Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Support
  3. General Support
  4. How to prevent changes to Access parameters

How to prevent changes to Access parameters

1 Sep 19, 2005 06:51    

I was trying the software when I checked the option "Default blog on index.php". Then I noticed my main page was not there but the blog was. I changed it back to "Other blog through index.php" but it did not work. I finally figured out how to undo it (in the general settings).

My question: Is it possible to prevent the average user from changing the "Access parameters" settings in their blogs? (I have multiple blogs running and the user level is set to 5)

I would appreciate any cent added to the jar :D

Back to top

2 Sep 19, 2005 07:36

I bumped into a very similar problem, and have a crappy hack for it. Basically I wrap the radio buttons in a hidden undisplayed div. Your average blogger out there won't figure it out, but the occasional source-happy fiend will be able to see what's hidden. Also someone using a browser that doesn't dig on css, or chooses to disable it, will see the buttons. Drag, but it's the best I could do.

THAT'S A REQUEST FOR HELP Y'ALL!!! FIX THIS CHEAP LOW-RENT HACK!!!

I did this in v12 and haven't tested it in dawn yet. So far all I can say about dawn is that this hack doesn't cause it to crash. I have NOT actually put it to functional use. Anyway open admin/_blogs_general.form.php (and thrill at double dotted file names) and change the fieldset for "Access parameters" kinda like this:

	<fieldset>
		<legend><?php echo T_('Access parameters') ?></legend>
blah blah and very technical blah
	</fieldset>
				
	<fieldset>
		<legend><?php echo T_('Default display options') ?></legend>


Becomes: 

<?php if( $current_User->Group->get('ID') == 1 ) { ?>
	<fieldset>
		all the blah blah for a normal situation...
	</fieldset>
<?php } else { ?>
<div class="hide_hack">
all the stuff for the "form_radio" function up to where it says "T_('Preferred access type'), true );"
		?>
</div>
<input type="hidden" name="blog_siteurl" value="<?php echo format_to_output($blog_siteurl, 'formvalue') ?>" />
<input type="hidden" name="blog_stub" value="<?php echo $blog_stub ?>" />
<input type="hidden" name="blog_default_skin" value="<?php echo $blog_default_skin ?>" />
<?php $new_blog_force_skin = 1-$blog_force_skin; ?>
<input type="hidden" name="blog_force_skin" value="<?php echo $new_blog_force_skin ?>" />
<input type="hidden" name="blog_disp_bloglist" value="<?php echo $blog_disp_bloglist ?>" />
<input type="hidden" name="blog_in_bloglist" value="<?php echo $blog_in_bloglist ?>" />
<input type="hidden" name="blog_linkblog" value="<?php echo $blog_linkblog ?>" />

<?php } ?>

	<fieldset>
		<legend><?php echo T_('Description') ?></legend>

That's an abbreviation, which I figured was fair enough since I know it's a crappy hack. By the way the "hide_hack" class is defined in admin/desert.css this way: 

.hide_hack {
visibility: hidden;
display: none;
height: 0px;
}


It's really lame but it's all I know.

IF ANYONE CAN FIGURE OUT HOW TO MAKE A HIDDEN INPUT OUT OF THE RADIO BUTTON THING AND IS WILLING TO SHARE IT PLEASE JUMP RIGHT IN!!!

The problem is you have to have a value submitted with the form for each of the fields in the form. For most of them it's easy to create a hidden input in which you simply use the current value as the submitted value. I have no clue how to work through the radio buttons though, so I had to do this cheap "hide it from the monitor" thing.

For the record, my example here limits it to the admin group. You can, with minor modification, limit it to a specific group or a specific user or a specificied user level. I went with group just cuz.

Back to top


Form is loading...