Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
  #1  
Old 07-26-2004, 07:48 PM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Edit own profile set to no.

Was forwarded here from the vB.com site See thread here
When the "Edit own profile" is set to no in the user group settings and a user that is in this group wants to reset their password they are not able to because the Edit own profile is set to no. Is there any way to change this as I can't allow my users to make changes to there profiles since its in an intranet environment but must allow them to be able to change there passwords.

Anyone know of an easy way to keep the profiles locked down but still allow the user to change/manage their own password?
Reply With Quote
  #2  
Old 07-26-2004, 08:17 PM
Colin F's Avatar
Colin F Colin F is offline
 
Join Date: Jul 2004
Location: Switzerland
Posts: 1,551
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by upnorth
Was forwarded here from the vB.com site See thread here
When the "Edit own profile" is set to no in the user group settings and a user that is in this group wants to reset their password they are not able to because the Edit own profile is set to no. Is there any way to change this as I can't allow my users to make changes to there profiles since its in an intranet environment but must allow them to be able to change there passwords.

Anyone know of an easy way to keep the profiles locked down but still allow the user to change/manage their own password?
I don't really have time to check this out, but it might have something to do with this:

Code:
if (!($permissions['forumpermissions'] & CANVIEW))
{
	print_no_permission();
}
try changing that to:

Code:
if ($_REQUEST['do'] != 'editpassword' AND $_POST['do'] != 'updatepassword')
{
if (!($permissions['forumpermissions'] & CANVIEW))
{
	print_no_permission();
}
}

Then give them a direct link to profile.php?$session[sessionurl]do=editpassword

Be aware that they might also be able to change there email from that form...
Reply With Quote
  #3  
Old 07-27-2004, 03:23 AM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks Colin. Can you tell me what template this change needs to be on?
Reply With Quote
  #4  
Old 07-27-2004, 06:28 AM
Colin F's Avatar
Colin F Colin F is offline
 
Join Date: Jul 2004
Location: Switzerland
Posts: 1,551
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

oh of course, sorry

It's a file change, you'll have to open your profile.php in your favourite php/code editor and do what I said above.
Reply With Quote
  #5  
Old 07-27-2004, 05:06 PM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Do you think it would be just as easy to go through the templates and remove the sections that I don't want the user to be able to change and leave the rest?

If I remove the parts I don't want the users to change from the templates will this break the form...ie when the user hits the submit buttom are portions of the code I want to remove needed to fullfill the submit? hope that makes sense.

example would be for the change password /email page has a section to change the password and a section to change the email address. I don't want to allow them to change there address as its a non-standard format that needs to be kept so that it works on our intranet. If I just remove this section from the template do you think the rest will work?
Reply With Quote
  #6  
Old 07-27-2004, 05:40 PM
Colin F's Avatar
Colin F Colin F is offline
 
Join Date: Jul 2004
Location: Switzerland
Posts: 1,551
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I assume you could just remove the email part. That would leave it as if it were empty, which works.
Reply With Quote
  #7  
Old 07-27-2004, 05:49 PM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

great. I'll give it a try and see if it works.
Reply With Quote
  #8  
Old 08-09-2004, 08:30 PM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Tried the following in the "modifypassword" template:
Code:
<script type="text/javascript" src="clientscript/vbulletin_md5.js"></script>
<script type="text/javascript">
function hash_passwords(currentpassword, currentpassword_md5, newpassword, newpassword_md5, newpasswordconfirm, newpasswordconfirm_md5)
{
	md5hash(currentpassword, currentpassword_md5);
	// do various checks
	if (newpassword.value != '')
	{
		md5hash(newpassword, newpassword_md5);
	}
	if (newpasswordconfirm.value != '')
	{
		md5hash(newpasswordconfirm, newpasswordconfirm_md5);
	}
}
</script>

<form action="profile.php" method="post" onsubmit="hash_passwords(currentpassword, currentpassword_md5, newpassword, newpassword_md5, newpasswordconfirm, newpasswordconfirm_md5)">
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="do" value="updatepassword" />
<input type="hidden" name="currentpassword_md5" />
<input type="hidden" name="newpassword_md5" />
<input type="hidden" name="newpasswordconfirm_md5" />

<table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">
<tr>
	<td class="tcat">$vbphrase[edit_email_and_password]</td>
</tr>

<tr>
	<td class="panelsurround" align="center">
	<div class="panel">
		<div style="width:$stylevar[formwidth_usercp]" align="$stylevar[left]">
		
		<if condition="$show['passwordexpired']">
			<div class="smallfont">
				<strong>$vbphrase[current_password_expired]</strong>
			</div>
		</if>
		
		<div class="fieldset">
			<div>$vbphrase[enter_password_to_continue]:</div>
			<div><input type="password" class="bginput" name="currentpassword" size="50" maxlength="50" /></div>
		</div>
		
		<fieldset class="fieldset">
			<legend>$vbphrase[edit_password]<if condition="$show['password_optional']"> ($vbphrase[optional])</if></legend>
			<table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">
			<tr>
				<td>
					<div>$vbphrase[new_password]:</div>
					<div><input type="password" class="bginput" name="newpassword" size="50" maxlength="50" /></div>
				</td>
			</tr>
			<tr>
				<td>
					<div>$vbphrase[confirm_new_password]:</div>
					<div><input type="password" class="bginput" name="newpasswordconfirm" size="50" maxlength="50" /></div>
				</td>
			</tr>
			</table>
		</fieldset>
<!-- Fred Removed -->
<!--		
		<fieldset class="fieldset">
			<legend>$vbphrase[edit_email_address] ($vbphrase[optional])</legend>
			<table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">
			<tr>
				<td>
					<div>$vbphrase[new_email_address]:</div>
					<div><input type="text" class="bginput" name="email" value="$bbuserinfo[email]" size="50" maxlength="50" /></div>
				</td>
			</tr>
			<tr>
				<td>
					<div>$vbphrase[confirm_new_email_address]:</div>
					<div><input type="text" class="bginput" name="emailconfirm" value="$bbuserinfo[email]" size="50" maxlength="50" /></div>
				</td>
			</tr>
			</table>
		</fieldset>
-->
<!-- / Fred Removed -->
		</div>
	</div>
	
	<div style="margin-top:$stylevar[cellpadding]px">
		<input type="submit" class="button" value="$vbphrase[save_changes]" accesskey="s" />
		<input type="reset" class="button" value="$vbphrase[reset_fields]" accesskey="r" />
	</div>
	</td>
</tr>
</table>

</form>
But when a user goes to change there password, once they hit the submit button they get the following window pop up saying
"You have not completed all of the required fields: username, password, and email address."

Any ideas how to fix this? Instead of removing this portion of code is there anyway to make the email text boxs etc disabled so that the user see them but can't change the contents inside of them?

I guess if I could find out where this page is being validated I could remove the email part but not sure where this would be done?
Reply With Quote
  #9  
Old 08-10-2004, 02:52 PM
upnorth upnorth is offline
 
Join Date: Jul 2003
Posts: 81
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Found a solution to this. Add readonly to the input box's keeps the user from changing the default info in the box and you won't get any errors when the page is submitted.
Code:
<!-- Fred Removed -->
	
		<fieldset class="fieldset">
			<legend>$vbphrase[edit_email_address] ($vbphrase[optional])</legend>
			<table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">
			<tr>
				<td>
					<div>$vbphrase[new_email_address]:</div>
					<div><input readonly type="text" class="bginput" name="email" value="$bbuserinfo[email]" size="50" maxlength="50" /></div>
				</td>
			</tr>
			<tr>
				<td>
					<div>$vbphrase[confirm_new_email_address]:</div>
					<div><input readonly  type="text" class="bginput" name="emailconfirm" value="$bbuserinfo[email]" size="50" maxlength="50" /></div>
				</td>
			</tr>
			</table>
		</fieldset>

<!-- / Fred Removed -->
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:30 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04560 seconds
  • Memory Usage 2,249KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete