1
zANavAShi
Suggestions for implementing site access....
  • 2005/5/8 7:17

  • zANavAShi

  • Just popping in

  • Posts: 28

  • Since: 2005/5/6 5


Hiya peeps, I'm just about to embark upon my first XOOPS website. It is a local community website which has been online for about 6 years, written in vanilla HTML, and mostly consists of members content and newsletter archives.

The site has a few pages that are open to the public with information about the club and the rest of it is members-only access, on a sub-domain with access via ht password protection on the directory which contains the sub-domain.

The private area is only available to local members who have paid their annual club fees and I do not want this to be managed from the front end of the site where users can "sign up to register".

I am wanting to implement it somehow that all users (members) must be set up manually by the site admin (currently myself) and with the members name (no nicknames, just real life names) and the club treasurer issues them a new password each year when they have renewed their club fees.

Members accounts that do not renew their fees by the annual date I would want to be able to suspend access, but not actually delete them, because the membership fluctuates each year and some members return after a year or two absence.

Can I remove the public registration access from the site and set it that unpaid members who try to log into suspended accounts would recieve a message to say that their account has been deactivated because they are not a financial member of the club?

The other factor here is that I am only planning to manage this site for another year and so whatever I put in place at this stage of the development would have to be a no-brainer to hand over to whoever takes over from me.

Are their any modules for this kind of thing, or have any XOOPS users here set up anything similar to this and how did they manage it from an access management point-of-view?

I'm interested to hear your ideas and experiences.

Cheers
Z

2
LazyBadger
Re: Suggestions for implementing site access....

Quote:

I am wanting to implement it somehow that all users (members) must be set up manually by the site admin (currently myself) and with the members name (no nicknames, just real life names) and the club treasurer issues them a new password each year when they have renewed their club fees.

Members accounts that do not renew their fees by the annual date I would want to be able to suspend access, but not actually delete them, because the membership fluctuates each year and some members return after a year or two absence.

Can I remove the public registration access from the site and set it that unpaid members who try to log into suspended accounts would recieve a message to say that their account has been deactivated because they are not a financial member of the club?

Yes, you can remove all registrations possibilities from site (modify login block template, kill register.php for preventing direct access), but I think more "XOOOPS-way" methodology will be more easy and manageable. I.e you had to have (in first dirty iteration) 3 groups of users
- Anonymous unregistered (which have access to public module's pages only)
- Registered Free Members (with same as above rights)
- Payed Membership (with full access)

In this case, yearly management will decrease to movement members between 2 and 3 groups, without changing passwords, using htaccess etc. Or, maybe, add one more group for "suspended" members, for which you'll create custom HTML-block (visible only to which group), i which you explain, why restrictions applied... and move club members between 3<->4 groups

3
zANavAShi
Re: Suggestions for implementing site access....
  • 2005/5/8 13:18

  • zANavAShi

  • Just popping in

  • Posts: 28

  • Since: 2005/5/6 5


Quote:

LazyBadger wrote:

Yes, you can remove all registrations possibilities from site (modify login block template, kill register.php for preventing direct access), but I think more "XOOOPS-way" methodology will be more easy and manageable. I.e you had to have (in first dirty iteration) 3 groups of users
- Anonymous unregistered (which have access to public module's pages only)
- Registered Free Members (with same as above rights)
- Payed Membership (with full access)

In this case, yearly management will decrease to movement members between 2 and 3 groups, without changing passwords, using htaccess etc. Or, maybe, add one more group for "suspended" members, for which you'll create custom HTML-block (visible only to which group), i which you explain, why restrictions applied... and move club members between 3<->4 groups

Good scheme jelly bean! Thanks for your input LazyBadger. I just created an extra user group as your suggested called "Expired Members" and gave it the same access permissions as a "Guest User" so they cannot view anything in the private area. This will be a piece of cake to manage by changing group status.

I didn't want to go deleting any pages from the site since I am still new and not confident yet with the things I can and cannot pull to pieces. I did however make backup copies of login templates and edited out the text/link which directed to the registration.php and set the site to not accept any registrations.

Now I have just a few more questions to check out with y'all....

Am I correct in assuming that even tho I have set the site to not accept registrations, I will still be able to overide that from the Admin menu and manually set up new accounts? Can admin directly assign their "first issued" site password, so I can just enter the ht passwords they are already using to access private sub-domain?

Also, I think it would be important for "expired users" to get some kind of notification when they log in to the site. So, is it possible to set up some kind of "redirect" where the users in the expired group are sent to another page that only they can view which notifies them to contact the club treasurer?

And one last question, and it's a bit of a gurly one I know, but this club likes to refer to their "non-members" as "visitors", so to keep congruent to that, is there a way where I could globally (across the entire site) change "guest" to "visitor" so that is what they see in the "who's online" and user groups?

Cheers for reading in
Z

4
Shine
Re: Suggestions for implementing site access....
  • 2005/5/8 17:05

  • Shine

  • Just can't stay away

  • Posts: 822

  • Since: 2002/7/22


This request came up earlier within another thread, but up until now there is no actual solution for it.
Quote:
I just created an extra user group as your suggested called "Expired Members" and gave it the same access permissions as a "Guest User" so they cannot view anything in the private area.

This isn't a great solution to my opinion. Fact is that registered user, regardles their group and given permissions, keep on having acces to use the PM feature, can submit content, may see other payd registered users and so on.
After all, the only setting you have is that anonymous or registered user may submit content (read links, news, donwloads etc.), useability of PM etc. I think these features may only be used by payed members.
The differences between registered users and payd registered are to small.

I still wonder why as an admin I cannot deactivate a member. The only influence I got is to activate his/hers registration.
I think I as an admin should be possible to deactivate a member and this member can be re-activated only by the admin. Not by the user himself.
The option of banning the user isn't an option either, since he/she may visit your site.
The other question I have is: Why, as soon you delete a member his/hers used name within its posts changes into guest/visitor ( or whatever your setting is for anonymous none registered users).
Wouldn't it be possible to keep formally registered usernames somewhere 'active'. After all the user wasn't an anonymous visitor when the posting was done.

Perhaps there is a way to add a setting posiblity within the specific groupspermissions: may use PM, may submit content etc. Also the possibility of a timelimit setting of a membership would be great. As soon as a membership timelimit has expired the user gets de-activated automaticly and can only be re-activated by the admin.


Grtz., Shine

Login

Who's Online

310 user(s) are online (238 user(s) are browsing Support Forums)


Members: 1


Guests: 309


margoritka,

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits