FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » How To » setting up user groups and permissions
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
setting up user groups and permissions [message #163117] Wed, 29 September 2010 03:30 Go to next message
roymurray is currently offline  roymurray   United States
Messages: 2
Registered: September 2010
Karma: 0
Junior Member
FUDforum 3.0.1
I must be missing something.
I set up a group full-member with permissions for members when they are added, but they dont seem to get the correct permissions.
Members are added by a program called Amember which puts them in the group but they have no permissions.
Re: setting up user groups and permissions [message #163121 is a reply to message #163117] Wed, 29 September 2010 05:54 Go to previous messageGo to next message
naudefj is currently offline  naudefj   South Africa
Messages: 3771
Registered: December 2004
Karma: 28
Senior Member
Administrator
Core Developer
Can you please provide more info?
Have you done the "Amember" integration yourself?
Can you please post the code?
Re: setting up user groups and permissions [message #163124 is a reply to message #163121] Thu, 30 September 2010 12:11 Go to previous messageGo to next message
Ernesto is currently offline  Ernesto   Sweden
Messages: 413
Registered: August 2005
Karma: 0
Senior Member
Have you properly assigned all relevant forums to "full-member" in admin->group manager. Remember to hold down CTRL to highlight all the forums you require override of default registered user settings

Re: setting up user groups and permissions [message #163207 is a reply to message #163117] Fri, 08 October 2010 02:41 Go to previous message
roymurray is currently offline  roymurray   United States
Messages: 2
Registered: September 2010
Karma: 0
Junior Member
Kwoteer:
Have you properly assigned all relevant forums to "full-member" in admin->group manager. Remember to hold down CTRL to highlight all the forums you require override of default registered user settings


Yes they are set as:
Full-Member Y Y Y Y Y N N Y N Y Y N N N Y Y Y
For about 10 forums.

The code is being updated by Amember's
<?php

if (!defined('INCLUDED_AMEMBER_CONFIG')) 
    die("Direct access to this location is not allowed");
class protect_fudforum extends amember_integration_plugin {
	
	// get groups for select
	function get_groups(){
		global $config, $db;
		if (!$this->config['db']) return array();
		$q = $this->query("SELECT id, name
			FROM [db]groups
			WHERE id>1
			");
		$res = array('' => '*** No integration ***');
		while (list($i, $n) = mysql_fetch_row($q)){
			if (in_array($i, (array)$this_config['denied_levels'])) continue;
			$res[$i] = $n;
		}
		return $res;
	}
	
	
	// return access for given user
	// then calling script must assign $this_config['default_level']
	function get_max($state){
		global $db;
		$ff_products = $this->get_products();
		$res = array();
		foreach ((array)$state as $product_id => $status){
			if (!$status) 
				continue;
			if (!$ff_products[$product_id]) 
				continue;
			$res[ $ff_products[$product_id] ]++;
		}
		$res = array_unique(array_keys($res));
		return $res;
	}
	
	function get_products(){
		global $db,$ff_products;
		if($ff_products) return $ff_products;
		## find products # which allow access to fudforum
		$ff_products = array();
		foreach ($db->get_products_list() as $p)
			if ($p['fudforum_access']) $ff_products[ $p['product_id'] ] = $p['fudforum_access'];
		return $ff_products;
	}
		  
	function subscription_rebuild(&$users)
	{
		global $db;
		// check all members from aMember DB
		foreach ($users as $login => $rec)
		{
			$m = $db->users_find_by_string($login, 'login', 1);
			$m = $m[0];
			if ($m['login'] == $login)
				$this->subscription_added($m['member_id'], 
					$rec['product_id'][0], $m);
		}
	}
	
	function update_groups($member,$max){
		
		$id = $this->query_one("SELECT id FROM [db]users WHERE login = '$member[login]'");
		if(!$id) return;
		$this->query("DELETE from [db]group_members where user_id='$id' AND group_id not in (".implode(',',$max).")");
		foreach($max as $group_id)
			$this->query($s="INSERT IGNORE into [db]group_members (user_id,group_id,group_members_opt) values('$id','$group_id',65536)");
	}
	function generate_salt()
	{
		return substr(md5(uniqid(mt_rand(), true)), 0, 9);
	}

	function subscription_added($member_id, $product_id, $member){
		global $db, $config;
	
		$max = $this->get_max($member['data']['status']);
		if(!$max) return;
		
		foreach ($member as $k=>$v)
			$member[$k] = $db->escape($v);
	
		$q = $this->query("SELECT id, passwd
			FROM [db]users
			WHERE login = '$member[login]'
			");
		list($id, $p) = mysql_fetch_row($q);
		$salt  = $this->generate_salt();
		$pass = sha1($salt . sha1($member['pass']));
		$tm = time();
		$users_opt = 4619189;
		/*
		users_opt
000010001000111101110110101		
000010001100111101110110101
000000000000000000000000001	1 = display_email (ON/OFF) 
000000000000000000000000010	2 = notify (ON/OFF) 
000000000000000000000000100	4 = notify_method (EMAIL/ICQ) (ICQ notification is no longer used) 
000000000000000000000001000	8 = ignore_admin (ON/OFF) 
000000000000000000000010000	16 = email_messages (ON/OFF) 
000000000000000000000100000	32 = pm_messages (ON/OFF) 
000000000000000000001000000	64 = pm_notify (ON/OFF) 
000000000000000000010000000	128 = default_topic_view (MSG/TREE) 
000000000000000000100000000	256 = default_message_view (MSG/TREE) 
000000000000000001000000000	512 = gender (UNSPECIFIED) 
000000000000000010000000000	1024 = gender (MALE/FEMALE) 
000000000000000100000000000	2048 = append_sig (ON/OFF) 
000000000000001000000000000	4096 = show_sigs (ON/OFF) 
000000000000010000000000000	8192 = show_avatars (ON/OFF) 
000000000000100000000000000	16384 = show_im (ON/OFF) 
000000000001000000000000000	32768 = invisible_mode (ON/OFF) 
000000000010000000000000000	65536 = blocked (ON/OFF) 
000000000100000000000000000	131072 = email_conf (ON/OFF) 
000000001000000000000000000	262144 = coppa (ON/OFF) 
000000010000000000000000000	524288 = is_mod (ON/OFF) 
000000100000000000000000000	1048576 = is_admin (ON/OFF) 
000001000000000000000000000	2097152 = acc_status (PENDING/APPROVED) 
000010000000000000000000000	4194304 = avatar_approved (No Avatar) 
000100000000000000000000000	8388608 = avatar_approved YES 
001000000000000000000000000	16777216 = avatar_approved NO 
010000000000000000000000000	33554432 = admin disabled PM (ON/OFF) 
100000000000000000000000000	67108864 = admin disabled signature (ON/OFF) 
000000000000000000000000000	134217728 = do not send e-mail notifications (ON/OFF) 
000000000000000000000000000	268435456 = account moderator (ON/OFF)
*/
		if (!$p)  {
			$this->query($s = "INSERT INTO [db]users
	SET
		login            = '$member[login]',
		alias            = '$member[login]',
		passwd           = '$pass',
		salt			 = '$salt',
		name             = '$member[name_f] $member[name_l]',
		email            = '$member[email]',
		avatar           = '0',
		avatar_loc       = '',
		icq              = '',
		aim              = '',
		yahoo            = '',
		msnm             = '',
		jabber           = '',
		affero           = '',
		posts_ppg        = '0',
		time_zone        = 'America/New_York',
		bday             = '',
		conf_key         = '0',
		user_image       = '',
		theme            = '1',
		posted_msg_count = '0',
		last_visit       = '0',
		referer_id       = '0',
		last_read        = '0',
		custom_status    = '',
		sig              = '',
		join_date         = '$tm',
		level_id         = '0',
		reset_key        = '0',
		u_last_post_id   = '0',
		home_page        = '',
		bio              = '',
		cat_collapse_status = 'YES',
		custom_color     = '',
		users_opt='$users_opt'");
	
			$id = mysql_insert_id();
		} else {
			$this->query($s = "UPDATE [db]users
			SET passwd = '$pass', salt = '$salt'
			WHERE login = '$member[login]'
			");
		}
		$this->update_groups($member,$max);
	}
	
	function subscription_updated($member_id, $oldmember, $newmember){
		global $db, $config;
	
		$salt  = $this->generate_salt();
		$pass = sha1($salt . sha1($newmember['pass']));

		$email = $db->escape($newmember['email']);
	
		$this->query($s = "UPDATE [db]users
		SET passwd = '$pass', 
		salt = '$salt',
		email = '$newmember[email]', 
		login = '$oldmember[login]'
		WHERE login = '$oldmember[login]'
		");
	}
	
	function subscription_deleted($member_id, $product_id, $member){
		global $db, $config;
	
		$product = $db->get_product($product_id);
		if (!$product['fudforum_access']) return;
	
		if (!$max=$this->get_max($member['data']['status']))
			$this->query("DELETE FROM [db]group_members WHERE user_id=$id");
		else
			$this->update_groups($member,$max);
	}
	
	function subscription_removed($member_id, $member){
		global $db, $config;
		$q = $this->query("SELECT id, passwd
			FROM [db]users
			WHERE login = '$member[login]'
			");
		list($id, $p) = mysql_fetch_row($q);
		if (!$id) return;
	
		$this->query("DELETE FROM [db]group_members WHERE user_id=$id");
	}
	/*
		$q = $this->query("SELECT user_pass, user_email FROM [db]users WHERE user_login = '$login'");
		list($user_pass, $user_email) = mysql_fetch_row($q);
		if (!$user_pass && !$user_email) return true;
		if ($user_email != $email || !$this->wp_check_password($pass, $user_pass))
		{
			return false;
		} else {
			return true;
		}
	}

	*/
	function subscription_check_uniq_login($login, $email, $pass){
		global $db, $config;
		$login = $db->escape($login);
		$email = $db->escape($email);
		
		
		$f = $this->query_first("SELECT passwd,salt,email from [db]users where login='$login'");
		if(!$f['email']) return true;
		$fpass = sha1($f['salt'].sha1($pass));
		if ($email != $f['email'] || $pass!=$fpass)
		{
			return false;
		} else {
			return true;
		}
	}
	
	function ses_make_sysid()
	{
		$keys = array('HTTP_USER_AGENT', 'SERVER_PROTOCOL', 'HTTP_ACCEPT_CHARSET', 'HTTP_ACCEPT_ENCODING', 'HTTP_ACCEPT_LANGUAGE');
		foreach ($keys as $v) {
			if (isset($_SERVER[$v])) {
				$pfx .= $_SERVER[$v];
			}
		}
		return md5($pfx);
	}
	
	function after_login($user){
		global $db, $config;
		
		if ($_SESSION['_amember_ff_cookies_set'])
			return;
	
		session_register('_amember_ff_cookies_set');
	
		$user_login = $db->escape($user['login']);
		foreach ($user as $k=>$v) $user[$k] = $db->escape($v);
		$q = $this->query($s="SELECT *
				FROM [db]users
				WHERE login='$user_login'");
		$member=mysql_fetch_assoc($q);
		if (!$member['id']) return;
		foreach ($member as $k=>$v) $member[$k] = $db->escape($v);
		$hash = $this->ses_make_sysid();
		if ($s_cookie = $_COOKIE['fud_session']) {
			$s_cookie = $db->escape($s_cookie);
			$this->query("DELETE FROM [db]ses WHERE 
				sys_id = '$hash'
				AND ses_id <> '$s_cookie'");
	
			$this->query($s = "UPDATE [db]ses SET 
			time_sec=UNIX_TIMESTAMP(NOW()),
			sys_id='$hash',
			user_id='$member[id]'
			WHERE id='$s_cookie'");
			$q = $this->query($s="SELECT COUNT(*) 
			FROM [db]ses WHERE ses_id='$s_cookie'");
			list( $updated ) = mysql_fetch_row($q);
		}
		if (!strlen($s_cookie) || !$updated){
			$s_cookie = md5( uniqid(microtime()) );
			$this->query($s = "DELETE FROM [db]ses
			WHERE sys_id='$hash' OR user_id='$member[id]'");
			$this->query($s = "INSERT INTO [db]ses
			(ses_id, sys_id, user_id, time_sec)
			VALUES
			('$s_cookie', '$hash', '{$member[id]}', UNIX_TIMESTAMP(NOW())
			)
			");
	//        print($s);
			setcookie("fud_session", $s_cookie, 0, '/');
		}
		
		$GLOBALS['_amember_ff_cookies_set'] = 1;
		$_SESSION['_amember_ff_cookies_set'] = 1;
		session_register('_amember_ff_cookies_set');
		$GLOBALS['_amember_ff_cookies_set'] = 1;
		$_SESSION['_amember_ff_cookies_set'] = 1;
	}
	
	function after_logout(){  
		global $db, $plugins;
		
		if ($_SESSION['_amember_logged_from_ff'] ||
			$_SESSION['_amember_ff_cookies_set']){
			// need to do logout in fudforum too
			// Update the DB
			$sid = $_COOKIE['fud_session'];
			$sid = $db->escape($sid);
			$this->query($s = "DELETE FROM [db]ses 
						 WHERE ses_id='$sid'");
		}
	}
	
	function check_logged_in(){
		// check if user already logged-in with fudforum
		// must return array($login, $pass)
		// of logged-in fudforum customer or empty values
		global $db,$config;
		$sid = $db->escape($_COOKIE['fud_session']);
		if ($sid){
			$bb_user_id = $this->query_one("SELECT user_id FROM [db]ses WHERE ses_id='$sid'");
			$bb_user = $this->query_first("SELECT * FROM [db]users WHERE id='$bb_user_id'");
			$q = $db->query("SELECT 
				MD5(am.pass) = '$bb_user[passwd]' OR
				am.pass = '$bb_user[passwd]', am.login, am.pass
				FROM {$db->config[prefix]}members am 
				where am.login = '$bb_user[name]'");
			list($correct, $l, $p) = mysql_fetch_row($q);
			if ($correct){  
				
				$_SESSION['_amember_logged_from_ff']=1;
			} else {
				$l = $p = '';
			}
		}
		return array($l,$p);
	}
	function add_config_items($notebook_page)
	{
		$pn = $this->get_plugin_name();
		parent::add_db_config_items($pn, $notebook_page);
	}
	function init()
	{
		$pn = $this->get_plugin_name();

		parent::init();
		add_product_field("{$pn}_access",
			'FudForum access', 'select', "users ordered this product will<br />
			belong to the following group in FudForum", '',
			array('options' =>  $this->get_groups()
			));
	} 
	
	/**
	 * Checks if table is exists in mysql connection
	 * @return boolean true if exists
	 */
	function check_db_prefix($mysql_connection_id, $db_prefix)
	{
		global $db;
		if($res=mysql_query("SELECT * FROM {$db_prefix}users LIMIT 1", $mysql_connection_id))
		{
			if (preg_match("/SELECT command denied to user[:]? '(.+?)[']?@.+' for table '(.+?)'/i", @mysql_error($mysql_connection_id), $regs))
			{
				$db_name = preg_replace('/\..+$/', '', $db_prefix);
				$error="Error: ". @mysql_error($mysql_connection_id) . ".<br />Please go to webhosting control panel -> MySQL database section <br />and allow access(add user to database) for user [$regs[1]] to database [$db_name].";
			}
			elseif (@mysql_errno($mysql_connection_id))
			{
				$error="DB - [$db_prefix] - incorrect value. Error: " . @mysql_error($mysql_connection_id);
			}
		}
		else
		{
			$error="DB - [$db_prefix] - incorrect value. Error: " . @mysql_error($mysql_connection_id);
		};
		if($error)
		{
			$db->log_error(ucfirst($this->get_plugin_name())." plugin error: ".$error);
			return $error;
		}
		return;
	}
	
	function check_db_settings($config){
		if ($config['db'] && $config['host'] && $config['user'] && $config['pass'])
		{
			if(!($conn_id = @mysql_connect($config['host'],$config['user'],$config['pass'],1)))
			{
				$__pass="NO";
				if($config['pass'])$__pass="YES";
				return "Access denied for user '$config[user][email]'@'[/email]$config[host]' (using password: $__pass)";
			}
			else
			{
				list($__db, $dot, $prefix) = preg_split('|(\.)|', $config['db'], -1, PREG_SPLIT_DELIM_CAPTURE);
				if(!@mysql_select_db($__db,$conn_id))
				{
					return @mysql_error($conn_id);
				};
			};
		} 
		else 
		{
			$conn_id = $GLOBALS['db']->conn;
		}
		return $this->check_db_prefix($conn_id, $config['db']);
	}
	function check_db_settings_for_setup($some,$config){
		return $this->check_db_settings($this->__post_config($config));
	}
	function __post_config($config)
	{
		$p="protect";
		$n = $this->get_plugin_name();
		return array(
		'db' => $config["${p}_${n}_db"],
		'host' => $config["${p}_${n}_host"],
		'user' => $config["${p}_${n}_user"],
		'pass' => $config["${p}_${n}_pass"],
		);
	}
}

global $protect_fudforum;
global $plugin_error;
$protect_fudforum = instantiate_plugin("protect", "fudforum");
if($_POST['save'] && $_POST['notebook']=="fudforum")
	$subconf=$protect_fudforum->__post_config($_POST);
else
	$subconf=$config['protect']['fudforum'];
$plugin_error['fudforum'] = $protect_fudforum->check_db_settings($subconf);
if (!$plugin_error['fudforum'])
	$protect_fudforum->init();
?>

  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: maillist debug
Next Topic: Imported user default settings, where to change?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 21 12:50:46 GMT 2024

Total time taken to generate the page: 0.02583 seconds