MODS.DB9.DK

[Niels]

I have recived this in a PM

Does Extra permission give access to avatars etc? is there alist of what it can give/remove from user?

since extra mod is a mod, witch may change permission into any phpBB2 file, depending on the users permission or usergroup permission, I have "only" included examples about how to use this.....

e.g. I have included the code into memberlist.php witch control who may read (use) the file.

in same maner, you may apply this into profile.php (yes profile.php)
// Added for Extra permission MOD
// Start auth check
//
$is_auth = array();
$is_auth = auth(AUTH_ALL, PAGE_PROFILE, $userdata);

if( !$is_auth['auth_read'] )
{
$message = ( !$is_auth['auth_view'] ) ? $lang['Not_Authorised'] : sprintf ($lang['Sorry_no_auth'],$is_auth['auth_read_type']);
message_die(GENERAL_MESSAGE, $message);
}
//
// End auth check
//


then indside usercp_register.php
you simply use

if ($is_auth['auth_read'] )
{
do this, do that (upload avatar)

} else
{
do something else, ( display a error)
}

please note, in this example I have used "auth_read" you may e.g. use "auth_post" to determen who may upload avatars or any other auth (see ACP -> forum permission "advanced mode" about with you may use).

do not use auth_view,auth_read,auth_mod for "custom" code like yours.

when this is done, your "avatar" upload control will both work as a usergroup permission, aswell as a induvidual user permission...since extra permission control mod works with both

The auth_ for uploading an avatar on the usercp - what is it? or doesn't it matter? or can you make your own...?

Dont understand the auth function, dont suppose you could break it down for me?

so I will try explain in the following post

[Niels]

After the extra permision mod is installed, you may into any phpBB2 or selfmade file include some code in the file, witch makes it control witch users may use special features inside that specific file.

by default you can in ACP apply PRIVATE permissions to a usergroup per "forum" after this mod you may apply same types of permission into other files.
as you know the permissions you may apply to a forum is:
VIEW,READ,POST,REPLY, EDIT,DELETE,STICKY,ANNOUNCEMENT,POLL,VOTE and MOD

thise make sence when talking about a forum, but really, it does not when talking about any other page
I have desided NOT to change this behaiver, so the permissions are named the same, but can be used for something completely different.
VIEW can still be used, same with MOD, and I have desided to "reserve" READ as a permission for USE
any of the other permissions may be used by you for custom permission control.

e.g. if you would like to restrick the posibility to upload avatart to users of one or more usergroups, you may do this with the following steps.

1. add need SQL to your DB
2. modify profile.php/usercp_register.php
3. change the permission inside ACP
4. grant the usergroup(s) the permission needed...

as for #1, you need to add a entry in the DB witch corrospond to the page you are modding, in this case PROFILE.PHP
so we would add a sql like this (db_update.php format)

Code: Select all

'INSERT IGNORE INTO ' . FORUMS_TABLE . ' (forum_id ,cat_id, forum_name, forum_desc, forum_status )
VALUES ("'.PAGE_PROFILE.'", "0", "PROFILE PAGES", "Profile view / edit Control", 1)',

as for #2, modifying profile.php
in the top of profile.php you need to add the permission control "loading" same as for the memberlist.php included in the mod - where is though some minor changes

Code: Select all

[FIND]
// End session management
//

[AFTER, ADD]
// Added for Extra permission MOD
// Start auth check
//
$is_auth = array();
$is_auth = auth(AUTH_ALL, PAGE_PROFILE, $userdata);

if( !$is_auth['auth_read'] )
{
   $message = ( !$is_auth['auth_view'] ) ? $lang['Not_Authorised'] : sprintf ($lang['Sorry_no_auth'],$is_auth['auth_read_type']);
   message_die(GENERAL_MESSAGE, $message);
}
//
// End auth check
//

now you may anywhere inside profile.php and usercp_xxx.php use the $is_auth variable
e.g.

Code: Select all

if ($is_auth['auth_post'])
.....some code, only accesble for users with permission

this would in the case of avatars, go some places into the usercp_register.php file...mainly you would have to find this

Code: Select all

[FIND ALL]$board_config['allow_avatar_upload']
[REPLACE WITH ALL]
$board_config['allow_avatar_upload'] && $is_auth['auth_post']

witch should do as you wish (I haven't tested this)

step #3 is to go into ACP forum permission and look up the forum named "PROFILE PAGES" (witch is not a forum)
set the VIEW = ALL, READ = ALL and POST = PRIVATE

step #4 look up the usergroup(s) in question and set the permision to on for "POST"
now only users members of the usergroup(s) may upload avatars.
you may ofcouse also apply this for a single user instead of a usergroup.

[Niels]

se also this:
http://mods.db9.dk/viewtopic.php?t=3529

[baud2death]

So....Instead of view, post, poll, etc applying to forum restrictions, they instead apply to file restrictions. In a forum, view, read, poll are all self explanatory... when it comes to files these are undefined? yes?

So all we need to do is define what auth_poll or auth_sticky does to a file and then set it in the ACP yes?

So..

Step1.
Set Auth_Poll to Private
Step2.
Create avatar_allowed group and set group permissions to allowed access for Auth_Poll to ON
Step3.
When user has 100 posts, add to avatar_allowed group
Step4.
process action so that everytime a user wants to change their profile, the auth_poll for user_cpregister is checked, if it is set to ON then you can change, else you cant

Have i got this right?

[Niels]

they instead apply to file restrictions

I would'nt say "file", "code" would be more apropiate to use

So all we need to do is define what auth_poll or auth_sticky does to a file and then set it in the ACP yes?

yes, you deside what auth_poll should be used for when a user visit e.g. "view profile page" the user deos not know that auth_poll is used, as this only show in ACP and in the php files. - you as admin have to "translate" the poll permission into some other use.

Step3.

this is another mod (auto group)

beside this you got it

[baud2death]

Cool... would be really easy if there was a seperate admin control page that redefined the controls with the modified option. This would prevent from forgetting what we have done

I.E.

Instead of going into forum permissions and group permissions in the main acp - why not create a seperate grouping for:

File Group Permissions
File Forum Permissions

And it could give us a description of what we have coded.... but then again im giving you more hard work. I would suggest also bundling in some sample drop down commands too.

Like
When post count reaches [ ]
perform [drop down:Avatar Upload allowed, file attachment allowed, etc]

[baud2death]

Code: Select all

'INSERT IGNORE INTO ' . FORUMS_TABLE . ' (forum_id ,cat_id, forum_name, forum_desc, forum_status )
VALUES ("'.PAGE_PROFILE.'", "0", "PROFILE PAGES", "Profile view / edit Control", 1)',

Um... I tried adding this to the db_update, but it is comming up with Parse error: parse error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ')' in c:\inetpub\wwwroot\phpBB2\extra_p_db_udpate.php on line 38
(using it on my local test server)

[Niels]

it seam like you haven't made the db_updat.php correctly - only replace the code inside the ARRAY with the provided code