I really, really hate two things about the way private forums work currently.

1) the fact that by default moderators can see all private forums. I am sorry, but moderators are moderators for a given forum. I don't necessarily want to give them full run of the board automatically.

2) When I enable a user group to see one private forum, all of a sudden they can see ALL of them. This one almost bit me the other day because I did not expect it at all. Each private forum should be an individual thing. Access to one should not mean access to all by default.

Yes, I realize that I can set access masks and correct this stuff. However, the current setup is counterintuitive and confusing, even to me who is pretty experienced with the system.

Amy

I agree with both points. I think this'll undergo some changes in version 3.0.

And since everyone wants it, passworded forums also :D Its one of those features in demand.. I to also dislike the way private forums are handled... I would also want to be able to let one certain user into a private forum and not have to give them their own user group... I'm not sure if thats possible already, haven't had time to mess with private forums much lately....

I have had the same problems lately. Several forums that i thought were under wrap to a specific user group, (due to what were entered in the forum permissions I assigned to the usergroup i configured through the admin panel) were avaliable to just about everyone, regardless what i entered in the forums permissions, so that meant, going through each and every user to click on "no" to make sure they couldnt view it. even than though, such as the case of a admin forum, that I assigned only to myself, was viewable to the other admin...even though i turned it off for admin, and than clicked "yes" for myself to view it....Never had that problem before i guess until now.

Originally posted by The Prohacker
And since everyone wants it, passworded forums also :D Its one of those features in demand.. I to also dislike the way private forums are handled... I would also want to be able to let one certain user into a private forum and not have to give them their own user group... I'm not sure if thats possible already, haven't had time to mess with private forums much lately....

totally agreed. If i had some way of coding in a java prompt for this, i would...however, java passwords are basically useless, and than, how do you assign the passwords to what users you know, without compromising some sort of security...
If a guy could basically .htaccess them, as vb does here for the members area, it could be somewhat usefull, but forums are not set up that way to individually htaccess them separate from the whole package.

Than, a guy could set it up similar to the way a person would log into the forums index, for each forum, but than you would have to litterally add on a whole new table column to do so.

Something to watch out for- If you create a new usergroup, they can by default see all your private forums. Be sure to edit the new group for all your private forums. Use custom permissions and set everything to no.

Originally posted by CondorZ
Something to watch out for- If you create a new usergroup, they can by default see all your private forums. Be sure to edit the new group for all your private forums. Use custom permissions and set everything to no.

yep. even the default mod group. They were seeing forums, that were set in forum permissions set at no, which came as a suprise one day when a mod posted in our admin forum. even though the mods had been "X'd" from seeing that forum anyways, none the less posting in it, they thought it was quite hillarious to see in the description "Administration forum which is only viewable to Administration"

the mod wrote a post that simply stated "Hi, no it isnt."

Soo..i had to go into each mods mask section, and click it on no, than go back into the user permissions, and click on no, and "use custom user groups to yes".

In short, it has never been this big of a headache before, and the worst part of it is, it happens with each new forum i add in the private forums section, so i have to go through it each and every time, even though i have updated user titles at least a dozen times, thinking that may be the problem.

Originally posted by ToraTora!

If a guy could basically .htaccess them, as vb does here for the members area,



Actually they don't do it via .htaccess they use $PHP_AUTH_USER and $PHP_AUTH_PW. So it makes it that much eaiser, its a built in PHP function that will popup asking for a username and password like htaccess does. So you won't have to use mod_auth_mysql it would actually be quite easy to do......

I was looking at the code just now for when a new private forum is created. It's kind of weird, and I was wondering why this was done this way.

First, if the forum is marked private, the forum permissions for all usergroups - except admins and super moderators are set to no for everything.

Then, and this is the weird part, it goes through and looks for all moderators, and then sets their mask to access the forum to yes.

I am confused. Can a developer explain to me why this was done?

I am also assuming that when a user is made a moderator, their access masks are set so that they see all private forums. I need to go find that and yank that out too.

Finally, I need to figure out what happens when a user group is given access to a private forum. If I ever get this sorted out, we might have things tightened up and not have to wait 6 months for 3.0. :D

Amy

Originally posted by The Prohacker




Actually they don't do it via .htaccess they use $PHP_AUTH_USER and $PHP_AUTH_PW. So it makes it that much eaiser, its a built in PHP function that will popup asking for a username and password like htaccess does. So you won't have to use mod_auth_mysql it would actually be quite easy to do......

great..i was reading up on some php functions for that...however, would a person have to enter that rite into the link section of the forum that you want, and than have it direct to a newly created table and column with the passwords in the actual created forums that are private rite?...i mean, a person would have to have a whole new password and userfield for the forums....not quite sure how a person would go about doing this one..

hmmm..also thinking, i create a auth script, that would be a link that the forums link would be, and than have it redirect to the forum that the auth was for...but..the question remains...how to link it to a actual username password setup to make it work is the problem...

take this code for instance....


if ($PHP_AUTH_USER !="user" || $PHP_AUTHPW != "password")

{
header('WWW-Autthenticate: Basic realm="/forums/forumid=12"');


now, that would be the first of it of course, but, a person would still have to add a password, and username base, for each of the hidden forums, which could be rather lengthy i would think...

or could a guy enter two table into the forums id sections, that would be username, password, and go from that route, manually entering in the username, and password for each person that is allowed in there...?