Force log out everyone and disable log in

Started by spiros, October 30, 2014, 04:30:45 AM

Previous topic - Next topic

spiros

Is it possible to force log out everyone and disable log in to everybody apart from admin?

JBlaze

Other than truncating smf_sessions table (which is not really a great idea), and then enabling maintenance mode, not that I can think of.
Jason Clemons
Former Team Member 2009 - 2012

spiros

Thanks, well, I want to avoid maintenance mode. The reason is for a migration scenario where I want the old server to be accessible to people, but not postable.

margarett

Force everyone to login --> change cookie name

Your best option is to remove *all* permissions to *all* membergroups. This way no one can post, PM, etc.
So they can still login but they can't do anything. So they will stop logging in :)

Add to that a big message in index.template.php saying that the forum is in "archive mode" so that everyone knows and you're all set ;)
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

spiros

Yes, I tried the permissions trick in the past. The only down-side is getting back the permissions to what they were before. But I guess I could export the permissions table before the changes and reimport it afterwards.

It would be nice if there was some sort of maintenance mode flavour to make the forum read only and then return to its normal status/permissions.

Illori

if you change the name of the cookie, it will log everyone out. then maintenance mode will keep them from logging back in unless they are admin. otherwise there is no way to keep them from logging back in.

margarett

Good point.

Let me try something here ;)

edit:
OK, prevent someone from loggin' in should be possible but I'm not really imagining how right now.
But here's a dirty trick ;D
In Sources/Security.php we can fool the "allowedTo" function to refuse all permissions when you're not admin. This way you keep your current permissions untouched with a small code edit
Find:
// Administrators are supermen :P.
if ($user_info['is_admin'])
return true;

(lines 823-825 in a clean file)

Add after:
else
return false;
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

spiros

Quote from: margarett on October 30, 2014, 05:44:40 AM
refuse all permissions when you're not admin

I see, I am guessing that they still have the read permissions allowed to visitors? As, this is what I really want, i.e. a read only mode.

By the way, I just realised it has been exactly 10 yrs since I registered here!

margarett

Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

Kindred

WHat if you created a new membergroup - put everyone in it, and then set DENY permission on everything except READ POSTS?

that way, you are not messing with any of the existing permissions... and to get rid of it, just delete the deny membergrou
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

spiros


margarett

IIRC, there is no permission to read posts :o
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

Illori

Quote from: margarett on October 30, 2014, 11:42:28 AM
IIRC, there is no permission to read posts :o

well kinda there is, permission to view the board gives you permission to read the posts.

Arantor

Viewing a board isn't actually a permission last I checked... ;) Board access implies read power, though, but it's not enforced as a permission, only through {query_see_board} which is something else entirely.

Illori

it is not in the permissions section, but it is a permission that you are granting to the membergroup.

Arantor


radu81

Quote from: Kindred on October 30, 2014, 09:56:31 AM
WHat if you created a new membergroup - put everyone in it, and then set DENY permission on everything except READ POSTS?

that way, you are not messing with any of the existing permissions... and to get rid of it, just delete the deny membergrou
great idea  ;) Never thought on that

It took me some time to understand permissions in SMF, but I might say the permission system it's very flexible and powerful ;)
sorry for my bad english

spiros

The side effect of this is that it disables searching for everybody. I want searching to be remain allowed even for guests.


Quote from: margarett on October 30, 2014, 05:44:40 AM
Good point.

Let me try something here ;)

edit:
OK, prevent someone from loggin' in should be possible but I'm not really imagining how right now.
But here's a dirty trick ;D
In Sources/Security.php we can fool the "allowedTo" function to refuse all permissions when you're not admin. This way you keep your current permissions untouched with a small code edit
Find:
// Administrators are supermen :P.
if ($user_info['is_admin'])
return true;

(lines 823-825 in a clean file)

Add after:
else
return false;


Advertisement: