One of the admins is to blame, settings don't just change like that
not from itself, but this would be a pefect example for an admin exploit.
thanks for the hint on the mod, I'll try that
You are not logged in. Please login or register.
PunBB Forums → Posts by flotsam
Pages 1
One of the admins is to blame, settings don't just change like that
not from itself, but this would be a pefect example for an admin exploit.
thanks for the hint on the mod, I'll try that
Hi there,
I just happened to have some strange encounter and just wanted to check if anyone ever experienced that.
I run a punbb 1.2.12 and one special forum was only viewable by Administrators, yet yesterday it could be seen by anybody.
Of course I can't tell if one of the 3 people with admin status made a mistake, but I have no means to see that - or did I miss a log function?
All checkboxes under admin_forums.php?edit_forum=XX were ticked - anybody ever experienced something like that or are you sure one of the admins is to blame?
thanks, I'll try that - for now I've just created an additional admin user and switched my own user back to member.
Hi there,
I'd like to hide some forums from myself as an admin (not from the whole admin group).
Reasons may be:
- too much traffic, I don't want to read or see this
- other Admins care about this stuff
I would greatly appreciate it if anyone can point me in the right direction, I'll surely have no problem of writing this "hack" for myself
Thanks in advance.
Hey there,
just installed punBB 1.2.11 yesterday and used a SQL password containing a '
and so I got the line
$db_password = 'my cool'password';
which of course resulted in a blank page. took my quite some time to figure it out.
So the installer should check for any ' in the given fields and escape them before outputting the config.php sample - as you can easily overlook sth like this.
Cheers.
User A is part of group AA that has permissions to forum CCC and user A is a member of group BB that has permissions to forum DDD, but are disallowed read access to forum CCC
Well, "Deny wins" or "Allow wins" comes to my mind.
Deny: A can't access CCC, because one or more checks fail ( AND )
Allow: A can access CCC, because one check succeds ( OR )
I'd suggest "Allow wins" because afaik phpBB uses this approach and the handling of multiple groups is one thing there that really works
If the policy will be mainly "the admin is responsible to create the groups in such a manner that it works and not everybody has any permissions" - what seems most feasible anyways, I don't think so many checks are involved.
Of coure it would be very good to have some javascript-"all, none, inverse"-buttons in the forum permissions setting, when you have 10 groups it's clicking, clicking, clicking atm.
Should it be possible to assign new members to multiple groups when they register?
I'd say no, that would be really overkill. Shouldn't be too much work to sort the people out. If it's a really big forum, you most likely will have many, many normal users and just some special ones who need multiple groups (as I see it in one forum I'm mod, we have 1200 registered and ~20 in some multiple groups, including Admins, Moderators, Development, and so on. But would be quite hard without multiple groups per user.
If you say so, it seems that I should do that.
But unfortunately I don't want to and will more likely continue with this workaround with a group "A+B" and "B+C" although it's a admin nightmare.
But on the other hand I won't ever install phpBB again and haven't yet found a forum suited that's not so fully-featurd and all eye-candy. And punBB seems much more secure, so you won't drive me away
I just tried to communicate that imho this is not a full-blown (needless) feature, but more like an absolute requirement.
Keep up the good work and please don't be beset.
I'd also like to strongly encourage that 1.3 will be able to do this. (if it's done via the new extensuion system, fine. But the functionality counts.)
Rickard, I absolutely agree with the idea of "lean and mean", but I think a solution is possible that won't involve a *complex* system.
As described above (and that's also my problem) imagine following use case:
- You have a community of, say 20, people.
- These people are organized in, say 5, teams or groups (or working parties).
- Everybody can be a member of 0-5 teams.
As I see it, at the moment you have to make a "personal" group for every possible combination, so that
- user A can access the forum 1 and 2
- user B can access the forum 2 and 3
...
With *no* complex inheritance model of user groups, I think most people could live fine if you define:
- group "alpha" can see and post in forum 1
- group "beta" can see and post in forum 2
- group "gamma" can see and post in forum 3
...
and
- A is member of "Users", he has additional groups "alpha" and "beta"
- B is member of "Users", he has additional groups "beta" and "gamma"
I don't see any complex stuff here and would greatly improve the feature list, as I can (atm) see no real *important* other reason to include multiple groups per user. I think the above posters will agree that is the important part.
*hoping to create a little bit thinking about this rule*
Some of these features might still get implemented, just not in the near future.
Pages 1
PunBB Forums → Posts by flotsam
Powered by PunBB, supported by Informer Technologies, Inc.