Page 1 of 1
Guest / Anonymous Entry posting
Posted: Thu Jun 01, 2006 3:02 pm
by WonkoDSane
My s9y installation is on an inward facing intranet, all of our users are already vetted and I will be monitoring abuse via IP logging, so I have a short set of goals.
1) Guest users can create an entry (draft)
2) Guest users do not need to authenticate in any way (our intranet requires far too many authentications as it is, I will lose traffic if I try to get people to learn a new user/pass combination) I might eventually use some LDAP method for authentication, but for now we are counting on good citizenship and falling back on IP logging (IPs are static to individual workstations in our organization).
3) Guest users can not modify/view that created entry once submitted, it will not be viewable until the administrator has vetted it and changed its status from draft to published.
Is there an existing plugin which offers this guest functionality?
I have considered creating a guest account and a guest group with settings to match those goals above and embedding the authentication for the guest user into a separate .tpl accessible from a sidebar link (Submit an Entry), but I was unsure how to do the latter. I suppose it is possible to use the Static Pages plugin to do some of the necessary legwork, but I still would have to devise a way to embed the guest authentication.
Any help is greatly appreciated!
Re: Guest / Anonymous Entry posting
Posted: Thu Jun 01, 2006 3:43 pm
by garvinhicking
Hi!
Such a plugin does not yet exist. It would be easy to allow anonymous user posting by just shortcutting the $_SESSION['serendipityAuthedUser'] variable.
However, without authentication you won't be able to tell who created his entry and who not, because all others will get the same "anonymous" ID.
And s9y is built so that the person who creates an entry can also edit that entry. Of course you can build around it, but you'd need some PHP skills for it.
The best thing would thus be to create "faked user ids", based on their IP or whatever. A plugin could simply insert those users in the DB, and then those people can only write draft entries by putting them into a specific usergroup.
HTH,
Garvin
Posted: Thu Jun 01, 2006 8:29 pm
by WonkoDSane
Thanks for the quick turnaround.
OK, I am going to attack it from the automatically generated account angle (incorporating their IP into an auto-authentication scheme) in order to keep the submitters separate.
So I am looking for guidance on autocreating and authenticating users in an event plugin. I'm not a coding newb, but I am relatively new to PHP. I've not had much luck understanding the actual creation, installation, operation, and maintenance of the plugins.
Thanks again for the help!
Also:
While I was working on this, I ran into a little error in the Smarty Parsing plugin. My language file contains no 'STATICPAGE' constant, so it doesn't like that. I'm just going to change the line in the plugin from name => 'STATICPAGE' to name => 'STATICPAGE_TITLE'. Now that we're looking at autocreation and authentication of users, I may never use a Smarty-parsed Static Page, but I thought I should mention it. (Perhaps it has already been fixed. I am running beta2).
Posted: Fri Jun 02, 2006 1:48 pm
by garvinhicking
Hi!
First, thanks about the STATICPAGE note. I didn't notice this because in my s9y version that variable was defined always. I patched it now so that this constant will be defined, if not existing.
About the automatic account creation, I suggest a plugin like this:
Code: Select all
<?php
class serendipity_event_iplogin extends serendipity_event {
var $title = 'User-login via IP';
// Introspection of the plugin
function introspect(&$propbag){
global $serendipity;
$propbag->add('name', 'IP Login Mirror');
$propbag->add('description', 'User-login via IP');
$propbag->add('stackable', false);
$propbag->add('author', 'Garvin Hicking');
$propbag->add('version', '0.01');
$propbag->add('requirements', array(
'serendipity' => '0.8',
'smarty' => '2.6.7',
'php' => '4.1.0'
));
$propbag->add('event_hooks', array(
'frontend_configure' => true,
));
$propbag->add('groups', array('BACKEND_USERMANAGEMENT'));
}
// Dummy-Output for Plugin Overview
function generate_content(&$title) {
$title = $this->title;
}
// Hook on events
function event_hook($event, &$bag, &$eventData, &$addData) {
global $serendipity;
$hooks = &$bag->get('event_hooks');
if (isset($hooks[$event])) {
switch($event) {
// Central plugin hook that is executed on each page.
case 'frontend_configure':
if ($_SESSION['serendipityAuthedUser'] == true) {
// The current user is already authenticated. Do not do anything to him. Abort.
return true;
}
// If we are here, the current user is not yet authenticated. First try to see if he is inside our user DB.
// We user the IP as both username and login.
if (serendipity_authenticate_author($_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_ADDR'], false, true)) {
// If the function returns true, we are authenticated. Hooray for Boobies.
return true;
}
// If this method is still not aborted, the user is neither logged in, nor inside our DB. So create him:
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}authors
(realname,
username,
password,
email,
mail_comments,
mail_trackbacks,
userlevel)
VALUES ('Anonymous',
'". serendipity_db_escape_string($_SERVER['REMOTE_ADDR']) ."',
'". serendipity_db_escape_string(md5($_SERVER['REMOTE_ADDR'])) . "',
'',
1,
1,
0)");
// Get the last insert ID from the Table, which will be our new authorid:
$id = (int)serendipity_db_insert_id('authors', 'authorid');
// Now the user was added. But you'll still need to assign him to a usergroup! We do this by IDs. By default installation, group #1 are normal editors.
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}authorgroups
(authorid, groupid)
VALUES ('$id', 1)");
// Now let's authenticate this user:
serendipity_authenticate_author($_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_ADDR'], false, false);
return true;
break;
default:
return false;
break;
}
} else {
return false;
}
}
}
It is untested, but fully documented, so I hope you can get along with it? If not, please tell me your issues.
Best regards,
Garvin
Posted: Fri Jun 02, 2006 4:25 pm
by WonkoDSane
Garvin,
Thanks! I will get this installed and tweaked and let you know the results.
Posted: Tue Jun 06, 2006 8:20 pm
by WonkoDSane
Cool, looks good.
I'm going to see about adding a little functionality to ask for name and email when they authenticate the first time.
Thanks, Garvin!