Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 Moderator Options Mod		  New Topic  Topic Locked
 Printer Friendly
Next Page
Author Previous Topic Topic Next Topic
Page: of 2

rick7165
Senior Member

USA
1094 Posts
Posted - 02 April 2001 :  03:40:47  Show Profile  Visit rick7165's Homepage
Title: Moderator Options Mod

Thanks goes to big9erfan for helping me Tweak this.

Details: This allows you to setup Options for Moderators on your
forums. When the Moderators login they will see "Moderator Options".


Installation: Just unzip the files into your forums directory
you can edit the moderator_home.asp file just like you edit the
admin_home.asp file. Just add or subtract the features you want your
Moderators to control. I've included mine which have no server options
for the Moderators to control.

Files:A File has been attached. Download it by clicking on the Paper Clip icon:

You need to change these lines in your inc_top.asp file:

Do a search for this bit of code:

if (mlev = 4) or (lcase(strNoCookies) = "1") then %>
<tr>
<td align="center">
<font face="<% =strDefaultFontFace %>" size="<% =strFooterFontSize %>">
<a href="admin_home.asp">Admin Options</a><br>
</font>


And Replace it with this bit of code:

if (mlev = 4) or (lcase(strNoCookies) = "1") then %>
<tr>
<td align="center">
<font face="<% =strDefaultFontFace %>" size="<% =strFooterFontSize %>">
<a href="admin_home.asp">Admin Options</a>
</font>
</td>
</tr>
<%
elseif (mlev = 3) or (lcase(strNoCookies) = "1") then %>
<tr>
<td align="center">
<font face="<% =strDefaultFontFace %>" size="<% =strFooterFontSize %>">
<a href="moderator_home.asp">Moderator Options</a>
</font>


Update:
1. Fixed Cookie Issue
2. Fixed M_LEVEL changed from M_LEVEL =3 To M_LEVEL = 2

Test Site
www.eastpasco.com
Running on HuwR's SR4 release. Colors and Graphic scheme done by Richard Kinser.




Edited by - rick7165 on 02 April 2001 03:55:54

Edited by - rick7165 on 02 April 2001 13:22:41

MisterVB
Junior Member

274 Posts
Posted - 02 April 2001 :  06:16:16  Show Profile  Visit MisterVB's Homepage
doesn't work...everytime i try to login to the moderators page it tells me There has been a problem!

You are not allowed access.

If you think you have reached this message in error, please try again.

I've tried on multiple moderator names and none seem to allow me to login to the moderator home.

this is where the error is:
strSql = "SELECT MEMBER_ID "
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
strSql = strSql & " WHERE M_NAME = '" & Name & "' AND "
strSql = strSql & " M_PASSWORD = '" & Password & "' AND "
strSql = strSql & " M_LEVEL = 3"

change the 3 to 2... 3 is for admins 2 is moderators.

Edited by - MisterVB on 02 April 2001 06:26:16
Go to Top of Page

MisterVB
Junior Member

274 Posts
Posted - 02 April 2001 :  06:27:42  Show Profile  Visit MisterVB's Homepage
also do you have a link to where i can download the login logout notes?
Go to Top of Page

babygate
Starting Member

32 Posts
Posted - 02 April 2001 :  06:58:10  Show Profile  Visit babygate's Homepage
Also there will be a major security problem with the moderator_login.asp page..

Since you are assigning the same session cookies as an administrator (Session(strCookieURL & "Approval") = "15916941253), any moderator can access the admin_home.asp page after he/she logged on. You may want to use a different method to check the mLev to avoid that.

BabyGate
http://forum.g4systems.net/babygate/
Go to Top of Page

RedLeader
New Member

USA
85 Posts
Posted - 02 April 2001 :  09:51:00  Show Profile  Visit RedLeader's Homepage
I posted a topic in the Mods W/O code looking for a Mod that would create a Super Admin so I could permit regular admins to add catagories and forums, but not change certain server configs like fileuploading etc.

Would this Mod permit similiar functionality or should I try to take it a step further?

RL
Go to Top of Page

Davio
Development Team Member

Jamaica
12217 Posts
Posted - 02 April 2001 :  11:21:48  Show Profile
quote:
Since you are assigning the same session cookies as an administrator (Session(strCookieURL & "Approval") = "15916941253), any moderator can access the admin_home.asp page after he/she logged on. You may want to use a different method to check the mLev to avoid that.
Just use another number for that. Any other number would be ok.
Go to Top of Page

MisterVB
Junior Member

274 Posts
Posted - 02 April 2001 :  12:14:13  Show Profile  Visit MisterVB's Homepage
use another number for the lev or the cookie? i tried changing the cookie number but won't allow any options to be edited keeps giving the admin login page.
Go to Top of Page

rick7165
Senior Member

USA
1094 Posts
Posted - 02 April 2001 :  12:53:01  Show Profile  Visit rick7165's Homepage
I was up all night and zipped up the wrong file :(

change this line: strSql = strSql & " M_LEVEL = 2"

I've updated the Zip file


quote:

doesn't work...everytime i try to login to the moderators page it tells me There has been a problem!

You are not allowed access.

If you think you have reached this message in error, please try again.

I've tried on multiple moderator names and none seem to allow me to login to the moderator home.

this is where the error is:
strSql = "SELECT MEMBER_ID "
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
strSql = strSql & " WHERE M_NAME = '" & Name & "' AND "
strSql = strSql & " M_PASSWORD = '" & Password & "' AND "
strSql = strSql & " M_LEVEL = 3"

change the 3 to 2... 3 is for admins 2 is moderators.

Edited by - MisterVB on 02 April 2001 06:26:16


Test Site
www.eastpasco.com
Running on HuwR's SR4 release. Colors and Graphic scheme done by Richard Kinser.
Go to Top of Page

rick7165
Senior Member

USA
1094 Posts
Posted - 02 April 2001 :  13:05:27  Show Profile  Visit rick7165's Homepage
I've zipped up all my mods and you can download them from my Test Site
the zip file is about 3.5 meg.



quote:

also do you have a link to where i can download the login logout notes?




Test Site
www.eastpasco.com
Running on HuwR's SR4 release. Colors and Graphic scheme done by Richard Kinser.
Go to Top of Page

babygate
Starting Member

32 Posts
Posted - 02 April 2001 :  13:14:35  Show Profile  Visit babygate's Homepage
quote:

use another number for the lev or the cookie? i tried changing the cookie number but won't allow any options to be edited keeps giving the admin login page.

Because all options for moderator in moderator_home.asp need administrator cookies access. That's why it keep asking you to login. So changing the cookies number won't help.


BabyGate
http://forum.g4systems.net/babygate/
Go to Top of Page

MisterVB
Junior Member

274 Posts
Posted - 02 April 2001 :  13:29:37  Show Profile  Visit MisterVB's Homepage
the problem is that if you type... admin_home.asp after you login to the moderator_home.asp it allows you to edit everything the admin can.
Go to Top of Page

rick7165
Senior Member

USA
1094 Posts
Posted - 02 April 2001 :  13:58:15  Show Profile  Visit rick7165's Homepage
Well I see another problem.. and Have no clue how to fix this.. If anyone can help let me know

You can't access the mods because of the cookie settings.
if they are set to this:
<% If Session(strCookieURL & "Approval") = "15916941253" Then %>

everything works, but if that person knows to type in admin_home.asp
they can access all the admin features.

and the Admin_????.asp files also use:
<% If Session(strCookieURL & "Approval") = "15916941253" Then %>

I really need this mod so I'm leaving mine set to this... The people
I have setup as Moderators have no clue of the files on the server.
so they will never find or know about admin_home.asp.

But I would like if someone could help me fix this issue. I'm new to
this and figured I'd mess up my first one


Test Site
www.eastpasco.com
Running on HuwR's SR4 release. Colors and Graphic scheme done by Richard Kinser.



Edited by - rick7165 on 02 April 2001 14:05:21
Go to Top of Page

big9erfan
Average Member

540 Posts
Posted - 02 April 2001 :  14:52:45  Show Profile
RedLeader

This will give you similar functionality to what you were looking for in a the Super Admin level. You can modify the moderator_home.asp to give them ( the moderators ) whatever access to the site that you trust them with ;)

Rick,

Sorry I didn't notice the security hole last night. It was **** late for me and I was trying to do 3 things at once. Very difficult when you're running on 2 hrs sleep.

P.S. You're welcome for the help, but you had it just a few typos b/c it was so late.

http://www.ugfl.net/forums
Go to Top of Page

rick7165
Senior Member

USA
1094 Posts
Posted - 02 April 2001 :  15:11:57  Show Profile  Visit rick7165's Homepage
I've found a work around for this mod, but I don't think many people will do it.

I've copied the files like admin_config_notes.asp to moderator_config_notes.asp

then had to change everything within the new file from admin to moderator.

Right now if you use this mod like it is... you will notice it will refresh to the
admin_home.asp file... that's why I made copies and renamed the files. Also gave a
new cookie number for moderators.

You will notice at the bottom of the admin files you see this:

<% else %>
<% Response.Redirect "admin_login.asp" %>
<% end if %>

that's the reason I created moderator files.

This works for me because I really need the moderators to control some stuff, but not
the admin stuff.
I feel this would be a awesome mod if the security issue could be worked out





Test Site
www.eastpasco.com
Running on HuwR's SR4 release. Colors and Graphic scheme done by Richard Kinser.

Edited by - rick7165 on 02 April 2001 15:15:30
Go to Top of Page

Davio
Development Team Member

Jamaica
12217 Posts
Posted - 02 April 2001 :  18:14:42  Show Profile
No, I meant changing this:
Session(strCookieURL & "Approval") = "15916941253"
To another number. So you can have something like this:
Session(strCookieURL & "Approval") = "21986524738"
Then at the top of the moderator pages, just check to see if that Session is set. If it isn't, re-direct them to the moderator login. If they type in the admin_home.asp name in the url, they would have to provide the admin password and username for that too.
Go to Top of Page

rick7165
Senior Member

USA
1094 Posts
Posted - 02 April 2001 :  18:34:18  Show Profile  Visit rick7165's Homepage
That works, but if I give the moderator permissions to say... admin_config_notes.asp the cookie value is set
to the Admin within that file. If I change this to the one I've given the Moderator... the admin can't access the file

So I had to create files called like moderator_config_notes.asp and put the moderator cookie ID in there and remove
the Admin ID.

Not sure if I'm making any sense... I'm confussed in code..

Rick


quote:

No, I meant changing this:
Session(strCookieURL & "Approval") = "15916941253"
To another number. So you can have something like this:
Session(strCookieURL & "Approval") = "21986524738"
Then at the top of the moderator pages, just check to see if that Session is set. If it isn't, re-direct them to the moderator login. If they type in the admin_home.asp name in the url, they would have to provide the admin password and username for that too.




Test Site
www.eastpasco.com
Running on HuwR's SR4 release. Colors and Graphic scheme done by Richard Kinser.
Go to Top of Page
Page: of 2 Previous Topic Topic Next Topic  
Next Page
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.2 seconds. Powered By: Snitz Forums 2000 Version 3.4.07