Recent Topics

1.6 allows random surfers to email commenters???

Thread started by , Sat Dec 17, 2005 07:58 – Last touched: Sat Dec 17, 2005 07:58
Started by , 12/17/05

Dec 17, 2005 07:58    

Sorry, but that bugs me to no end. The code works fine and all that, but it's unsufferable. I will be hacking that out immediately!

Comment from:

For anyone else who thinks this violates the idea that the email will never be shared (which to me it implies the ability to email will not exist) here's how you hack it out. In your skins/_feedback.php file find this:

Code

$Comment->author();
            $Comment->msgform_link( $Blog->get('msgformurl') );
            $Comment->author_url( '', ' · ', '' );

Now replace it with this:

Code

$Comment->author();
            if( is_logged_in() ) {
              $Comment->msgform_link( $Blog->get('msgformurl') );
              }
            $Comment->author_url( '', ' · ', '' );

It is possible your skin has the guts of skins/_feedback.php inside the skins/skinname/_feedback.php file. If so you'll have to hack the _feedback.php file that has that particular bit in it. In this case it came from the 'custom' skin since I haven't tweaked my skins to live in the phoenix world.

12/17/05 @ 08:06

Comment from:

Here I go replying to my own thread AGAIN, but it seems to me the whole idea of an email link on posts and comments is an invitation to spammers. Isn't it reasonable for a spammer to decide to send spam by automatically hitting the message form email thing? I could be VERY wrong, but it seems to me that's a big giant hole, especially when you consider a comment that includes "pantyhose" won't get through the antispam filter.

Okay I'll stop now. I like this blog app and will continue to use it, but gee whiz: allowing visitorB to harass visitorA via email through my web is just horrible. It's even worse if the whole idea of an email form opens a brand new venue for spammers to harass bloggers.

12/17/05 @ 08:19

Comment from:

I agree that the emails should be avaliable to everyone.
But mayb include a user option called 'Only show my email to registered users' and then skins go:

Code

//in author
function Email(){
if($this->ShowEveryoneMyEmail)
  return $this->Email;
else
  if($GLOBALS['USER']->IsLoggedIn())
   return $this->Email;
}
 
//in skin
$Email = $Author->Email();
if($Email != '')
echo 'Users\'s Email is: '.$Email;

Well thats how i would do it.

Also you would need to implement this into the Who's Online panel ;)[/code]

12/17/05 @ 10:38

Comment from:

I'm liking the "$this->ShowEveryoneMyEmail" idea, and thanks for pointing out the problem also exists in the who's online block. I was thinking I would build a bobobox for myself, but a blogger checkbox seems like a good default situation.

It occurs to me that my simple solution above wouldn't be enough to protect commenters if it was a default feature because spammers would then know to register and login and start sending spam-mail to all commenters. Therefore my little hack should be something like "if is_logged_in and is_member_of_blog then do message_form".

As soon as there is an official release of the phoenix generation I'm afraid the spammers will be all over these new features.

12/17/05 @ 19:39

Comment from:

Well like you said in a previous post, sif spammers would be bothered to go after the small things, only the defaults or popular ;)

OMG, thanks for pointing out that is_member thing, found a flaw in login to comment thing.
It's meant to be so the user must be a member to post a comment but i was just doing is_logged_in ;)

12/17/05 @ 20:06

Comment from:

Where is the code for this for the Who's Online instance, and what would the new code be?

Also here

Code

$Item->msgform_link( $Blog->get('msgformurl') );

is the code for the post instance in the "custom" skin.

What would the proper code for it be?

They need a "hacker wish he was" emoticon.

12/19/05 @ 00:18

Comment from:

Hmmm who ever decides to add this feature (or fix this bug), is going to have alot of work on their hands ;)

Mrdav, do you want the code to remove the email link from whos online now?
Or was that a suggestion?

PS. (I like your :hackerwannabe: recomendation ;) )

12/19/05 @ 00:23

Comment from:

For the who's online change the call from:

Code

$Sessions->display_onliners();

To:

Code

if( is_logged_in() ) {
$Sessions->display_onliners();
}else{
$Sessions->display_online_users('<ul class="onlineUsers">', '</ul>', '<li class="onlineUser">$user_preferredname$</li>' );
$Sessions->display_online_guests();
}

Should work

For the post instance change:

Code

$Item->msgform_link( $Blog->get('msgformurl') );

To:

Code

if( is_logged_in() ) {
$Item->msgform_link( $Blog->get('msgformurl') );
}

Edit:
Also for your blog shouldnt the sidebar/sideitems/panels/panelcolumn (whatever you call em) have a white bg just like the posts......
Would look better i think...

Another Edit:
If you viewed this post before it's original post time +5minutes the code was wrong.

12/19/05 @ 00:44

Comment from:

Thanks, works great.

Well, it took me quite awhile to get it this good, and you know how it is trying to get major appearance changes by the committee.

;)

Now, maybe if I could get my grubby fingers on a...oh...let's say 'lightality' skin, you probably wouldn't recognize it after a week, and would probably ask for it back.

:lol:

12/19/05 @ 01:00

Comment from:

Well yes we do need to make this an option... It's in the todo list...

12/28/05 @ 15:22

Comment from:

sorry guys to bring this old file back, but it seem the v1.8.2 has diferent file structure. I looked everywhere for a few hours, but I can't get it worked out. I have the 'plain' skin.

This is what I really like about these functions above:

1)- the choice to put the little envelop either in the 'who's there' or below the post, or both, or none.

2)- Only approved and active member users can see it.

I know there is a function on Serenity, but with it its all or nothing :'(

What a hack it would be !! (If only would know how....)

thank you

10/28/06 @ 19:55

Comment from:

Open up /blogs/inc/MODEL/users/_user.class.php

add the following to line 900;

Code

if( !is_logged_in() )
    {  // The user is not logged in
      return false;
    }

so you should end up with something that looks like

Code

function get_msgform_link( $form_url = NULL, $before = ' ', $after = ' ', $text = '#', $title = '#', $class = '' )
  {
    if( !is_logged_in() )
    {  // The user is not logged in
      return false;
    }
    if( empty($this->email) )
    { // We have no email for this User :(
      return false;
    }

Edit: fixed a typo in the 2nd code sample above

Also, for the 'where to display the email button (the envelop)' thats a skin thing, so would be a bit different for each skin, so head over the the Docs/Manual on this site and check out the modding up your skins stuff, should be some stuff there to help you out.

10/28/06 @ 20:07

Comment from:

Thank you Guru balupton :D

'ts working quite nicely.

Howerver........(s'gonna be one innit)
....it's the opposite I wanted to do:

Allow users to see the post mail only when they are logged in (whenever that is), and show my mail envelop (on 'who'se there) - to anyone - whenever I'm there (of course :roll: )

right now, with the code above, the mail below post (the post instance) can be seen at all time.

It's a way forward though

Thank you ! (+for the clue on skin impl.)[/url]

10/28/06 @ 21:06

Comment from:

Ok just to clarify, you only want to see the mail button, when the current user is logged in, OR when it's your mail button they want to see.

10/28/06 @ 21:21

Comment from:

here's alink to my blog if you want to have a look:

[url=http://www.biblebureau.com/biblemistranslations] HERE [/url]

On reflection, it doesn't actually look much different than before?

and that's how my file looks like:

* Template helper function: Get a link to a message form for this user.
*
* @param string url of the message form
* @param string to display before link
* @param string to display after link
* @param string link text
* @param string link title
* @param string class name
*/
function get_msgform_link( $form_url = NULL, $before = ' ', $after = ' ', $text = '#', $title = '#', $class = '' )
{
if( !is_logged_in() )
{ // The user is not logged in
return false;
}
if( empty($this->email) )
{ // We have no email for this User :(
return false;
}
if( empty($this->allow_msgform) )
{
return false;
}

if( is_null($form_url) )
{
global $Blog;
$form_url = isset($Blog) ? $Blog->get('msgformurl') : '';
}

10/28/06 @ 21:48

Comment from:

We're talking 1.8.2 now right?

I think the previous poster wants others to see the author's envelope when the viewer is logged in. That way only logged in people will be able to contact an author. In addition, the who's online block should show who's online to all visitors assuming the registered blogger is online and has elected to show that stuff in their profile.

Unless we're not talking 1.8.2!

10/28/06 @ 21:49

Comment from:

Ok so going with you only want to display the contact buttons if [the user is logged in or if its your contact button] then it would be;

Code

if( !is_logged_in && ( $this->id != 1 || !isset($GLOBALS['Sessions']->_registered_Users[1]) ) )
    {  // The current user is not logged in
      // AND
      // ( We are not getting the admins email button
      //    OR the admin is not online )
      // THEN kill the function
      return false;
    }

edit: just read the post below, updating now

edit 2: try that

10/28/06 @ 21:52

Comment from:

EdB is right.

only registered can email me anytime, but visitors only when I'm online

(edit: when I'm online, that is still only through the 'who's online' function, unless logged in of course)

to make it simple:
- I'm there. all can see my email through the 'who's there function + those logged in also through posts
- I'm not there: only those logged in still see my email by the post

10/28/06 @ 21:53

Comment from:

replace, so you end up with;

Code

function get_msgform_link( $form_url = NULL, $before = ' ', $after = ' ', $text = '#', $title = '#', $class = '' )
   {
if( !is_logged_in && ( $this->id != 1 || !isset($GLOBALS['Sessions']->_registered_Users[1]) ) )
      {   // The current user is not logged in
         // AND
         // ( We are not getting the admins email button
         //    OR the admin is not online )
         // THEN kill the function
         return false;
      }
      if( empty($this->email) )
      { // We have no email for this User :(
         return false;
      }
10/28/06 @ 22:05

Comment from:

that what I've got done:

* @param string class name
*/
function get_msgform_link( $form_url = NULL, $before = ' ', $after = ' ', $text = '#', $title = '#', $class = '' )
{if( !is_logged_in && ( $this->id != 1 || !isset($GLOBALS['Sessions']->_registered_Users[1]) ) )
{ // The current user is not logged in
// AND
// ( We are not getting the admins email button
// OR the admin is not online )
// THEN kill the function
return false;
}
if( empty($this->email) )
{ // We have no email for this User :(
return false;
}
if( empty($this->allow_msgform) )
{
return false;
}

if( is_null($form_url) )
{
global $Blog;
$form_url = isset($Blog) ? $Blog->get('msgformurl') : '';

10/28/06 @ 22:15

Comment from:

Change the if to;

Code

if( !is_logged_in && !isset($GLOBALS['Sessions']->_registered_Users[$this->id]) )
{ return false; }

That will do exactly what you wanted... If they are not logged in, and the user who's message button we want to show is not online then don't display the message button.

10/29/06 @ 08:44

Comment from:

Do done, but no joy !

I tried this

Code

function get_msgform_link( $form_url = NULL, $before = ' ', $after = ' ', $text = '#', $title = '#', $class = '' )
{
if( !is_logged_in && !isset($GLOBALS['Sessions']->_registered_Users[$this->id]) )
{ return false; }
    if( empty($this->email) )
    { // We have no email for this User :(

AND

also this

Code

function get_msgform_link( $form_url = NULL, $before = ' ', $after = ' ', $text = '#', $title = '#', $class = '' )
{
if( !is_logged_in && !isset($GLOBALS['Sessions']->_registered_Users[$this->id]) )
      {   // The current user is not logged in
         // AND
         // ( We are not getting the admins email button
         //    OR the admin is not online )
         // THEN kill the function
         return false;
      }
    if( empty($this->email) )
    { // We have no email for this User :(

but no visible result.

maybe, instead of trying to get rid of the post email button itself, it can just be disabled as if there was no email, like the code that follows.

like: if not logged in: email empty

thank you

10/30/06 @ 04:22

Comment from:

:lol: HHHHHHHHHHeehhhhhhhhhha !!!!! :lol:

Solved !

either I missed that bit somewhere, or you/I forgot to mention, but I also needed to add this code on _main.php:

Code

if( is_logged_in() ) {
$Item->msgform_link( $Blog->get('msgformurl') );
}

as you suggested earlier to mrdav.

It now works like a baby.

=> Thank you for your hard work

10/30/06 @ 11:03
multiblog engine – This forum is powered by b2evolution CMS, a complete engine for your website.