Stop guests using names Stop guests using names
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Stop guests using names

Started by eviljoker7075, June 10, 2006, 01:20:29 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

eviljoker7075

Hello, I allow guests to submit comments, but is there any way I can ban the use of certain guest names at all? I know I can ban users once signed up but can I stop guests?

Thanks

Vargha

Haalaa Boro Ye Chayi Vasam Dorost Kon Ta Man Ye Fekri Be Halet Bokonam ;) Ye Hendooneye Shotoriham Biyar Bizahmat :)
Visit My Site www.Rangarang.co.nr
Check Out My Gallery
www.Rangarang.co.nr/buddies
(https://coppermine-gallery.com/forum/proxy.php?request=http%3A%2F%2Fimg157.imageshack.us%2Fimg157%2F838%2Frangarang4xn.jpg&hash=48b4c3087515cafe09fc6d3f7ee19dce86328d8e)

Joachim Müller

You can set a prefix for guest postings in Coppermine's config to avoid guests posing a registered users.

eviljoker7075

I know, but I don't allow people to sign up, because I have no need for them to, so as a result all comments are posted by guests. However I would like to restrict some names they use, not just the guest prefix, but the whole name...

Joachim Müller

OK, this is a bit more complicated: first, you'll have to come up with some JavaScript code that needs to reside in your custom theme - it should check the comment form onsubmit. Second, you'll have to add a check into db_input.php that only allows the query to be run if the name is OK.

You'll have to edit themes/yourtheme/theme.php, find// HTML template for the display of comments
$template_image_comments = <<<EOT
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">

        <tr>
                <td>
                        <table width="100%" cellpadding="0px" cellspacing="0px">
                           <tr>
                                <td class="tableh2_compact" nowrap="nowrap">
                                        <b>{MSG_AUTHOR}</b><a name="comment{MSG_ID}">&nbsp;</a>
<!-- BEGIN ipinfo -->
                                                                                 ({IP})
<!-- END ipinfo -->
</td>


                                <td class="tableh2_compact" align="right" width="100%">
<!-- BEGIN report_comment_button -->
     <a href="report_file.php?pid={PID}&amp;msg_id={MSG_ID}&amp;what=comment" title="{REPORT_COMMENT_TITLE}"><img src="images/report.gif" width="16px" height="16px" border="0px" align="middle" alt="{REPORT_COMMENT_TITLE}" /></a>
<!-- END report_comment_button -->


<!-- BEGIN buttons -->
                                        <a href="javascript:;" onclick="blocking('cbody{MSG_ID}','', 'block'); blocking('cedit{MSG_ID}','', 'block'); return false;" title="{EDIT_TITLE}"><img src="images/edit.gif" border="0px" align="middle" alt="" /></a>
                                        <a href="delete.php?msg_id={MSG_ID}&amp;what=comment"  onclick="return confirm('{CONFIRM_DELETE}');"><img src="images/delete.gif" border="0px" align="middle" /></a>
<!-- END buttons -->
                                </td>
                                <td class="tableh2_compact" align="right" nowrap="nowrap">
                                        <span class="comment_date">[{MSG_DATE}]</span>
                                </td></tr>
                        </table>
                </td>
        </tr>
        <tr>
                <td class="tableb_compact">
                        <div id="cbody{MSG_ID}" style="display:block">
                                {MSG_BODY}
                        </div>
                        <div id="cedit{MSG_ID}" style="display:none">
<!-- BEGIN edit_box_smilies -->
                                <form name="f{MSG_ID}" method="post" action="db_input.php">
                                    <table width="100%" cellpadding="0px" cellspacing="0px">
                                        <tr>
                                            <td valign="top">
                                                <input type="text" name="msg_author" value="{MSG_AUTHOR}" class="textinput" size="25" />
                                                <input type="hidden" name="event" value="comment_update" />
                                                <input type="hidden" name="msg_id" value="{MSG_ID}" />
                                            </td>
                                            <td width="70%">
                                                <textarea cols="40" rows="2" class="textinput" name="msg_body" onselect="storeCaret_f{MSG_ID}(this);" onclick="storeCaret_f{MSG_ID}(this);" onkeyup="storeCaret_f{MSG_ID}(this);" style="width:99%;">{MSG_BODY_RAW}</textarea>
                                            </td>
                                            <td align="right">
                                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                            </td>
                                        </tr>
                                        <tr>
                                            <td colspan="3">
                                                <img src="images/spacer.gif" width="1px" height="2px" />
                                                <br />
                                            </td>
                                        </tr>
                                    </table>
                                </form>
                                {SMILIES}
<!-- END edit_box_smilies -->
<!-- BEGIN edit_box_no_smilies -->
                                <form name="f{MSG_ID}" method="post" action="db_input.php">
                                    <table width="100%" cellpadding="0px" cellspacing="0px">
                                        <tr>
                                            <td valign="top">
                                                <input type="hidden" name="event" value="comment_update" />
                                                <input type="hidden" name="msg_id" value="{MSG_ID}" />
                                                <input type="text" name="msg_author" value="{MSG_AUTHOR}" class="textinput" size="25" />
                                            </td>
                                            <td width="70%">
                                                <textarea cols="40" rows="2" class="textinput" name="msg_body" style="width:99%;">{MSG_BODY_RAW}</textarea>
                                            </td>
                                            <td align="right">
                                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                            </td>
                                        </tr>
                                        <tr>
                                            <td colspan="3">
                                                <img src="images/spacer.gif" width="1px" height="2px" />
                                                <br />
                                            </td>
                                        </tr>
                                    </table>
                                </form>
<!-- END edit_box_no_smilies -->
                        </div>
                </td>
        </tr>
</table>
EOT;
and edit accordingly (if this section doesn't exist in your custom theme, paste the above stuff in right before ?>).

The second modification should be applied before$insert = cpg_db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('$pid', '{$CONFIG['comments_anon_pfx']}$msg_author', '$msg_body', NOW(), '{$USER['ID']}', '0', '$raw_ip', '$hdr_ip')");in db_input.php

As far as I remember, something similar has been asked before and a more detailed answer has been given.