[Pushed] Hide "Last Post" for password-protected forums by default
#1
In most forum software, when a subforum is password-protected, the "Last Post" section displays a message like "Password protected" or similar if a user has not entered the password before. While in MyBB you can choose to completely hide the password-protected forum altogether, this requires creating special usergroups to display the forum for those who should have access, leading to more complication than necessary.

By default, MyBB simply shouldn't display threads in the "Last Post" sections of password-protected forums, unless the user has actually entered the password.
Reply
#2
(2015-02-11, 08:44 PM)hierocles Wrote: unless the user has actually entered the password.

This is the main issue. We do not have the time to implement/expand MyBB features like this correctly IMO.

The most we can do is to hide the last posts without checking if the password has been entered. But that wouldn't be enough IMO.
Reply
#3
Doesn't MyBB already track whether a user has entered the forum password before? I haven't looked at the code that handles forum passwords, but I'm fairly certain there's something there checking if the password has been entered before, be it cookies or whatever. Would it be possible to utilize that in the Last Post code?

With thread titles being displayed in the Last Post area, users can easily surmise what's being discussed in the password-protected forums, even if they can't access the full thread content. That defeats the purpose of having password-protected forums in the first place, so we're forced to rely on specialized usergroups that exist simply to grant access to a specific forum. Hopefully this is an issue that can be fixed in the next release.
Reply
#4
Looking at the code that checks for forum password I would assume it could be a resource intensive task for forums with a high amount of forums.
Reply
#5
I'm not quite sure what you're talking about, last post info is already hidden for password protected forums/subforums, at least in forum bits (or do you mean other place?): https://github.com/mybb/mybb/blob/featur...t.php#L137 And it's shown if you have a cookie with password.

You can see it in action here: http://nooo.hol.es/mybb16/index.php (password for both forums is test).

Anyways, moved to bug reports. Please provide more info.

EDIT: unless you mean only last posts from subforums shown in parent forum's last post info, then yes, they're shown without password. But since only lastpost and lastposttid are saved (no lastpostfid), the only workarounds would be to:
a) introduce lastpostfid saving and check it against child subforums with password protection - most reasonable but also a big change, lots of mod tools and other stuff would need to be updated
b) if there are any password protected child subforums, query the fid based on lastposttid and check it against them - but that's +1 query per forum with password protected child subforums..
Reply
#6
Generally no posts/threads from a password protected (sub)forum should be shown to users who haven't entered the password. If that's the case here it should be treated as issue and should be fixed in 1.8.6
Support PMs will be ignored!
Reply
#7
Hi,

Thank you for your report. We have pushed this issue to our Github repository for further analysis where you can track our commits and progress with fixing this bug. Discussions regarding this bug may also take place there too.

Follow this link to visit the issue on Github: https://github.com/mybb/mybb/issues/2142

Thanks for contributing to MyBB!

Regards,
The MyBB Group
devilshakerz.com/pgp (DF3A 34D9 A627 42E5 BC6A 6750 1F2F B8AA 28FF E1BC) ▪ keybase.io/devilshakerz
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)