MyBB Community Forums
Disable "Lost Password" functions for one group? - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: 1.8 Support (https://community.mybb.com/forum-175.html)
+--- Forum: General Support (https://community.mybb.com/forum-176.html)
+--- Thread: Disable "Lost Password" functions for one group? (/thread-174809.html)



Disable "Lost Password" functions for one group? - Wrooster - 2015-08-17

Newly-installed myBB 1.8.5, PHP 5.3.24, GoDaddy Linux server.
 
I want to prevent one group of members from accessing the lost-password functions. Many users have the same username and password. Any one of them can reset the password and break the system for the rest of them. The email with the new password will go to a useless address and I will have to restore the old password as admin.
 
The site serves a club with about 400 members. I created a group called "ReadOnly" which can read some forums but can't post or change anything. There is only one user in that group. All club members will have that username and password. This is so we can make documents easily available with some privacy. I did it this way instead of with a password-protected web page so club officers (with their own logins) can post without going through me.  I have tested logging in simultaneously with the same username from two computers with different ip's and  have found no problem except this one.
 
I temporarily solved the problem by commenting out several code blocks in member.php where I found "lostpw". The link still shows on the login page but now it takes you to a blank page. I'd like to gracefully refuse that function for the ReadOnly group and leave it for others. Any ideas?


RE: Disable "Lost Password" functions for one group? - Ad Bakker - 2015-08-17

Sorry, I missed something.


RE: Disable "Lost Password" functions for one group? - Wrooster - 2015-08-17

Do you mean you don't understand what I want? It was a long post and perhaps confusing.

I don't want members of one user group to be able to reset their password or have it emailed.


RE: Disable "Lost Password" functions for one group? - Ad Bakker - 2015-08-17

(2015-08-17, 06:53 PM)Wrooster Wrote: Do you mean you don't understand what I want?

No, I understand. I just wondered if you could not better organized this with existing permission settings for usergroups. Now you have a bunch of anonymous users.


RE: Disable "Lost Password" functions for one group? - Wrooster - 2015-08-17

(2015-08-17, 07:06 PM)Ad Bakker Wrote:
(2015-08-17, 06:53 PM)Wrooster Wrote: Do you mean you don't understand what I want?

No, I understand. I just wondered if you could not better organized this with existing permission settings for usergroups. Now you have a bunch of anonymous users.

I have spent a long time looking at settings, PHP modules and the database and I cannot find a way to cleanly remove that function, whether for one group or all groups. Am I missing something?

A bunch of anonymous users is what I want, as long as they know the password and can't change it.


RE: Disable "Lost Password" functions for one group? - Ad Bakker - 2015-08-17

(2015-08-17, 07:26 PM)Wrooster Wrote: A bunch of anonymous users is what I want, as long as they know the password.

But is a forum then the right platform for your purpose. Because a forum is a discussion platform, where discussions are between different members.


RE: Disable "Lost Password" functions for one group? - Wrooster - 2015-08-17

(2015-08-17, 07:32 PM)Ad Bakker Wrote:
(2015-08-17, 07:26 PM)Wrooster Wrote: A bunch of anonymous users is what I want, as long as they know the password.

But is a forum then the right platform for your purpose. Because a forum is a discussion platform, where discussions are between different members.

That's a fair question. This will be a valuable source of information and as members become aware of it, I hope we can begin to use it as a forum. A very few of us would like to see a forum but most of them don't care yet. It needs more than a few.

Even if it's never used for discussion, it provides a platform for uploads, security and interface without requiring a web developer every time something changes.