Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 05-20-2002, 11:22 AM
Admin's Avatar
Admin Admin is offline
Coder
 
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is the weirdest issue, I have no idea...
Reply With Quote
  #12  
Old 05-21-2002, 01:57 PM
Jawelin Jawelin is offline
 
Join Date: Nov 2001
Posts: 557
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Please, try and give a look if u have time.
I would manage to understand whether a group (and its members) has access to a forum analyzing only the DB....
Thanks
Reply With Quote
  #13  
Old 05-29-2002, 08:40 AM
Jawelin Jawelin is offline
 
Join Date: Nov 2001
Posts: 557
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by FireFly
This is the weirdest issue, I have no idea...
:cry: BUMP
Reply With Quote
  #14  
Old 05-29-2002, 09:21 AM
Logician's Avatar
Logician Logician is offline
 
Join Date: Nov 2001
Location: inside vb code
Posts: 4,449
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I neither check the code extensively, nor tested it, but at first glance, doesnt that seem wrong to you:

PHP Code:
        $perms[$id]=getpermissions($forum2test,0,$id);
        
$k=$perms[$id];
        if (
$k[canview]) 

What about using this instead:

PHP Code:
        $k=getpermissions($forum2test,0,$id);

        if (
$k[canview]) 
this should work..

Logician
Reply With Quote
  #15  
Old 05-29-2002, 09:47 AM
Jawelin Jawelin is offline
 
Join Date: Nov 2001
Posts: 557
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yes, of course...
Simply I used that array to obtain PER GROUP permission scheme.

Btw, there's a strange cache staying in memory every time I call the getpermission() function that make it returns strange and wrong results, depending on the order I check groups, for example, or users themselves...

That's the point of this thread and I can't get on...
;(

Thank you very much.
Bye
Reply With Quote
  #16  
Old 05-29-2002, 10:13 AM
Admin's Avatar
Admin Admin is offline
Coder
 
Join Date: Oct 2023
Location: Server
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by Logician
I neither check the code extensively, nor tested it, but at first glance, doesnt that seem wrong to you:

What about using this instead:

this should work..

Logician
It doesn't really matter, he was just using the $perms array to store informatin for each usergroup, so he used it as an intermediate variable.
Reply With Quote
  #17  
Old 05-31-2002, 09:43 AM
Jawelin Jawelin is offline
 
Join Date: Nov 2001
Posts: 557
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I GOT IT !!!
:laugh: :laugh: :laugh:

Finally I managed to create a almost simple algorithm to perform a search of all users having access to a given forum, at any level (usergroup/forumpermission/accessmask), with the right priority order, I think.

Chen, as it's an extension of your hack "List users by access masks", if you agree, I would post my 'version' following that thread, or as a new thread as 3rd party addon to your version ??

Here are the simple starting thesis:[list=1][*]All usergroups have default 'usergroup.canview=[0/1]' access to each forum, unless different specification somewhere else. Table 'usergroup'; lowest priority.[*]Search for group-forum crossed permissions in 'forumpermission' table. First for forum parent items, later (w/ major priority) child forums. Different forumpermission.canview=[0/1]' specification than the previous default could revert it for that usergroup; medium priority.[*]As a result, I'll obtain all the usergroups with canview access [0/1] to the desired forum.[*]Exploding users for these groups, now I have all the users with group-level rights.[*]Now I can check per-user based auths, checking the 'access' table. Based upon the status of 'access.canview=[0/1]' for each user, I can remove or add that user to the previous list. Highest security priority.[*]Finally I have the complete (unordered, but isn't a problem for sql IN statement) list of users having (or not) access to that particular forum.[/list=1]

This way, with ONLY four (4) queries (even they could be reduced with some nice LEFT JOIN, but wouldn't overload my algorithm complexity at this time... if someone... ), I should have taken care of any security items in the VBulletin scheme.

This version works only for two-level categories, but I think an easy extension could be done for recursive multi-level approach.
Iteration is human, recursion is divine...

Hope this will work.
Thank you.
Bye
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:17 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05832 seconds
  • Memory Usage 2,226KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (7)post_thanks_box
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete