I am using
MyBB 1.8 feature build from GitHub (latest).
I have navigated to "home/usercp.php" which pointed me to my user control panel (UCP) page, and saw Personal Notepad. If I remember correctly this feature was also there in 1.6.X version too.
I searched around edit users/groups permissions and didn't saw any setting related to "Personal Notepad", if user/group is able to use it or not (MyBB like: "Can use Personal Notepad?").
Since it is build-in, it would be nice to have control over it too.
And also, add a switch whether to have "Personal Notepad" feature globally enabled or not in administrator control panel (ACP) > Configuration > Settings > Profile Options (I think that's a path where it should go. Link: "home/admin/index.php?module=config-settings&action=change&gid=10").
Simple said. Hopefully, my idea is clear now.
Best regards, OmegaExtern.
I don't support this idea as a core feature. The notepad is very important to me and it's "personal notepad" so moderators and admins shouldn't be able to read what could be very private to a member .I think it should be an optional plugin.
Yeah, the Notepad didn't received any love this time. Probably for 1.8.1
(2014-08-11, 01:05 AM)mikeh Wrote: [ -> ]I don't support this idea as a core feature. The notepad is very important to me and it's "personal notepad" so moderators and admins shouldn't be able to read what could be very private to a member .I think it should be an optional plugin.
You have misunderstand my idea, it has nothing to do with Personal Notepad privacy. That's why it is called "Personal" at the end, yeah.
My idea is to have a toggle for it in ACP settings whether it should be enabled/usable or not, and which user/group are able to
use Personal Notepad. Re-read the first post.
And by the way I don't think so it is such a personal (it must be two-way encryption).
Using my hacker mind something tells me all users' personal notes are stored inside a database, and then retrieved from a table (column is probably in *_userfields table, just a guess) by decrypting it back, if that is even stored in encrypted form after all.
If someone wants to read out your notes you saved in your Personal Notepad, it can be done using the will.
> Do you support my idea now?
(2014-08-11, 01:19 AM)Omar G. Wrote: [ -> ]Yeah, the Notepad didn't received any love this time. Probably for 1.8.1
Thanks for telling me that.
I do not support a setting for Personal Notepad enabled. The more settings there are, the larger cache size is and this one really isn't that important. It isn't something that anyone else can view.
It is about who can use it, the Notepad has no control whatsoever, it is just a form sitting there enabled for anyone else with no flood control, permissions, or whatever, nothing.
I would like to be able to "save" and the form be formatted via AJAX and "edit" it just like so, just like how the quick edit feature in posts works. That may be a plug-in though.
Honestly, if you want a notepad then, you can simply use something like Notepad or the Sticky Notes program.
Nothing stops a competent website owner reading your notes, so you shouldn't keep something that you want *really* private on it. I've never really seen the privacy aspect of it. If you want privacy then, there's always your computer and it'll be vastly more private.
The Notepad would be better as a plugin, in my opinion.
I thought that features are only supposed to be changed in the 1.x or x versions?
If we feel it deserves a change it may get discussed. At least.
Well, I was wondering if there are any possible exploits with "Personal Notepad", as why I got this idea.
Turns out none exploits were found during my simple testing.
Probably just the fact no flood controls takes places over it. Nothing more really, the feature is very simple ofr it to be exploitable.