1
winfred
module CBB - a question of anonymous posting
  • 2006/8/1 12:52

  • winfred

  • Just popping in

  • Posts: 4

  • Since: 2006/7/29


I allow registered people to post anonymously (by checking the anonymous in options checkbox).
Is there any way that administrators could know what the original post id is?

I am not familiar with XOOPS codes, however I traced little to see what happened.
It seems that CBB doesn't keep any record about post id, right?

from post.php line 174~179:

if ( is_object($xoopsUser) && empty($_POST['noname']) ) {
$uid = $xoopsUser->getVar("uid");
}
else {
$uid = 0;
}


CBB version: 1.14

2
Djiman
Re: module CBB - a question of anonymous posting
  • 2006/8/1 13:18

  • Djiman

  • Just popping in

  • Posts: 91

  • Since: 2006/7/26


You got me ripping off my hairs from my bald head.
Isn't it anonym?!
I love it tho..

3
winfred
Re: module CBB - a question of anonymous posting
  • 2006/8/3 12:52

  • winfred

  • Just popping in

  • Posts: 4

  • Since: 2006/7/29


If I am going to write patches myself,
is there any suggestion?

For example, where should I start?
or which place is best would I save information?

4
Djiman
Re: module CBB - a question of anonymous posting
  • 2006/8/3 13:16

  • Djiman

  • Just popping in

  • Posts: 91

  • Since: 2006/7/26


if you really want to know who is posting what as ano...
try one trick , get the IP of that anony.. ' if there is one ' and compare .. to your registered.
other than that ain't have any idea.

5
winfred
Re: module CBB - a question of anonymous posting
  • 2006/8/3 14:08

  • winfred

  • Just popping in

  • Posts: 4

  • Since: 2006/7/29


Yes,
comparing IP address to registered accounts is a way finding out who is the original owner of the 'existing' anonymous posts.

However,
What I would like to do is: keep a id records of anonymous posts 'after'.

First, one must login first in order to see posts.
-> It is done by configuration.
Second, he have to click the anonymous in the Options Checkbox.
-> It is also done by configuration.

Than, before the post being stored in database,
-> I would like to keep his id somewhere only admin could acess.
-> This part, it seems that I need to write my own patches.

6
Djiman
Re: module CBB - a question of anonymous posting
  • 2006/8/3 14:35

  • Djiman

  • Just popping in

  • Posts: 91

  • Since: 2006/7/26


try some other tricks then!
If you don't want viewers to view the username of the post in your forum,
You can either stop echo-ing the username in the template -remove it manually.

Or should you wish it to be visible only to admin .
Set your forum to
- register to post ,
- then in the forum's templates, in-between ,, our famous IF! - you can exploit the if xoops_isadmin show me the username else hide the secret.
and that should show the username only to admin and the regis are tricked a little, --but their username wont be visible to none-admin.

Winfred; don't kill me for that now.
as the say it in the trade, back up and back up.

7
winfred
Re: module CBB - a question of anonymous posting
  • 2006/8/17 0:10

  • winfred

  • Just popping in

  • Posts: 4

  • Since: 2006/7/29


Here is my implementation:

1. insert a column named uid_r into xoops_bb_posts to backup the poster's uid
ALTER TABLE `xoops_bb_postsADD `uid_rINT UNSIGNED DEFAULT '0' NOT NULL AFTER `uid` ;


2. modify xoops/modules/newbb/post.php -> record id in uid_r whenever the anonymous option checked
--- post.php.orig       2006-08-15 20:13:58.000000000 +0800
+++ post.php    2006-08-15 20:15:59.000000000 +0800
@@ -173,+173,11 @@
         
$isnew 1;
         if ( 
is_object($xoopsUser) && empty($_POST['noname']) ) {
             
$uid $xoopsUser->getVar("uid");
+           
$uid_r 0;
         }
         else {
             
$uid 0;
+            
$uid_r $xoopsUser->getVar("uid");
         }
         if (isset(
$pid) && $pid != "") {
             
$forumpost->setVar('pid'$pid);
@@ -
187,+189,@@
         
//$post_ip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']))?$_SERVER['HTTP_X_FORWARDED_FOR']:$_SERVER['REMOTE_ADDR'];
         
$forumpost->setVar('poster_ip'newbb_getIP());
         
$forumpost->setVar('uid'$uid);
+        
$forumpost->setVar('uid_r'$uid_r);
     }

        if(
$topic_handler->getPermission($forum$topic_status'noapprove')) $approved 1;
@@ -
453,+456,@@

 include 
XOOPS_ROOT_PATH.'/footer.php';

-
?>
 No newline at end of file
+?>


3. modify xoops/modules/newbb/class/post.php -> write uid_r into database
--- post.php.orig       2006-08-15 20:14:08.000000000 +0800
+++ post.php    2006-08-15 20:18:14.000000000 +0800
@@ -44,+44,@@
         
$this->initVar('dosmiley'XOBJ_DTYPE_INT1);
         
$this->initVar('doxcode'XOBJ_DTYPE_INT1);
         
$this->initVar('uid'XOBJ_DTYPE_INT1);
+        
$this->initVar('uid_r'XOBJ_DTYPE_INT1);
         
$this->initVar('icon'XOBJ_DTYPE_TXTBOX);
         
$this->initVar('attachsig'XOBJ_DTYPE_INT);
         
$this->initVar('approved'XOBJ_DTYPE_INT1);
@@ -
633,+634,@@
             
$post_id $this->db->genId($this->db->prefix("bb_posts") . "_post_id_seq");

             
$sql "INSERT INTO " $this->db->prefix("bb_posts") . "
-                               ( post_id,  pid,  topic_id,  forum_id,  post_time,  uid,  poster_ip,  poster_name,  subject,  dohtml,  dosmiley,  doxcode,  doimage,  dobr, icon,  attachsig,  attachment,  approved,  post_karma, require_reply)
                                        VALUES
-                       (
$post_id$pid$topic_id$forum_id$post_time$uid$poster_ip$poster_name$subject$dohtml$dosmiley$doxcode$doimage$dobr$icon$attachsig$attachment$approved$post_karma$require_reply)";
+                       (
$post_id$pid$topic_id$forum_id$post_time$uid$uid_r$poster_ip$poster_name$subject$dohtml$dosmiley$doxcode$doimage$dobr$icon$attachsig$attachment$approved$post_karma$require_reply)";

             if (!
$result = $this->db->queryF($sql)) {
                 newbb_message("
Insert post error:" . $sql);
@@ -897,4 +898,4 @@
     }
 }

-?>
 No newline at end of file
+?>


so that only admin with right reading database would know who the original poster is

Login

Who's Online

307 user(s) are online (193 user(s) are browsing Support Forums)


Members: 0


Guests: 307


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits