to say. It seems this would lock out the member ship list to all but the moderator.

What I want to do isnot allow anyone but the troop members to log in & see anything. We need to offer a safe enviroment for the kids. This is to help those families who fear the stories of wacko's looking for young kids on the internet. So our site needs to lock out anyone who is not a member of the troop. Outsiders should not have any access to seeing or adding to any of the forums, but they also cannot have access to any membership info as it contains the childrens names & email etc.

This pieces locks them out of seeing the information, I still need to add a mod That will put a preface page onto the registration before getting to the age 13 page. This will have a group & preset password for each group that only members of the groups in the troop will know. This will make sure only our members can register. I plan to use the group entry to let me automatically set them with the group permissions for their leadership position, or the patrol they are in.

If successful, I plan to make it a public mod to help other youth group organizations be able to use your forum in a secure, members only, environment.

So although it looks like my personal mod.. I do intend to make it useful to the public.
Post Reply

Return to “[2.0.x] MOD Writers Discussion”

cron