| Author |
 Topic  |
|
yves
Starting Member
32 Posts |
 Posted - 18 December 2002 : 09:41:45
|
I would like my members to be unable to edit previous posts, yet admin should still be able to. As the only checks are on forum.asp and topic.asp, what should I change here?
Thanx!
|
|
|
Roland
Advanced Member
Netherlands
9335 Posts |
Posted - 18 December 2002 : 11:31:33
|
You'll have to make changes to forum.asp, topic.asp, post.asp and post_info.asp. The first two files will need to have a if mLev = 4 then statement with the edit icons. post.asp and post_info.asp will need to get several code changes to see if the person trying to make the edit has the correct mLev.
It's quite some work, but doable if you have a couple spare hours and know what you're doing. |
 |
|
|
yves
Starting Member
32 Posts |
Posted - 18 December 2002 : 11:51:28
|
Wouldn't it be easier to just change the condition for showing that icon? It already is depending on whether the poster matches the logged-in member, I just need to know where that condition is exactly so I can delete that and this check isn't performed, resulting in the Edit icon being unavailable at all times. Except for mLev=4 of course.
|
|
|
|
davemaxwell
Access 2000 Support Moderator
USA
3020 Posts |
Posted - 18 December 2002 : 12:16:52
|
| Yes, you CAN change the condition from showing the icon, but it doesn't stop someone from typing post.asp into the URL with the correct querystring parameters and still being able to edit the posts. Making the needed changes in post.asp and post_info.asp are the only way to actually prevent someone from editing their posts. |
Dave Maxwell
Barbershop Harmony Freak |
|
|
|
David K
Junior Member
494 Posts |
Posted - 18 December 2002 : 14:31:14
|
| do you want to prevent them from deleting thier posts as well? if so, I know an easier way! |
Edited by - David K on 18 December 2002 14:36:01 |
|
|
|
David K
Junior Member
494 Posts |
Posted - 18 December 2002 : 14:41:15
|
| and FrutZle, when mLev is 4, it means an admin, not an author, so if he\she modifies this part, it would cause a great deal of damage! |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 18 December 2002 : 14:57:32
|
quote:
Originally posted by David K
and FrutZle, when mLev is 4, it means an admin, not an author, so if he\she modifies this part, it would cause a great deal of damage!
Roland's suggestion corresponds exactly to the request the user made, since he wanted an admin to be able to edit previous posts. I do not understand what damage would his suggestion cause. Maybe you're the one who is not seeing the situation correctly... |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
Roland
Advanced Member
Netherlands
9335 Posts |
Posted - 18 December 2002 : 15:03:18
|
Rui is right. Yves wants to disable editing of posts for everyone except admins. Setting an if statement like if mLev = 4 then around the edit icons (and their links) would only show it to admins. That's part of the solution.
Even if you set it to not show it to admins but to everyone else, and then edit post.asp and post_info.asp so only admins can actually do the editing it wouldn't pose any security risks, only frustration because people would get an error message when they do try to edit a post  |
|
|
|
David K
Junior Member
494 Posts |
Posted - 18 December 2002 : 15:20:23
|
| so I misunderstood you, he can simply change the if (AdminAllowed = 1 or TMember_ID = MemberID) then statement to if AdminAllowed = 1 then, but it won't prevent people from editing it! |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 18 December 2002 : 15:59:34
|
| I posted a solution to what yves is asking for another member some time back. Searching the forums may help find it. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 18 December 2002 : 16:29:38
|
quote:
Originally posted by David K
so I misunderstood you, he can simply change the if (AdminAllowed = 1 or TMember_ID = MemberID) then statement to if AdminAllowed = 1 then, but it won't prevent people from editing it!
Roland also said that wouldn't be enough. If you go back to his post, he says changes to forum.asp, topic.asp, post.asp and post_info.asp would be needed as well (and I add active.asp to the list).
I'm getting tired of rebutting your posting all over these forums, with incorrect info being posted several times, and the need for us to correct that as well. Now you go even as far as contradicting someone who obviously knows the forum code so much better than you do!
Do Snitz users a favor: post only about what you know for sure. If you are not completely sure about something, take the time to make sure and learn a bit about Snitz, while you're at it! |
Snitz 3.4 Readme | Like the support? Support Snitz too |
Edited by - ruirib on 18 December 2002 16:30:39 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 18 December 2002 : 17:01:49
|
Only authors or Admins/Moderators are allowed to edit the posts. The edit icons are shown only to authors or Admins/Moderators and also only they will be able to edit the posts. Disabling the Author Level (mLev = 1) should prevent authors from editing the posts but still allow admins to edit the posts. So I think (<Edited:it will though not hide the edit icons) the following changes will achieve the objective of not allowing the Members to edit their posts.
(Not tested) .
Tested and it worked for me as explained.
File: inc_functions_common.asp
Line 901
Find the following statetment
chkUser = 1 '## Author
Modify the above statement as below
chkUser = 2 '## Author |
CSS and HTML4.01 Compilant Snitz Forum . ForumSquare . Rakesh Jain
It is difficult to IMPROVE on Perfection, There is no harm in Keep Trying.
Prayer Of Forgiveness "I forgive all living beings. May all living beings forgive me!
I cherish the friendliness towards all and harbour enmity towards none." -- Aavashyaka Sutra(Translated) |
Edited by - GauravBhabu on 18 December 2002 17:16:58 |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 18 December 2002 : 17:15:26
|
Gaurav, I'm not sure that mlev=1 is used all over the code to check for a user being the post author. If it would, your proposal would do it.
In fact, a quick search for mlev in post.asp and post_info.asp seems to show that mlev=1 is not used to determine whether a user is an author or not... I guess I even remember discussing this with you before, no? |
Snitz 3.4 Readme | Like the support? Support Snitz too |
Edited by - ruirib on 18 December 2002 17:21:52 |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 18 December 2002 : 17:19:15
|
| I know, we discussed this (for icons showing/not showing), I tested what I suggested and it prevents editing, though edit icons are still shown (that is what we discussed earlier) |
|
|
|
GauravBhabu
Advanced Member
4288 Posts |
Posted - 18 December 2002 : 17:22:33
|
quote:
Originally posted by ruirib
Gaurav, I'm not sure that mlev=1 is used all over the code to check for a user being the post author. If it would, your proposal would do it. In fact, a quick search for mlev in post.asp and post_info.asp seems to show that mlev=1 is not used to determine whether a user is an author or not... I guess I even remember discussing this with you before, no?
File post_info.asp
Line 327
member = cLng(ChkUser(strDBNTUserName, strPassword, strReplyAuthor))
Line 428
member = cLng(ChkUser(strDBNTUserName, strPassword, strTopicAuthor)) |
Edited by - GauravBhabu on 18 December 2002 17:23:32 |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 18 December 2002 : 17:24:10
|
| Ok, if it prevents editing then I guess it solves the most important part of the problem. However, have you tried to directly access post.asp, by directly executing it with the proper values in the query string? |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
Topic |
|
Topic Locked
