HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


log in as invisible

Login / Search

 [ Join | More ]
 Add topic 
Posted
Item has a rating of 5 (Liked by FletchLiked by Chris GrahamLiked by Jean)  
Rating:
#87465 (In Topic #17826)
Avatar

Community saint

I'm playing around with the idea of having my admin account always log in as invisible, so in /pages/mudules/login.php I changed:

Code (php)

if ($type=='login') return $this->login_after();
 
to:

Code (php)

if ($type=='login')
{
        if($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())==1 && $GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible']=='0')   // login admin as invisible if not already invisible
        {
                return $this->invisible();
        }
        else
        {
                 return $this->login_after();
        }
}
 
That seems to work fine until the current session expires. When I subsequently go back to my site I am logged in, as expected, but admin is no longer invisible.

Looking at the following code for invisible logins, I noticed that although 'session_invisible'=>1 is set in the DB, ['session_invisible']=0 is set in the session cache.

Code (php)

function invisible()
{
        $title=get_page_title('INVISIBLE');

        $GLOBALS['SITE_DB']->query_update('sessions',array('session_invisible'=>1),array('the_user'=>get_member(),'the_session'=>get_session_id()),'',1);
                global $SESSION_CACHE;
        if ($SESSION_CACHE[get_session_id()]['the_user']==get_member()) // A little security
        {
                $SESSION_CACHE[get_session_id()]['session_invisible']=0;
                if (get_value('session_prudence')!=='1')
                {
                        persistant_cache_set('SESSION_CACHE',$SESSION_CACHE);
                }
        }

        $url=get_param('redirect',NULL);
        if (is_null($url))
        {
                $_url=build_url(array('page'=>''),'');
                $url=$_url->evaluate();
        }
        return redirect_screen($title,$url,do_lang_tempcode('SUCCESS'));
}
 
I'm assuming that ['session_invisible']=0 is a bug and that it should be ['session_invisible']=1. If not, why is it set to 0?

I have also looked at the invisibility related code in functions handle_active_login() of users_active_actions.php and create_session() of users_inactive_occasionals.php, and I don't think I need to do anything there.

Any thoughts?


Last edit: by temp1024

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#87467
Avatar

Community saint

Interested in this. I recall that in 'older' versions Admin had the ability to be the 'only' invisible user, but that changed (and I commented at the time) to an 'all-or-nothing' approach.

Waiting …

 :thumbs:

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Item has a rating of 5 (Liked by sholzy)  
Rating:
#87468
Avatar

Community saint

Fletch said

Interested in this. I recall that in 'older' versions Admin had the ability to be the 'only' invisible user, but that changed (and I commented at the time) to an 'all-or-nothing' approach.
I wouldn't have thought that an 'all-or-nothing' approach was particularly logical to have. I can understand maybe a desire to give users an option of a bit more privacy, but it does take away from the community spirit/aim.

For example, if I see a lot of named users online I sometimes effectively stay on longer (i.e. because I return sooner) as it brings the communication closer to real-time. As I am on the other side of the planet to most members the post-reply cycle can really get drawn out otherwise.

Admins are by their very nature special, and if they see a need to be able to log in invisibly then they should be able to do so without having to give everyone else that option.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#87470
Avatar

Community saint

temp1024 said

Admins are by their very nature special, and if they see a need to be able to log in invisibly then they should be able to do so without having to give everyone else that option.

I recall that was the original point I made. There are times when I am 'administering' when I don't wish to be whistled-up for a chat, or something similar. Also, it helps to be invisible when trying to keep an eye on the known/suspected 'dodgy' characters when they are on line, observing their behaviour when they don't see 'Administrator' logged on!

Hope you can crack this one.

 :thumbs:

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#87477
Avatar

Issues:
  • The session cache bug you found is real (so bug if persistent cache enabled)
  • There's no way to leave invisibility without killing the session
  • No way of remembering invisibility setting between sessions

Availability of invisibility to non-staff won't be considered. But can be templated in if needed (that's not secure, but I personally wouldn't worry about that – none of this is a site security feature).

I will post a hotfix in a few minutes.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#87479
Avatar



Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Item has a rating of 5 (Liked by Chris Graham)  
Rating:
#87491
Avatar

Community saint

Thanks Chris.

One minor change to login.php is needed though.

Your code allows members to toggle 'invisible' even when is_on_invisibility has not been enabled on the site.

To fix, just need to make it conditional, i.e. change:

Code (php)

                $visible=(array_key_exists(get_session_id(),$GLOBALS['SESSION_CACHE'])) && ($GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible']==0);
 
to:

Code (php)

                if(get_option('is_on_invisibility')=='1')
                {
                        $visible=(array_key_exists(get_session_id(),$GLOBALS['SESSION_CACHE'])) && ($GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible']==0);
                }
                else
                {
                        $visible=false;
                }
 

I've also noticed that the side_users_online block is not being refreshed properly when invisibility is toggled (i.e. by navigating to /pg/login/invisible) although the users online block in the forum is fine.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Important!
Posted
Rating:
#87498
Avatar

Automated fix message

temp1024 said

Thanks Chris.

One minor change to login.php is needed though.

Your code allows members to toggle 'invisible' even when is_on_invisibility has not been enabled on the site.

To fix, just need to make it conditional, i.e. change:

Code (php)

                $visible=(array_key_exists(get_session_id(),$GLOBALS['SESSION_CACHE'])) && ($GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible']==0);
 
to:

Code (php)

                if(get_option('is_on_invisibility')=='1')
                {
                        $visible=(array_key_exists(get_session_id(),$GLOBALS['SESSION_CACHE'])) && ($GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible']==0);
                }
                else
                {
                        $visible=false;
                }
 

I've also noticed that the side_users_online block is not being refreshed properly when invisibility is toggled (i.e. by navigating to /pg/login/invisible) although the users online block in the forum is fine.
This issue has been filed on the tracker in issue #647, with a fix.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Important!
 
Posted
Rating:
#87505
Avatar

Community saint

@Chris - Thanks :thumbs:

@Fletch - After applying Chris' patches, you can now allow admins to log in invisibly by making a couple of changes to /pages/mudules/login.php .

1st change is in my first post.

2nd change is to replace:

Code (php)

        function invisible()
        {
                if (get_option('is_on_invisibility')=='1')
 
with:

Code (php)

        function invisible()
        {
                if((get_option('is_on_invisibility')=='1') || ($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())==1))
 

Then once admin is logged in they can toggle invisibility off/on by navigating to /pg/login/invisible .

The global invisibility option is still available.

And if anyone want to say give a specific user group the power of invisibility, then only those two changes need to be tweaked.


Last edit: by temp1024

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Item has a rating of 5 (Liked by Chris Graham)  
Rating:
#87511
Avatar

Community saint

temp1024 said

@Fletch - After applying Chris' patches, you can now …
thanks    … I've suddenly gone invisible … thanks

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Item has a rating of 5 (Liked by Chris Graham)  
Rating:
#87526
Avatar

Community saint

Fletch said

… I've suddenly gone invisible …
:o Who said that? :o


Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#87527
Avatar

Community saint

[RESOLVED] … ?

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#87528
Avatar

Community saint

Fletch said

[RESOLVED] … ?
I guess so……I've be a little lax in that department lately.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#87529
Avatar

Community saint

 :thumbs:

Not many in here I'd 'suggest' that to.

I could have used a Frank Campion "Walk with me…", but I suspect you don't have time for that, either!

 :o

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#87530
Avatar

Community saint

Fletch said

I could have used a Frank Campion "Walk with me…"
If you did I would have thought to myself "I don't understand….O.K. this must be Fletch's revenge for giving him the run-around in the Bob thread. I confused him, so he confuses me."


Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#87532
Avatar

Community saint

Ahhhhhhh...

Australian medical drama All Saints - Channel7

Dr. Frank Campion John Howard Director of Emergency April 2004 -> present 265 -> ###

Dr. Frank Campion is one of All Saints main characters and one of All Saints hospital's top doctors. He, as head of the emergency department, is a fantastic doctor and has had extensive training in the field. To the doctors and nurses of the ED, he is demanding, pushing and sometimes abusive but he always makes his patients his top priority. Frank became particularly attached to his intern, Bart West, when Bart was shot and Frank felt it was his fault; it was then that we saw first-hand how supportive and kind Frank could be to his staff. Frank has been married once, to his ex-wife, and engaged one, to Eve Ballantyne whom he went to great lengths to win over. This engagement ended when Eve became pregnant and they discovered their baby had spina bifida, Eve decided to have the pregnancy terminated and Frank objected. She left town as Frank would not support her decision. Dr.Frank campion has a daughter named Kathleen Campion with Dr. Alison Newell his ex-wife.



Last edit: by Fletch

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#87533
Avatar

Community saint

That explains it. Australian drama…Never watch it as I can't stand any of the modern stuff from down-under.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Item has a rating of 5 (Liked by sholzy)  
Rating:
#87535
Avatar

Community saint

Fletch said

[RESOLVED] … ?
Spoke a little too soon Fletch :o

My first post need a little tweak. As it currently stands admins invisibility will be lost if the admin need to confirm their login, which typically happens when the admin tries to go into the admin zone after some inactivity or in a freshly opened browser.

So I have changed:

Code (php)

if ($type=='login')
{
        if($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())==1)   // login admin as invisible
        {
                return $this->invisible();
        }
        else
        {
                 return $this->login_after();
        }
}
 
to:

Code (php)

if ($type=='login')
{
        if($GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())==1 && $GLOBALS['SESSION_CACHE'][get_session_id()]['session_invisible']=='0')   // login admin as invisible if not already invisible
        {
                return $this->invisible();
        }
        else
        {
                 return $this->login_after();
        }
}
 

I'll also change the first post to reflect this new code.


Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#87537
Avatar

Community saint

temp1024 said

… So I have changed: >>>>

to: >>>>

I'll also change the first post to reflect this new code.

 :thumbs:

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#87539
Avatar

Community saint

@Chris, I left invisible admin logged in overnight and when I loaded the first page this morning I was still logged in (as expected) but I was visible again.

Looks like the sessions are not being recreated properly.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Expand