Admin Only BBCode Check?

[game_guy]

Is there any small bit of code I can insert into my code to make BBCode Admin only? Any help is appreciated.

[IchBin™]

So you don't want to allow others to use BBC but Admin? I'm not sure I understand you...

Would probably help if you told us what version of SMF you're using too.

[game_guy]

Oh I'm sorry for my badly written post. I was in a rush. I'm using SMF version 1.1.14. I would gladly update to 2.0 since its gold now but it'd break a couple of the mods we have installed and sadly haven't been updated yet. Theres a BBCode tag that I only admins to be able to use. To be more specific, the tag is [award][/award]

[Matthew K.]

Have you considered posting your question on the mods support topic?

[game_guy]

Its a mod I hard coded into SMF myself. I basically created an Achievements mod, and staff could simply award uses achievements by using this bbcode. After a ton of struggle, I finally got the tag done but I don't want a regular member to be able to use it or else they'd be able to give themselves achievements.

[Matthew K.]

You'll have to use 'validate' => '', in the BBC tag.

[game_guy]

Could you maybe help me out with the code? I'm already using the validate to grab data from my database.

Code Select Expand

array(
'tag' => 'addaward',
'type' => 'unparsed_content',
'content' => '$1',
'validate' => create_function('&$tag, &$data, $disabled', '
$input = explode(",", $data);
$user_query = "SELECT * FROM smf_members WHERE memberName = \'$input[0]\'";
$user_result = db_query($user_query);
if (mysql_num_rows($user_result) < 1)
$data = "<span style=\"color: #FF0000\">User \'$input[0]\' does not exist.</span>";
else
{
$user_data = mysql_fetch_array($user_result);
$award_query = "SELECT * FROM achievements_admin WHERE aid = $input[1]";
$award_result = db_query($award_query);
if (mysql_num_rows($award_result) < 1)
$data = "<span style=\"color: #FF0000\">Achievement \'$input[1]\' does not exist.</span>";
else
{
$award_data = mysql_fetch_array($award_result);
$id = $user_data[ID_MEMBER];
$result = db_query("SELECT * FROM achievements_users WHERE uid = $id");
if (mysql_num_rows($result) < 1)
{
$insert = "INSERT INTO achievements_users(uid, awards, points) VALUES ($user_data[ID_MEMBER], \'2\', 10)";
db_query($insert);
if ($input[1] == 2)
$has = true;
else
$has = false;
}
else
{
$audata = mysql_fetch_array($result);
$awards = explode(",", $audata[\'awards\']);
$has = in_array($input[1], $awards);
}
if ($has)
{
$c_form = "<span style=\"color: #0000CC\"><img src=\"$award_data[afile]\" /><br />$input[0] has been awarded \"$award_data[aname]\".</span>";
//$c_form .= "<form action=\"achieve.php\" method=\"post\" target=\"foo\" onSubmit=\"window.open(\'\', \'foo\', \'width=450,height=300,status=yes,resizable=yes,scrollbars=yes\')\"><input type=\"submit\" value=\"Claim\" /></form>";
$data = $c_form;
}
else
{
$c_form = "<span style=\"color: #0000CC\"><img src=\"$award_data[afile]\" /><br />$input[0] has been awarded \"$award_data[aname]\".</span>";
$c_form .= "<form action=\"achieve.php\" method=\"post\" target=\"foo\" onSubmit=\"window.open(\'\', \'foo\', \'width=450,height=300,status=yes,resizable=yes,scrollbars=yes\')\"><input type=\"submit\" value=\"Claim\" /></form>";
$data = $c_form;
}
}
}
'),
),
I still want the bbcode to parse for everyone, I just don't want non-staff to be able to use it in a post.

[samborabora]

Sorry if this is a massive necrobump, but I'm curious on how to do this. I'd like to figure out how to only allow admins or moderators to use:

Code Select Expand

array(
'image' => 'right',
'code' => 'right',
'before' => '[right]',
'after' => '[/right]',
'description' => $txt['right_align']
),
Is this possible, just by modifying the array?

[Arantor]

No, since the bbc parser would only know who the current user is, not the person making the post.

There is already such a check inside Subs-Post.php for the html bbcode, which could be duplicated for extras but usually it's just simpler to edit peoples' posts if it's inappropriate and even issue warnings if they continue to not do what they're supposed to. Not everything needs a technical solution.

[samborabora]

In the case of the font-family drop downs, yes, I was able to make those depended upon membergroup, because it's in the post section rather than the code parser, as you say. So, is it possible to split apart this bbc code array, and put the part that needs to be membergroup specific in between these split arrays as html?

[Arantor]

Unless you did it in the preparser the same way the html bbcode works, regular users can still use it - they just can't see the option. It doesn't mean they can't do it.

Same deal with any changes you make to this array, you prevent users having a button for it, but that's all you actually do. Users who happen to quote your post will be able to see the raw bbcode and use it themselves.

[samborabora]

Unless you did it in the preparser the same way the html bbcode works, regular users can still use it - they just can't see the option. It doesn't mean they can't do it.

Same deal with any changes you make to this array, you prevent users having a button for it, but that's all you actually do. Users who happen to quote your post will be able to see the raw bbcode and use it themselves.

Ahhhhhhh, I get it now, I see what you're saying, it doesn't disable the use of the bbc, just the button for it. Okay, for reference, what can I use to disable just the button visibility for non admins? Is that much possible from the array, or does it still need to be separated into the template?

[Arantor]

Neither, you'd have to splice the array after it's built (or during when it's being built, but not recommended) but before it gets to the template.

It's very messy to do that, though, and for minor layout I don't understand quite what the concern is about letting members do it. You could, as an alternative, just disable it and let admins use raw HTML to format it. Would be cleaner, faster, and maintenance free in the future (except on the rare occasions you'd need such formatting, presumably)