You are not logged in.
- Topics: Active | Unanswered
#1 Re: General support (1.4) » Can I connect my forums to another forum? » 2011-05-07 17:00:15
- twohawks
You may wish to check out the discussion here:
http://fluxbb.org/forums/viewtopic.php?id=3072
That is a 1.2.x-centric project, btw.
Be forewarned... its a tedious discussion (my bad) and not for the faint of heart, and I never had time (or budget) to bring the project to conclusion.
But I made some good progress... enough to convince me its possible to do in an elegant enough manner.
I wish I had had time to finish that... I think its a very cool and useful project.
#2 Re: Feature requests » Groups on FluxBB » 2011-05-07 16:46:09
- twohawks
I am not yet migrated to 1.4.x because our installations are so heavily modded;
but coming across this post I was wondering... is the multigroup mod developed for 1.2 not viable for massaging into 1.4.x ?
Link here: http://www.punres.org/viewtopic.php?id=150
I have had this deployed for a long time now without a single complaint (no permissions issues, etc).
Cheers ;^)
#3 Re: General discussion » Podcast Service Recommendation... need user access permissions managed » 2011-04-09 19:19:19
- twohawks
Comment addendum,
3) Supposedly content delivery from the client session at your website is handed off directly to 'between the client [end-user] and S3 server', so you are not incurring bandwidth usage on your site during download and/or viewing.
#4 Re: General discussion » Podcast Service Recommendation... need user access permissions managed » 2011-04-09 19:14:28
- twohawks
What's coalescing from my research so far...
One possible method...
- store the content on something akin to an Amazon S3 account
- use something like Cloudfront for replication/caching for quick content delivery
- link to the content on the website either with link OR embed video
- use fluxbb permissions to manage who has access (from within the site, of course)
Comments
1) Supposedly the content on the S3 server will not be freely accessible to the public unless we allow it, i.e., access to it is managable. (I am not concerned about iron-fisted protection [as if that existed], but just not having things hanging out there in the breeze)
2) I read about something called "EasyVideoPlayer 2.0" that provides marketing tools 'dressing' for your uploaded videos... may be worth looking deeper into that.
----------
Sure would be interested in any comments, suggestions, and/or insights from the community folk here.
Cheers,
#5 General discussion » Podcast Service Recommendation... need user access permissions managed » 2011-04-09 02:49:17
- twohawks
- Replies: 2
Hi All,
Its been way too long since my last visit here..., I hope everyone and everything is faiering well and happily ;^)
I am wondering what, if anything, any of you might recommend for, as the subject line indicates, a podcast service that provides for managed user access, like we do with the forum software, kind of thing.
Specifically, we need to facilitate the schools' administrators and teachers to be able to post recorded audio/video materials like seminars, classes, meetings, gatherings, and such, that can be made selectively available to users (students, etc) as well as a public area.
I do not wish to host the materials onsite --is the reason for looking for a podcast service having users permissions features... kind of like "itunes U", but that is only for accredited institutions.
I am having difficulty finding anything. I am new to this.
I am guessing it would be okay to host the backend (closed?) at such a service if we could manage the access from our site(s), i.e., users permissions would control access to the link to the "otherwise non-publicly hosted media".
Anyone doing this sort of thing?
thanks,
TwoHawks
#6 Re: Announcements » Welcome to our new website :) » 2010-05-22 20:20:42
- twohawks
@Reines: lol, okay then ;^)
#7 Re: Announcements » Welcome to our new website :) » 2010-05-21 19:44:47
- twohawks
twohawks wrote:2) On the first page it says this is version 1.3-legacy ...is that correct?
Uh, what, where?
Smarty's post... #20
Maybe I read that out of context?? The link he provides is on this site, no?...
#8 Re: Announcements » Welcome to our new website :) » 2010-05-20 21:09:18
- twohawks
Just passing thru, no real time to look around, but gotta say...
...feels good here, good job.
West Coast US... its fast.
Nice sculpting, Paul.
Congrats to you hard dedicated folk ;^)
2 comments...
1) I agree... a little wider would be better. I think you can safely take it out to default of 940px (I measure about 876 here)
2) On the first page it says this is version 1.3-legacy ...is that correct?
Cheers from Nevada,
#9 Re: General discussion » My fluxbb forum host! » 2010-04-19 06:37:02
- twohawks
No problem. If you don't mind my asking, why did you want to know?
Well, because I run Fluxbb, and there are at least 3 distinct/likely possible deployments that have unique underpinnings to be dealing with when customizing or considering plugins... seems reasonable to want to know.
As far as here at Flux... I think my first comment says it... I hate to have to be guessing what the heck is being used for the presentation I am presented with here, and I see no usefulness in hiding that. As a matter of fact I think it would be helpful for promoting flux to be stamping the site clearly with what is being used.
Its kind of like going to a site where someone is espousing/presenting materials on security, but then there is no "about us" page explaining anything about who they are, or why they are presenting... it only serves to raise suspicions... suspicions that compell people to distrust and go elsewhere. I think it hurts more to hide that than its does to help.
And as far as protecting against hacking... better to address that in other ways. It makes you look weak when you gotta hide your stock.. I mean, is Flux so weak its gotta hide? I just don't subscibe to this thinking.
Thank you for asking ;^)
#10 Re: General discussion » My fluxbb forum host! » 2010-04-10 22:47:44
- twohawks
Cool. Thank you ;^)
#11 Re: General support (1.4) » Number of topics / forums in the footer with sub-forums » 2010-03-31 06:24:56
- twohawks
Cool. Thanks François! ;^)
#12 Re: Feature requests » Stackoverflow » 2010-03-26 23:03:39
- twohawks
I hate tags (I'm too old school). I think they are a great idea for a freeform organizational tool, though. Freeform organization, who'd a thunk it?
Of course, a tags "only" system would not support those instances that require setting up (sculpting) a rigid mapped environment, i.e., a place like a community with buildings, rooms, subject groups. and so on, that do not change (or need to strictly managed by the host), or if they do change, can be managed as solid collectives (hope that makes sense).
That said, as little as I yet relate to a tag system (I resemble Matt's remarks pretty closely), ...seems it is considered wave of the now and future and rising in popularity for many applications; so I think it would be interesting to see what a fluxbb "on tags" offering might look like (form- and function- wise). I bet some would find it very appealing and useful. Of course, if it looked anything like the albeit wonderful resource of stackoverflow, then I would tend to suspect someone spiked the Flux developer's koolaid... as I am sure that a tags system doesn't have to be ugly and confusing. (Hey, not that I got anything against anyone drinking 'special' koolaid.)
Just passing by... best to you all ;^)
#13 Re: General discussion » My fluxbb forum host! » 2010-03-26 22:37:00
- twohawks
Hey Cyclone... looks very interesting. Ah... is it posted anywhere what version of FluxBB you are running?
It would be nice to know, like when you scroll to the bottom of the page where it shows "powered by fluxBB", what version is running. I hate it that they don't do that here (gotta hunt, search, guess -- but why? what usefulness is it to hide the version?).
Also, nice features list. Another thing I find rather lacking here, unfortunately.
#14 Re: General support (1.4) » Number of topics / forums in the footer with sub-forums » 2010-03-26 20:56:27
- twohawks
Bump. I am interested in this issue.
François, have you sorted out a workaround?
How many queries are involved?
#15 Re: Modifications (1.2) » Email Global Plus - Ignore Bans » 2010-01-08 08:33:09
- twohawks
FOLLOW-UP... SOME CODER MUSINGS....
Yeah, it could still use a little more cleaning up, and it may not yet be the most efficient approach for this job, but it seems to be working pretty reliably at least.
Most of you experts here already know I am not one... so if you have any insightful critiques *please* comment.
Two major players for me here were...
1. One of the tools I was extremely relieved to find was the FIND_IN_SET sql function... I kinda fly by the seat of my chair and was searching high and low for something to allow for looking inside a field record that is storing a list of values (or array)-(in this case, the secondary-groups users are members of is stored as a concatonated list)
..and do a comparison against any of the lists' elements *on the fly*...
I.e... I have a group number and I wish to see if it exists in the current field value's list for validating the row being currently considered in the query statement execution...
...-->>
Using IN with IMPLODE on the fieldname does not allow access to the itemized contents of the field-record(s) while operating within the query... this method only lets you test against the first value, not the rest...
...and serialize tricks seems a tad messy and complicated...
**but FIND_IN_SET does allow you test against any value in the current fieldrecord, and its very simple and clean !
I was just about to let go of the notion this could even be done when I spotted this in my last search.
That function saved having to run another nested query for managing the job - which I really didn't desire.
---------------------
2. Second thing that came in handy was using $_POST to pass array values, which eliminated having to run same/similar queries over again (redundantly).
In order to do this there are three simple steps...
- pass the arrays from the original results as print_r string values via $_POST array,
- retrieve each string out of the relevant $_POST array using for-each (takes a single pass),
- convert the print_r string value back to an array
In the code I formulated I did this the long way... it is worth noting that there is a method I did not spend time learning where you can evidently do this for all your array variables you wish to pass off... together in one fell swoop (in both the pass and the retrieval), so this is definitely something worth learning more about (for me anyway ;^).
I have no idea if there are any security issues exposed using that method, but considering its a post method I really think not... if someone has the proper insight on that please speak up.
--------
3. Also, I used a variable for conditionally allowing use/nonuse of the multigroup mod... not anything unfamiliar to folks here, but still worth noting. That saved any headaches of requiring different versions, or needing any customization based on type of deployment ;^)
All righty then. That's about it for now.
Thought it worth dumping those thoughts here if for nothing else than decent reference/reminder when revisiting this project.
Cheers,
#16 Re: Modifications (1.2) » Email Global Plus - Ignore Bans » 2010-01-08 04:12:56
- twohawks
AP_Email_Global_Plus REDO -- INCLUDES OPTIONAL INTEGRATION FOR MULTIGROUPS plus other improvements and tweaks.
Email Global Plus (<<--for the search engine)
=============================================
Thank you for posting that, Reines!
For anyone interested I have just finished reworking this mod for one of our sites.
It has significant changes, including integration for use if you have the MULTIGROUPS MOD installed ;^)
Code is posted below.
Here are the changes (from my notes):
- allow listing of recipient names for preview (not paginated, so if you have thousands of users prepare to wait - or disable this
- make sure users pulled for "everyone" excludes any users not having read permissions or permissions for viewing the user list
- edited to allow use with the MULTIGROUPS mod
- distilled redundant queries down (non-repetitive)
- Sends copy to administrators [tweak]. Also Includes a note in the message as to who sent it ;^)
- exclude banned users [tweaked]
- Works with or without multigroup mod installed
Obviously some of the changes are simply adjustments to what was there, however, you will notice a lot of rewriting of the code.
Here you go...
<?php
/***********************************************************************
Copyright (C) 2005 Terrell Russell (punbb@terrellrussell.com)
Copyright (C) 2006 FoxMaSk (foxmask@punbb.fr)
This file is part of PunBB.
PunBB is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2 of the License,
or (at your option) any later version.
PunBB is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston,
MA 02111-1307 USA
************************************************************************/
/***********************************************************************
18 Mai 2006 - Author FoxMask - AP_Email_Global_Plus v 1.0
Adapted plugin AP_Email_Global.php Terrell Russell
This plugin allows you to send mass mails to a group of users
and adds the group administrator to 'blame' reception of mass mail.
************************************************************************/
/***********************************************************************
TWOHAWKS EDITED Jan 07, 2010 based on AP_Email_Global_Plus_GoodDebugVer02a.php
- allow listing of recipient names for preview (not paginated, so if you have thousands of users prepare to wait - or disable this
- make sure users pulled for "everyone" excludes any users not having read permissions or permissions for viewing the user list
- edited to allow use with the multigroups mod
- distilled redundant queries down (non-repetitive)
- Sends copy to administrators. Also Includes a note in the message as to who sent it ;^)
- Work with or without multigroup mod installed
************************************************************************/
// Make sure no one attempts to run this script "directly"
if (!defined('PUN'))
exit;
// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);
// Courtesy php at deboom dot biz from the php manual for print_r
// Converts print_r output back to an array
// This could also be (ab)used to convert a object into a array..
function object2array($printr) {
$newarray = array();
$a[0] = &$newarray;
if (preg_match_all('/^\s+\[(\w+).*\] => (.*)\n/m', $printr, $match)) {
foreach ($match[0] as $key => $value) {
(int)$tabs = substr_count(substr($value, 0, strpos($value, "[")), " ");
if ($match[2][$key] == 'Array' || substr($match[2][$key], -6) == 'Object') {
$a[$tabs+1] = &$a[$tabs][$match[1][$key]];
}
else {
$a[$tabs][$match[1][$key]] = $match[2][$key];
}
}
}
return $newarray;
}
// --------------------------------------------------------------------
// Confirm Page
if (isset($_POST['confirm']))
{
// Make sure message body was entered
if (trim($_POST['message_body']) == '')
message('You haven\'t written your message!');
// Make sure message subject was entered
if (trim($_POST['message_subject']) == '')
message('You haven\'t written a subject!');
// Display the admin navigation menu
generate_admin_menu($plugin);
$preview_message_body = nl2br(pun_htmlspecialchars($_POST['message_body']));
if (! is_numeric($_POST['group_id']) ) message('tsss tsss tsss!!!');
$mgrpsarr = array();
$mgrpscount = 0;
$mgrpscounttl = 0;
//check if multigroup mod is installed
if (false === $db->query("SELECT membergroupids FROM ".$db->prefix."users limit 0"))
{
$umemgrpid = ""; //the column does not exist
} else {
$umemgrpid = ", u.membergroupids"; //the column exists
}
// sent to all groups except guest and unverified users ("Everyone" selected in list)
$sql = "SELECT u.username, u.email".$umemgrpid.", g_title
FROM ".$db->prefix."users AS u
LEFT JOIN ".$db->prefix."bans AS b ON b.username = u.username
LEFT JOIN ".$db->prefix."groups AS g ON g.g_id = u.group_id
WHERE u.group_id <> '3' AND b.id IS NULL
AND g.g_read_board = 1
ORDER BY u.username";
// sent to a particular group
$sql2 = "SELECT u.username, u.email
FROM ".$db->prefix."users AS u
LEFT JOIN ".$db->prefix."bans AS b ON b.username = u.username
WHERE (u.group_id = '".$_POST['group_id']."' or u.group_id = '1') AND b.id IS NULL
ORDER BY u.username";
// main query - always used (selection is everyone or a particular group)
$result = $db->query($sql) or error('Can not find the number of users in the database', __FILE__, __LINE__, $db->error());
//query for if particular group selected
$result2 = $db->query($sql2) or error('Can not find the number of users in the database', __FILE__, __LINE__, $db->error());
// for main query - always used (selection is everyone or a particular group)
while($row = $db->fetch_assoc($result))
{
if ($_POST['group_id'] == '0' )
{
$usernames[] = $row['username'];
$addresses[$row['username']] = $row['email'];
}
//if the selection was aparticular group, check second query
//only gets iterated once, so doesn't really need to be inside this while statement - located here for debug ease
while($row2 = $db->fetch_assoc($result2))
{
if ($_POST['group_id'] !=0 )
{
$usernames[] = $row2['username'];
$addresses[$row2['username']] = $row2['email'];
}
}
$mgrps = split(',', $row['membergroupids']);
foreach($mgrps as $mgrp) {
// DEBUG: for check-counting of all multigroup memberships
if (($mgrp != NULL) && ($_POST['group_id'] !=0))
$mgrpscounttl = $mgrpscounttl+1;
if (($mgrp != NULL) && ($_POST['group_id'] !=0) && ($mgrp == $_POST['group_id']))
{
if (!in_array($mgrp,$mgrpsarr))
{
if((int)$mgrp !=0)
{
//For the current row, iterate the database
$result3 = $db->query('SELECT u.username, u.email, g_id, g_user_title
FROM '.$db->prefix.'users AS u
LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id = '.$mgrp.'
LEFT JOIN '.$db->prefix.'bans AS b ON b.username = u.username
WHERE FIND_IN_SET('.$mgrp.', membergroupids)
AND u.group_id <> 3
AND b.id IS NULL
AND g.g_read_board = 1
') or error('Unable to fetch user list', __FILE__, __LINE__, $db->error());
while($row3 = $db->fetch_assoc($result3))
{
$mgrpsarr[$row['membergroupids']] = $mgrp;
if (!in_array($row3['username'],$usernames))
{
$usernames[] = $row3['username'];
$addresses[$row3['username']] = $row3['email'];
}
$mgrpscount++; //tracking count of viable multigroup members var
}
}
}
} // End Main IF in For Each
} // End ForEach iteration
} //End While
$usercount = count($usernames);
?>
<div id="exampleplugin" class="blockform">
<h2><span>Global Email Plus - Confirmation</span></h2>
<div class="box">
<div class="inbox">
<p>Confirm your message before sending.<br /><br /><b>For any corrections, <a href="javascript: history.go(-1)">Go Back</a></b>.</p>
</div>
</div>
<h2 class="block2"><span>Confirmation of your Message</span></h2>
<div class="box">
<form id="broadcastemail" method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
<div class="inform">
<input type="hidden" name="message_subject" value="<?php echo pun_htmlspecialchars($_POST['message_subject']) ?>" />
<input type="hidden" name="message_body" value="<?php echo pun_htmlspecialchars($_POST['message_body']) ?>" />
<input type="hidden" name="group_id" value="<?php echo $_POST['group_id']; ?>"/>
<input type="hidden" name="usernames[]" value="<?php echo $_POST[print_r($usernames)]; ?>"/>
<input type="hidden" name="addresses[]" value="<?php echo $_POST[print_r($addresses)]; ?>"/>
<input type="hidden" name="usercount[]" value="<?php echo $_POST[print_r($usercount)]; ?>"/>
<fieldset>
<legend>Receipents</legend>
<div class="infldset">
[ <strong><?php echo $usercount ?></strong> ] members will receive this message (Administrators included).
</div>
</fieldset>
</div>
<div class="inform">
<fieldset>
<legend>Content of your message</legend>
<div class="infldset">
<table class="aligntop" cellspacing="0">
<tr>
<th scope="row">Subject</th>
<td>
<?php echo pun_htmlspecialchars($_POST['message_subject']) ?>
</td>
</tr>
<tr>
<th scope="row">Your message</th>
<td>
<?php echo $preview_message_body ?>
</td>
</tr>
</table>
<div class="fsetsubmit"><input type="submit" name="send_message" value="Confirm - Send" tabindex="3" /></div>
<p class="topspace">Press submit only once!!.</p>
</div>
</fieldset>
</div>
<div class="inform"><!-- remove this div is you have too many users to be listing -->
<fieldset>
<legend>List of Recipients Selected</legend>
<div class="infldset">
<table class="aligntop" cellspacing="2">
<tr>
<td>
<?php
$iTD=0;
$iTR=0;
If (!$usernames) { echo "No recipients selected<br />\n";}
If ($usernames)
{
foreach ($usernames as $recipientname)
{
$iTD=$iTD+1;
$iTR=$iTR+1;
echo $recipientname."<br />\n";
//FOLLOWING SETS SHOULD BE MULITPLES OF EACH OTHER
If ($iTD==25) //SET TO MUMBER TO LIST PER COLUMN/CELL
{?>
</td> <?php
$iTD=0; //reset for new column
If ($iTR==125) //SET TO MAX MUMBER OF COLUMN. Inserts following TR if/when needed
{?>
</tr>
<tr> <?php $iTR=0; //reset for new row
} ?>
<td> <?php
}
}
} ?>
</td>
</tr>
</table>
</div>
</fieldset>
</div>
</form>
</div>
</div>
<?php
}
// --------------------------------------------------------------------
// Send the Message
else if (isset($_POST['send_message']))
{
require_once PUN_ROOT.'include/email.php';
@set_time_limit(0);
// Display the admin navigation menu
generate_admin_menu($plugin);
if (! is_numeric($_POST['group_id']) ) message ('tsss tsss tsss!!!');
//Collest Variables from Confirm Page
// get Usernames Array (HTH-may not be needed after debugging)
if (isset($_POST['usernames']))
{
$usernames = $_POST['usernames'];
//break return value out of the post array -- it will be a string (post always delivers a string)
foreach ($usernames as $username)
{
$usernames = $username;
}
//convert the print_r string value back to an array
$usernames = object2array($usernames);
}
// get Addresses Array
if (isset($_POST['addresses']))
{
$addresses = $_POST['addresses'];
//break return value out of the post array -- it will be a string (post always delivers a string)
foreach ($addresses as $address)
{
$addresses = $address;
}
//convert the print_r string value back to an array
$addresses = object2array($addresses);
}
// get UserCount Array
if (isset($_POST['usercount']))
{
$usercount = $_POST['usercount'];
foreach ($usercount as $usercounti)
{
$usercount = $usercounti;
}
}
//create tag for the current logged in user to place into the email message (to tag it with their ident)
$addendsender = "<br />\n<br />\n<br />\n The sender of this message is ".$pun_user['username']."<br />\n";
// Set up the mailer
$mail_subject = pun_htmlspecialchars($_POST['message_subject']);
$mail_message = pun_htmlspecialchars($_POST['message_body']);
$mail_message = substr_replace($mail_message, $addendsender, -1, 0);
foreach ($addresses as $recipientname => $recipientemail)
{
$mail_to = $recipientemail;
pun_mail($mail_to, $mail_subject, $mail_message);
}
?>
<div class="block">
<h2><span>Globla Email Plus - Message Sent</span></h2>
<div class="box">
<div class="inbox">
<p>Your message was sent to [ <strong><?php echo $usercount ?></strong> ] members.</p>
<p>The administrators were included</p>
<p>You will receive a copy of your message soon</p>
</div>
</div>
</div>
<?php
}
// --------------------------------------------------------------------
// Display the Main Page
else
{
// Display the admin navigation menu
generate_admin_menu($plugin);
?>
<div id="exampleplugin" class="blockform">
<h2><span>Globla Email Plus</span></h2>
<div class="box">
<div class="inbox">
<p>This plugin allows the administrator to send a message to all the users of a forum or of a specific group.<br />
A confirmation page will be displayed after you click "Continue to the Confirmation Page"<br />
A copy is sent to all administrators, and the administrator who sent it is noted in the email.</p>
<p>Multigroups: this version works with the multi-group mod.<br />
With the multigroup mod installed it is a simple matter to create a custom group of users to send messages to ;^)
</p>
</div>
</div>
<h2 class="block2"><span>Write a Message</span></h2>
<div class="box">
<form id="broadcastemail" method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
<div class="inform">
<fieldset>
<legend>Content of the message</legend>
<div class="infldset">
<table class="aligntop" cellspacing="0">
<tr>
<th scope="row">Group</th>
<td>
<select name="group_id">
<option value="0" select="selected">Everyone</option>
<?php
// we do not take the guest
$sql_group = "SELECT * FROM ".$db->prefix."groups WHERE g_id <> '3' ORDER BY g_title";
$result_group = $db->query($sql_group) or error('can find a list of user groups',__FILE__, __LINE__, $db->error());
while ($row_group = $db->fetch_assoc($result_group)) {
?>
<option value="<?php echo $row_group['g_id']; ?>"><?php echo $row_group['g_title']; ?></option>
<?php } ?>
</select>
</td>
</tr>
<tr>
<th scope="row">Subject</th>
<td>
<input type="text" name="message_subject" size="50" tabindex="1" />
</td>
</tr>
<tr>
<th scope="row">The message</th>
<td>
<textarea name="message_body" rows="25" cols="72" tabindex="2"></textarea>
</td>
</tr>
</table>
<div class="fsetsubmit"><input type="submit" name="confirm" value="Continue to the Confirmation Page" tabindex="3" /></div>
</div>
</fieldset>
</div>
</form>
</div>
</div>
<?php
}
// --------------------------------------------------------------------
// Note that the script just ends here. The footer will be included by admin_loader.php.Cheers,
TwoHawks
#17 Re: General support (1.2) » Reset All Passwords - best method? » 2010-01-04 00:10:54
- twohawks
What I decided might be easiest and fastest thing to do is to
1) log into the database
2) determine the user ID's I do not wish to change/reset, such as Admin, Guest, and the other Admin... and then
3) issue an sql statement directive for resetting all passwords to blank... (could be anything really, but blank will undoubtably fail the authentication test)
4) when users try to log in they will be prompted with the "forgot password" prompt... and they can simply change them.
SQL USED once logged into database...
UPDATE `databasename`.`prefixUSERS` SET `password` = '' WHERE ((`prefixUSERS`.`id` > 3) AND (`prefixUSERS`.`id` != 7))...adjust numbers accordingly... kind of thing.
#18 Re: General support (1.2) » Reset All Passwords - best method? » 2010-01-03 23:11:13
- twohawks
Thanks Smartys.
Answers:
1. Did the computer in question have the administrator's username/password saved?
Yes
2. Did the computer in question have a copy of the forum's database saved on it?
No
3. Does the administrator have access to the database from their computer (either via an admin plugin or via a tool like phpMyAdmin, where the login details are saved on the computer)?
Yes
4. If 3 is true, has anyone accessed those tools using the compromised account since the theft?
No, but the theft (automibile theft with PC's in it) occurred only hours before I closed the sites.
***5. This administrator controlled her user's passwords herself (don't ask me why - I don't/cannot control her choices), so not only are her admin codes on the PC, all the user's passcodes are there as well.
I guess I will have a look at the login.php and see if its faster to deal with that, or simply go and change them all manually.
Thank you for the reply and assistance ;^)
#19 General support (1.2) » Reset All Passwords - best method? » 2010-01-03 18:49:04
- twohawks
- Replies: 4
Hi folks,
Happy New Year to you all... I hope flux has a great year!
Problem today is an administrator had her computer stolen. I shut down two fluxbb-run sites.
I am mostly through the woods, right now I hve the two BBS's in maintenance mode
...I am wondering what you feel the best procedure is for resetting all the user passwords !
Thanks ;^)
TwoHawks
#20 Re: Modifications (1.2) » [BETA-RELEASE] Anti SPAM bot CAPTCHA v2 » 2009-12-17 21:21:09
- twohawks
Interesting, JAcky.
Would the same problem be true for implementing a php page redirection (-method) with a delay?
Hmmm... and, what about using a flash thingy...
- make it so the visitor must click on it to "make it go",
- then it has to play out before you get to the prompting material (for filling out) -- whether directly or via a 'buried' page redirection.
- it would also thus require the user enables flash, which I abhore in most cases, but maybe there is a benefit with this (for handling bots?)
I am not th expert in these things, so I have no under-the-hood clue how these ideas may weigh in.
#21 Re: Modifications (1.4) » Most wanted modifications? » 2009-12-16 02:15:48
- twohawks
@lie, Thanks for commenting.... Yeah, but I didn't perfect or sort it out to the point where it is sharable, and in the middle of the project i had to put it down. Wouldn't want anyone thinking I wouldn't come back and share it. There's so many thing as yet unfinished, eh? lol.
#22 Re: Modifications (1.2) » [BETA-RELEASE] Anti SPAM bot CAPTCHA v2 » 2009-12-16 00:47:43
- twohawks
Question: what's your opinon on potential effectiveness of using time delay in combination with some of these methods?
I.e., say you set up a delay for the captcha/question/etc before it will appear to the user.
And maybe once you pass one, you wait on the next page until the next one prompts you... kind of thing.
You explain to the human being to wait, and why, etc.
It occurred to me because after, say, defeating a bot, the site potentially gets forwarded off to a human being. It seems they get paid per item, and isn't there a time figured in to how it is worth their while? I.e..... if it takes longer than, say, X.Xmins ..wouldn't they dump it and move on?
I could imagine that, as an honest registering person, I would be fairly unconcerned with having to wait a bit as I jump thru some hoops.
#23 Re: Modifications (1.4) » Most wanted modifications? » 2009-12-16 00:09:48
- twohawks
Hi sagar.
- Collapsible Categories
- Assign Users to Multiple Groups with unique permissions
* - Cross-BBS Shared Users (user can join a second bbs setup at/by the same host using same ident, and it can be managed [by admins] in one place... I run a kludge for something like that now)
* - Sharing Forums and/or Topics across BBS's (I am running a kludge for this too)
- Sub-Forums
- Gallery
- Calendar
...a totally customizable platform... oh wait, we already have that ;^)
BTW, I am still running FluxBB 1.2.x. I use other mods as well, but those are critical for us.
My interests in mods are (have been) for facilitating the needs of deployments for 'school/teaching' environments, which have specific needs. FluxBB has been fantastic for us to be able to accomplish complex configuration for running 2 schools under the umbrella of one organization with two "schools/communities" ,
where one school is for educating and certifying potential teachers in the 'core' community,
and the other school is for a broader body of students from the public sector and/or in pre-core membership development,
and the two BBS's are setup for special managed interaction for teachers and students and varying levels of community involvement.
::wow::
..and I am so glad I did not try doing this with one of the other canned BBS packages out there.
#24 Re: General support (1.2) » Updated to PHP 5.3.0 and I get Deprecated Problems » 2009-07-21 23:18:53
- twohawks
Does this help..?
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
Wrap this in a test for PHP version 5.3 because E_DEPRECATED only became available as of 5.3.
"Deprecation notices are now handle via E_DEPRECATED (part of E_ALL) instead of the E_STRICT error level"
http://www.php.net/archive/2009.php
#25 Re: Modifications (1.2) » Create / Share a Topic in More Than One prefixed-Forum » 2009-07-21 22:39:42
- twohawks
You're gonna have quite big queries...
You must mean because we are now querying all the forums on the other BBS, yes?
I don't think so. If I am not mistaken... isn't it true that the only times any forum is queried is "where this user has permissions" to access it in some way?
If true, then it should be no different than, say, adding another native forum.
(refer to section 7 under idea #3)
In the case of when the admin is setting permissions ...this is easily addressed by simply including a list of other BBS' for the admin to select from if he/she so chooses to go there (as opposed to polling them all whenever entering the permissions section).
Also, this still does not solve the problem with, say, user IDs.
Let's assume there are two users with the same ID, but from different boards (pre1 and pre2). Both have permission to post in pre1_forum with ID 1. And they do. How would you know which user you are referring to?
Ah... I am tagging the ID's so they are always unique. And its configured so that any BBS only deals with its native users.
Under "Proposed Requirements" initial list you will note...
"1 function for always pointing users_table calls/references to the native users table"
Take a careful look again at #6 thru #8.
In 8a + 8b I discuss how this should work.
..."parse only group_ids properly encoded to 'thisBBS'".... means as far as any BBS is concerned it is only dealing with its own users, whether in the domestic table or even in cases where they are added into a foreign permissions table (see #6).
I don't (yet) see a flaw in the logic, or maybe it is not explained clearly enough there ...or I am missing something? If you are spotting something there can you be more specific (so I can study it)?
Good to hear from you. Thanks for checking in.