Allow Limited Usergroup Changes Through ModCP

09 July 2005 UPDATE: Changegroup.php reworked for security

Thanks to boy genius KirbyDE this file has been reworked to secure that users who aren't already in your selected groups cannot be changed by your mods (with a check on attempted overrides).

To update, simply upload the new changegroup.php file in the zip to your /modcp/ directory. No other changes/modifications need to be made.

Please post if there are any problems!

######################################

08 May 2004 UPDATE: Modified file for error reported in post #16

Please download the new file and replace the old one with it. Post if there are any problems!

######################################

Hi all!

Here is the deal with this hack. We have usergroups set up with various permissions, mostly based on limiting their functions if they abuse their rights as a member (limiting them from certain forums, putting them under moderation, etc...).

Our mods need to be able to move our members into (and out of) these restricted groups rather than banning them, but at the same time, they should not be able to move members into (or out of) the mod, admin, waiting for confirmation groups, etc...

NOTE: Banned Groups are NOT touched in this hack -- this is for all groups OTHER than those addressed by the banning function as I wanted to keep that seperate!


What this hack does:

• Add a token to each usergroup that the admin can set to say 'yes' or 'no' that the mods can move users into and out of the group.
• Adds a token on the mod permissions level -- super mods can change allowable groups by default, and regular mods can only make these changes if you assign it on a mod by mod basis.
• Adds the functionality to the ModCP for the mods to make the changes.

Changes that need to be made:

Phrases to add: 5

PHP file edits:

• admincp/usergroup.php (1 change)
• admincp/moderator.php (1 change)
• includes/init.php (2 changes)
• modcp/user.php (4 changes)

New PHP file:

• changegroup.php (attached in this zip -- upload to your modcp folder)

Included in this zip:

• Modification .txt file
• changegroup.php
• Screenies!

The screen shots below are of the ACP -- adding the tokens to the Usergroup and giving permissions to the mods.

Enjoy, and as always, if anyone has any constructive feedback, or needs any help, post away.

[Christine]

And here are the ModCP screen shots -- this is what the Mod will see when they go to edit the users' usergroups:

[Chris M]

Nice idea for a hack!

Satan

[Christine]

Thanks!

Our team LOVES this. I wrote it back for 2.0.6 but never released it through the upgrades because it was really messy -- I was lazy and hardcoded the usergroupids directly into the php file. Heh.

[Limitter]

Christine
by change from Group come an error

/modcp/changing.php

????

thx

L.

[Christine]

Hi Limitter,

I put the test php file in the zip by mistake. Thank you for finding that!!

I have reuploaded it -- please let me know if you have any problems!

[Allan]

Nice idea Christine , thanks you

[Limitter]

Yes Christine,

thx for your Support and Thx for the Hack my team is Happy

*install*

Limitter

[OGT]

From 'mods change usergroups.txt'

Quote:

Replace with:

if (!can_moderate(0, 'canunbanusers') AND !can_moderate(0, 'canunbanusers') AND !can_moderate(0, 'canmodify') AND !can_moderate(0, 'canviewprofile') AND !can_moderate(0, 'caneditsigs') AND !can_moderate(0, 'caneditavatar'))

should the bold text read

PHP Code:

!can_moderate(0, 'canbanusers') 


if not, should it be removed from the if?

Great hack BTW!

[sifuhall]

Thanks for the wonderful hack!