Recent Topics

TY and my private blog hack

Started by on Jun 06, 2007 – Contents updated: Jun 06, 2007

Jun 06, 2007 15:25    

First, let me say thanks to the many brilliant people on here that either helped me resolve a few issues or provided some oh-so-cool plugins or hacks!

I've followed the growing private blog thread with great interest as I wanted the same option for myself. I am dabbling in a blog for friends and family but wanted one section that was somewhat private. The more appropriate description is probably just "not obviously in existence". So after reading everything I could find in the forums and pouring over the docs, I've come up with a hack solution that at least for the moment, appears to be working, for me.

This isn't a plugin, but a hack of 2 skin files. No core files have been changed, and I'm using this on 1.9.3, with a hacked copy of the Crystal Glass skin. I have NOT tested this on any other skins but hopefully it will produce the same results.

First what it does. This will allow the admin to hide a blog from members who are not in the allowed groups. It hides the top link to the blog and does not post entires in that blog on the main page (blog 1). I wanted something I could control blog access by group, not by individual member permissions. It's important to note that all posts to the hidden blog must be with the Visibility / Sharing set to Protected (Members only). This hides the posts from non-members.

Rather than getting into the thick of the Categories plugin that creates the right side menu, I simply chose to never display the "hidden" blog in the right side menu by de-selecting the "Display public blog list:" option in the Display Tab of the backend. This works for me, and yet allows the right side menu to display for the hidden blog when allowed members go there.

First we hack the _bloglist.php file allowing the hidden blog to have a link at the top of the page for allowed group members, but not for anyone else. Currently, only the blog 1 link shows at the top to anyone not logged in. The right side links are still there however. I hope to fix this eventually when I get time.

Find the following in this file:


for( $curr_blog_ID = blog_list_start();
         $curr_blog_ID != false;
         $curr_blog_ID = blog_list_next() )
{
	// if this blog link is to not be shown at all skip it
	if( !blog_list_iteminfo( 'in_bloglist', false ) )
	{ // don't show
		continue;
	}
	$blog_link = $blog_item_start;

Immediately after insert the following:


	// NEW CODE FOR HIDING BLOGS - sch  05.30.2007
	// query database for records where the current blog, the current user's group, and access permission all match
	// IMPORTANT - the result of this query is also used in  "_main.php"  - any changes made here will affect that!
	$DB->get_row( "SELECT bloggroup_ismember FROM T_coll_group_perms WHERE bloggroup_blog_ID = '".$curr_blog_ID."' AND bloggroup_group_ID = '".$current_User->group_ID."' AND bloggroup_ismember = '1'", $output = ARRAY_A);
	// how many records did we find?  if none, the user does not have permission to access this blog
	$row_num[$curr_blog_ID] = $DB->num_rows;
	// END HIDING BLOGS

Next find the following:


	else
	{ // This is another blog:
		$blog_link .= '<a href="';
		$blog_link .= blog_list_iteminfo('blogurl', false);
		$blog_link .= '" class="'.$blog_other_link_class.'" title="';
		$blog_link .= format_to_output( blog_list_iteminfo($blog_title_param, false), 'htmlattr' );
		$blog_link .= '">';
		$blog_link .= $blog_other_name_before;
		$blog_link .= format_to_output( blog_list_iteminfo($blog_name_param, false), 'htmlbody' );
		$blog_link .= $blog_other_name_after;
		$blog_link .= '</a>';
	} // End of testing which blog is being displayed

And insert these lines as shown:


	else
	{ // This is another blog:
		//
		// NEW CODE FOR HIDING BLOGS - sch  05.30.2007
		// if current user is not a member of this blog skip it
		// this means guests see no links!
		if($row_num[$curr_blog_ID] < '1')
		{
			continue;
		}
		// END HIDING BLOGS
		//
		$blog_link .= '<a href="';
		$blog_link .= blog_list_iteminfo('blogurl', false);
		$blog_link .= '" class="'.$blog_other_link_class.'" title="';
		$blog_link .= format_to_output( blog_list_iteminfo($blog_title_param, false), 'htmlattr' );
		$blog_link .= '">';
		$blog_link .= $blog_other_name_before;
		$blog_link .= format_to_output( blog_list_iteminfo($blog_name_param, false), 'htmlbody' );
		$blog_link .= $blog_other_name_after;
		$blog_link .= '</a>';
	} // End of testing which blog is being displayed

Second step, hack the _main.php file to disallow all posts in the hidden blog from being seen on blog 1 by those who are not in the allowed groups.

Find the following in this file:


<?php // ------------------------ START OF POSTS LOOP --------------------------
if( isset($MainList) ) $MainList->display_if_empty(); // Display message if no post
if( isset($MainList) ) while( $Item = & $MainList->get_item() ) {

Immediately after insert the following:


	/*
	PROGRAMMING NOTE !!!!
	the database call is performed only once per blog in the skin file  "_bloglist.php"  and stored as $row_num[x]
	which is used in the following evaluation - sch  05.30.2007
	*/
	if(is_logged_in() and $row_num[$Item->blog_ID] < '1') // user is not allowed access to this blog :: logged in AND no records found
	{
		continue;
	}

That's it! Hope this makes sense to everyone and you can follow my logic in spite of the poor description of how it works. I'm now thinking of a possible plugin that would use a separate table for tracking group permissions as they relate to each blog, but time is my worst enemy so that will have to wait a while.


Form is loading...

Build your own website! – This forum is powered by b2evolution CMS, a complete engine for your website.