FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » How To » setting up user groups and permissions
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
setting up user groups and permissions [message #163117] Tue, 28 September 2010 23:30 Go to next message
roymurray is currently offline  roymurray   United States
Messages: 2
Registered: September 2010
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
FUDforum 3.0.1
I must be missing something.
I set up a group full-member with permissions for members when they are added, but they dont seem to get the correct permissions.
Members are added by a program called Amember which puts them in the group but they have no permissions.
Re: setting up user groups and permissions [message #163121 is a reply to message #163117] Wed, 29 September 2010 01:54 Go to previous messageGo to next message
naudefj is currently offline  naudefj   South Africa
Messages: 3624
Registered: December 2004
Karma: 17
Senior Member
Administrator
Core Developer
remove from buddy list
ignore all messages by this user
Can you please provide more info?
Have you done the "Amember" integration yourself?
Can you please post the code?
Re: setting up user groups and permissions [message #163124 is a reply to message #163121] Thu, 30 September 2010 08:11 Go to previous messageGo to next message
Ernesto is currently offline  Ernesto   Sweden
Messages: 413
Registered: August 2005
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
Have you properly assigned all relevant forums to "full-member" in admin->group manager. Remember to hold down CTRL to highlight all the forums you require override of default registered user settings

Re: setting up user groups and permissions [message #163207 is a reply to message #163117] Thu, 07 October 2010 22:41 Go to previous message
roymurray is currently offline  roymurray   United States
Messages: 2
Registered: September 2010
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
Kwoteer:
Have you properly assigned all relevant forums to "full-member" in admin->group manager. Remember to hold down CTRL to highlight all the forums you require override of default registered user settings


Yes they are set as:
Full-Member Y Y Y Y Y N N Y N Y Y N N N Y Y Y
For about 10 forums.

The code is being updated by Amember's
<?php

if (!defined('INCLUDED_AMEMBER_CONFIG')) 
    die("Direct access to this location is not allowed");
class protect_fudforum extends amember_integration_plugin {
	
	// get groups for select
	function get_groups(){
		global $config, $db;
		if (!$this->config['db']) return array();
		$q = $this->query("SELECT id, name
			FROM [db]groups
			WHERE id>1
			");
		$res = array('' => '*** No integration ***');
		while (list($i, $n) = mysql_fetch_row($q)){
			if (in_array($i, (array)$this_config['denied_levels'])) continue;
			$res[$i] = $n;
		}
		return $res;
	}
	
	
	// return access for given user
	// then calling script must assign $this_config['default_level']
	function get_max($state){
		global $db;
		$ff_products = $this->get_products();
		$res = array();
		foreach ((array)$state as $product_id => $status){
			if (!$status) 
				continue;
			if (!$ff_products[$product_id]) 
				continue;
			$res[ $ff_products[$product_id] ]++;
		}
		$res = array_unique(array_keys($res));
		return $res;
	}
	
	function get_products(){
		global $db,$ff_products;
		if($ff_products) return $ff_products;
		## find products # which allow access to fudforum
		$ff_products = array();
		foreach ($db->get_products_list() as $p)
			if ($p['fudforum_access']) $ff_products[ $p['product_id'] ] = $p['fudforum_access'];
		return $ff_products;
	}
		  
	function subscription_rebuild(&$users)
	{
		global $db;
		// check all members from aMember DB
		foreach ($users as $login => $rec)
		{
			$m = $db->users_find_by_string($login, 'login', 1);
			$m = $m[0];
			if ($m['login'] == $login)
				$this->subscription_added($m['member_id'], 
					$rec['product_id'][0], $m);
		}
	}
	
	function update_groups($member,$max){
		
		$id = $this->query_one("SELECT id FROM [db]users WHERE login = '$member[login]'");
		if(!$id) return;
		$this->query("DELETE from [db]group_members where user_id='$id' AND group_id not in (".implode(',',$max).")");
		foreach($max as $group_id)
			$this->query($s="INSERT IGNORE into [db]group_members (user_id,group_id,group_members_opt) values('$id','$group_id',65536)");
	}
	function generate_salt()
	{
		return substr(md5(uniqid(mt_rand(), true)), 0, 9);
	}

	function subscription_added($member_id, $product_id, $member){
		global $db, $config;
	
		$max = $this->get_max($member['data']['status']);
		if(!$max) return;
		
		foreach ($member as $k=>$v)
			$member[$k] = $db->escape($v);
	
		$q = $this->query("SELECT id, passwd
			FROM [db]users
			WHERE login = '$member[login]'
			");
		list($id, $p) = mysql_fetch_row($q);
		$salt  = $this->generate_salt();
		$pass = sha1($salt . sha1($member['pass']));
		$tm = time();
		$users_opt = 4619189;
		/*
		users_opt
000010001000111101110110101		
000010001100111101110110101
000000000000000000000000001	1 = display_email (ON/OFF) 
000000000000000000000000010	2 = notify (ON/OFF) 
000000000000000000000000100	4 = notify_method (EMAIL/ICQ) (ICQ notification is no longer used) 
000000000000000000000001000	8 = ignore_admin (ON/OFF) 
000000000000000000000010000	16 = email_messages (ON/OFF) 
000000000000000000000100000	32 = pm_messages (ON/OFF) 
000000000000000000001000000	64 = pm_notify (ON/OFF) 
000000000000000000010000000	128 = default_topic_view (MSG/TREE) 
000000000000000000100000000	256 = default_message_view (MSG/TREE) 
000000000000000001000000000	512 = gender (UNSPECIFIED) 
000000000000000010000000000	1024 = gender (MALE/FEMALE) 
000000000000000100000000000	2048 = append_sig (ON/OFF) 
000000000000001000000000000	4096 = show_sigs (ON/OFF) 
000000000000010000000000000	8192 = show_avatars (ON/OFF) 
000000000000100000000000000	16384 = show_im (ON/OFF) 
000000000001000000000000000	32768 = invisible_mode (ON/OFF) 
000000000010000000000000000	65536 = blocked (ON/OFF) 
000000000100000000000000000	131072 = email_conf (ON/OFF) 
000000001000000000000000000	262144 = coppa (ON/OFF) 
000000010000000000000000000	524288 = is_mod (ON/OFF) 
000000100000000000000000000	1048576 = is_admin (ON/OFF) 
000001000000000000000000000	2097152 = acc_status (PENDING/APPROVED) 
000010000000000000000000000	4194304 = avatar_approved (No Avatar) 
000100000000000000000000000	8388608 = avatar_approved YES 
001000000000000000000000000	16777216 = avatar_approved NO 
010000000000000000000000000	33554432 = admin disabled PM (ON/OFF) 
100000000000000000000000000	67108864 = admin disabled signature (ON/OFF) 
000000000000000000000000000	134217728 = do not send e-mail notifications (ON/OFF) 
000000000000000000000000000	268435456 = account moderator (ON/OFF)
*/
		if (!$p)  {
			$this->query($s = "INSERT INTO [db]users
	SET
		login            = '$member[login]',
		alias            = '$member[login]',
		passwd           = '$pass',
		salt			 = '$salt',
		name             = '$member[name_f] $member[name_l]',
		email            = '$member[email]',
		avatar           = '0',
		avatar_loc       = '',
		icq              = '',
		aim              = '',
		yahoo            = '',
		msnm             = '',
		jabber           = '',
		affero           = '',
		posts_ppg        = '0',
		time_zone        = 'America/New_York',
		bday             = '',
		conf_key         = '0',
		user_image       = '',
		theme            = '1',
		posted_msg_count = '0',
		last_visit       = '0',
		referer_id       = '0',
		last_read        = '0',
		custom_status    = '',
		sig              = '',
		join_date         = '$tm',
		level_id         = '0',
		reset_key        = '0',
		u_last_post_id   = '0',
		home_page        = '',
		bio              = '',
		cat_collapse_status = 'YES',
		custom_color     = '',
		users_opt='$users_opt'");
	
			$id = mysql_insert_id();
		} else {
			$this->query($s = "UPDATE [db]users
			SET passwd = '$pass', salt = '$salt'
			WHERE login = '$member[login]'
			");
		}
		$this->update_groups($member,$max);
	}
	
	function subscription_updated($member_id, $oldmember, $newmember){
		global $db, $config;
	
		$salt  = $this->generate_salt();
		$pass = sha1($salt . sha1($newmember['pass']));

		$email = $db->escape($newmember['email']);
	
		$this->query($s = "UPDATE [db]users
		SET passwd = '$pass', 
		salt = '$salt',
		email = '$newmember[email]', 
		login = '$oldmember[login]'
		WHERE login = '$oldmember[login]'
		");
	}
	
	function subscription_deleted($member_id, $product_id, $member){
		global $db, $config;
	
		$product = $db->get_product($product_id);
		if (!$product['fudforum_access']) return;
	
		if (!$max=$this->get_max($member['data']['status']))
			$this->query("DELETE FROM [db]group_members WHERE user_id=$id");
		else
			$this->update_groups($member,$max);
	}
	
	function subscription_removed($member_id, $member){
		global $db, $config;
		$q = $this->query("SELECT id, passwd
			FROM [db]users
			WHERE login = '$member[login]'
			");
		list($id, $p) = mysql_fetch_row($q);
		if (!$id) return;
	
		$this->query("DELETE FROM [db]group_members WHERE user_id=$id");
	}
	/*
		$q = $this->query("SELECT user_pass, user_email FROM [db]users WHERE user_login = '$login'");
		list($user_pass, $user_email) = mysql_fetch_row($q);
		if (!$user_pass && !$user_email) return true;
		if ($user_email != $email || !$this->wp_check_password($pass, $user_pass))
		{
			return false;
		} else {
			return true;
		}
	}

	*/
	function subscription_check_uniq_login($login, $email, $pass){
		global $db, $config;
		$login = $db->escape($login);
		$email = $db->escape($email);
		
		
		$f = $this->query_first("SELECT passwd,salt,email from [db]users where login='$login'");
		if(!$f['email']) return true;
		$fpass = sha1($f['salt'].sha1($pass));
		if ($email != $f['email'] || $pass!=$fpass)
		{
			return false;
		} else {
			return true;
		}
	}
	
	function ses_make_sysid()
	{
		$keys = array('HTTP_USER_AGENT', 'SERVER_PROTOCOL', 'HTTP_ACCEPT_CHARSET', 'HTTP_ACCEPT_ENCODING', 'HTTP_ACCEPT_LANGUAGE');
		foreach ($keys as $v) {
			if (isset($_SERVER[$v])) {
				$pfx .= $_SERVER[$v];
			}
		}
		return md5($pfx);
	}
	
	function after_login($user){
		global $db, $config;
		
		if ($_SESSION['_amember_ff_cookies_set'])
			return;
	
		session_register('_amember_ff_cookies_set');
	
		$user_login = $db->escape($user['login']);
		foreach ($user as $k=>$v) $user[$k] = $db->escape($v);
		$q = $this->query($s="SELECT *
				FROM [db]users
				WHERE login='$user_login'");
		$member=mysql_fetch_assoc($q);
		if (!$member['id']) return;
		foreach ($member as $k=>$v) $member[$k] = $db->escape($v);
		$hash = $this->ses_make_sysid();
		if ($s_cookie = $_COOKIE['fud_session']) {
			$s_cookie = $db->escape($s_cookie);
			$this->query("DELETE FROM [db]ses WHERE 
				sys_id = '$hash'
				AND ses_id <> '$s_cookie'");
	
			$this->query($s = "UPDATE [db]ses SET 
			time_sec=UNIX_TIMESTAMP(NOW()),
			sys_id='$hash',
			user_id='$member[id]'
			WHERE id='$s_cookie'");
			$q = $this->query($s="SELECT COUNT(*) 
			FROM [db]ses WHERE ses_id='$s_cookie'");
			list( $updated ) = mysql_fetch_row($q);
		}
		if (!strlen($s_cookie) || !$updated){
			$s_cookie = md5( uniqid(microtime()) );
			$this->query($s = "DELETE FROM [db]ses
			WHERE sys_id='$hash' OR user_id='$member[id]'");
			$this->query($s = "INSERT INTO [db]ses
			(ses_id, sys_id, user_id, time_sec)
			VALUES
			('$s_cookie', '$hash', '{$member[id]}', UNIX_TIMESTAMP(NOW())
			)
			");
	//        print($s);
			setcookie("fud_session", $s_cookie, 0, '/');
		}
		
		$GLOBALS['_amember_ff_cookies_set'] = 1;
		$_SESSION['_amember_ff_cookies_set'] = 1;
		session_register('_amember_ff_cookies_set');
		$GLOBALS['_amember_ff_cookies_set'] = 1;
		$_SESSION['_amember_ff_cookies_set'] = 1;
	}
	
	function after_logout(){  
		global $db, $plugins;
		
		if ($_SESSION['_amember_logged_from_ff'] ||
			$_SESSION['_amember_ff_cookies_set']){
			// need to do logout in fudforum too
			// Update the DB
			$sid = $_COOKIE['fud_session'];
			$sid = $db->escape($sid);
			$this->query($s = "DELETE FROM [db]ses 
						 WHERE ses_id='$sid'");
		}
	}
	
	function check_logged_in(){
		// check if user already logged-in with fudforum
		// must return array($login, $pass)
		// of logged-in fudforum customer or empty values
		global $db,$config;
		$sid = $db->escape($_COOKIE['fud_session']);
		if ($sid){
			$bb_user_id = $this->query_one("SELECT user_id FROM [db]ses WHERE ses_id='$sid'");
			$bb_user = $this->query_first("SELECT * FROM [db]users WHERE id='$bb_user_id'");
			$q = $db->query("SELECT 
				MD5(am.pass) = '$bb_user[passwd]' OR
				am.pass = '$bb_user[passwd]', am.login, am.pass
				FROM {$db->config[prefix]}members am 
				where am.login = '$bb_user[name]'");
			list($correct, $l, $p) = mysql_fetch_row($q);
			if ($correct){  
				
				$_SESSION['_amember_logged_from_ff']=1;
			} else {
				$l = $p = '';
			}
		}
		return array($l,$p);
	}
	function add_config_items($notebook_page)
	{
		$pn = $this->get_plugin_name();
		parent::add_db_config_items($pn, $notebook_page);
	}
	function init()
	{
		$pn = $this->get_plugin_name();

		parent::init();
		add_product_field("{$pn}_access",
			'FudForum access', 'select', "users ordered this product will<br />
			belong to the following group in FudForum", '',
			array('options' =>  $this->get_groups()
			));
	} 
	
	/**
	 * Checks if table is exists in mysql connection
	 * @return boolean true if exists
	 */
	function check_db_prefix($mysql_connection_id, $db_prefix)
	{
		global $db;
		if($res=mysql_query("SELECT * FROM {$db_prefix}users LIMIT 1", $mysql_connection_id))
		{
			if (preg_match("/SELECT command denied to user[:]? '(.+?)[']?@.+' for table '(.+?)'/i", @mysql_error($mysql_connection_id), $regs))
			{
				$db_name = preg_replace('/\..+$/', '', $db_prefix);
				$error="Error: ". @mysql_error($mysql_connection_id) . ".<br />Please go to webhosting control panel -> MySQL database section <br />and allow access(add user to database) for user [$regs[1]] to database [$db_name].";
			}
			elseif (@mysql_errno($mysql_connection_id))
			{
				$error="DB - [$db_prefix] - incorrect value. Error: " . @mysql_error($mysql_connection_id);
			}
		}
		else
		{
			$error="DB - [$db_prefix] - incorrect value. Error: " . @mysql_error($mysql_connection_id);
		};
		if($error)
		{
			$db->log_error(ucfirst($this->get_plugin_name())." plugin error: ".$error);
			return $error;
		}
		return;
	}
	
	function check_db_settings($config){
		if ($config['db'] && $config['host'] && $config['user'] && $config['pass'])
		{
			if(!($conn_id = @mysql_connect($config['host'],$config['user'],$config['pass'],1)))
			{
				$__pass="NO";
				if($config['pass'])$__pass="YES";
				return "Access denied for user '$config[user][email]'@'[/email]$config[host]' (using password: $__pass)";
			}
			else
			{
				list($__db, $dot, $prefix) = preg_split('|(\.)|', $config['db'], -1, PREG_SPLIT_DELIM_CAPTURE);
				if(!@mysql_select_db($__db,$conn_id))
				{
					return @mysql_error($conn_id);
				};
			};
		} 
		else 
		{
			$conn_id = $GLOBALS['db']->conn;
		}
		return $this->check_db_prefix($conn_id, $config['db']);
	}
	function check_db_settings_for_setup($some,$config){
		return $this->check_db_settings($this->__post_config($config));
	}
	function __post_config($config)
	{
		$p="protect";
		$n = $this->get_plugin_name();
		return array(
		'db' => $config["${p}_${n}_db"],
		'host' => $config["${p}_${n}_host"],
		'user' => $config["${p}_${n}_user"],
		'pass' => $config["${p}_${n}_pass"],
		);
	}
}

global $protect_fudforum;
global $plugin_error;
$protect_fudforum = instantiate_plugin("protect", "fudforum");
if($_POST['save'] && $_POST['notebook']=="fudforum")
	$subconf=$protect_fudforum->__post_config($_POST);
else
	$subconf=$config['protect']['fudforum'];
$plugin_error['fudforum'] = $protect_fudforum->check_db_settings($subconf);
if (!$plugin_error['fudforum'])
	$protect_fudforum->init();
?>

Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: maillist debug
Next Topic: Imported user default settings, where to change?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Oct 19 12:34:37 EDT 2017

Total time taken to generate the page: 0.00710 seconds