Posted under General by ADoggrell on Friday February 02 2001 @ 11:37AM EST
I am using this mod to allow users in different departments contribute, edit, kill, and repost stories without opening it up to the whole company. (this doesn't encrypt any of the usernames or password, but since this is all inter-company, I wasn't too worried about it.)
It may not be full user accounts, but it works for us.
The users will have access to contrib.php. And, while browsing their topic, they will have edit, kill, and new buttons on the summaries. (known problem: the edit, kill, and new buttons will also show up on any polls while the user is in their topic area...any suggestions on fixing this?)
How?
1. I added a data table called ContribUsers, with id, username, password, and topic fields.
For my purposes, a user only needs contribute access to a single topic. Just use the topic id from T_topics to reference users access area.
CREATE TABLE ContribUsers (
username varchar(20),
password varchar(20),
id int(4) NOT NULL auto_increment,
topic char(3),
KEY id (id),
UNIQUE id_2 (id)
);
3. In contrb.php, take out the entire if (!F_isAdmin()) (on about line 25) and replace it with:
if (!F_isAdmin()) {
// Check to see if $PHP_AUTH_USER already contains info
if (!isset($PHP_AUTH_USER)) {
// If empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="Story Contribution Area"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (verify_user()) {
$okay=1;
} else {
header('WWW-Authenticate: Basic realm="Intranet Contributor"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;
}
}
3. add the following functions to common.inc.php
function verify_user() {
global $PHP_AUTH_USER;
// Formulate the query
$sql = "SELECT * FROM ContribUsers
WHERE username='$PHP_AUTH_USER' ";
$result = mysql_query($sql);
$num = mysql_numrows($result);
return $num;
}
function topic_user() {
global $PHP_AUTH_USER;
// Formulate the query
$sql = "SELECT * FROM ContribUsers
WHERE username='$PHP_AUTH_USER' ";
$result = mysql_query($sql);
$allow=mysql_fetch_array($result) ;
return $allow[topic];
}
4. Change the F_admin function in common.inc.php in the following way
add $topic to the list of global vars
then insert the following if/else just below the global statement:
if ($topic == topic_user() && isset($topic)) {$okay="yes";}
else{ $okay="no"; }
then, in the next if change this: if (F_isAdmin())
to this: if (F_isAdmin() || $okay == "yes")
this will allow your users to edit, kill, repost
5. Now change the line in edit.php, kill.php, and repost.php (around line 25)
from include("/auth.inc.html")
to if (!verify_user()) { include("/auth.inc.html"); }
Voila!! "Contributor" User Accounts
|