News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

Profile > View Posts > even in boards you can't see

Started by Arantor, September 03, 2013, 07:16:27 PM

Previous topic - Next topic

Arantor

It always irked me that showing you posts in your profile was limited to boards you could see.

I propose the following change:
* if you are viewing someone else's profile, restrict it as normal to boards you can see (and thus you see the posts they made in the boards you can see, no privacy issues)

* if you are viewing your own profile, ignore the normal restriction, perhaps excluding only the recycle bin.

You wrote the posts, you should be able to see them as far as I'm concerned. The only thing you'd have to clean up would be the links at the top of the page where it lists board > topic, just make them non-links and add a message to the effect that they're in a board you cannot currently access.

You'd have to fix the search as well to be mindful of this (and that's no big feat) but at least showing you all your own posts would be nice.

live627

I think someone did this (minus the search) to SMF 2.1 a while back. But I could be remembering wrongly.

Arantor

Nope, release-2.1 at least still has the old query in it for showing posts, i.e. checking query_see_boards unless the user is an admin. Maybe one of the other branches has it, I dunno, never entirely sure what's supposed to be in what branch because the descriptions don't really conform to what's actually going on with them...

emanuele

https://github.com/SimpleMachines/SMF2.1/pull/97

It was not included due to (in fact valid) concerns on how people (could) use posts in hidden boards (see last comment by Norv).


Take a peek at what I'm doing! ;D




Hai bisogno di supporto in Italiano?

Aiutateci ad aiutarvi: spiegate bene il vostro problema: no, "non funziona" non è una spiegazione!!
1) Cosa fai,
2) cosa ti aspetti,
3) cosa ottieni.

Kindred

hmmm.....

I understand Norv's comment (especially how we use some sticky posts in the team boards)
I'm not sure I agree though...     it seems simple enough --   if it's that sort of post, when a person has access removed, then either lock and unsticky the post or delete it (and make a new sticky, either way)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Arantor

Oh, I understand Norv's comments but I disagree.

If you made the post, you should be able to access it. If it's being modified, those modifying it should be aware that the person who wrote that post can still see *that* post.

emanuele

Yups.

And I think Norv agrees too, though it's probably more safe to do it in a major release and not in a minor (at least that was my interpretation).


Take a peek at what I'm doing! ;D




Hai bisogno di supporto in Italiano?

Aiutateci ad aiutarvi: spiegate bene il vostro problema: no, "non funziona" non è una spiegazione!!
1) Cosa fai,
2) cosa ti aspetti,
3) cosa ottieni.

Acans

Sounds good, but since the mixed reactions in this topic alone a setting should be available to be turned on or off.
"The Book of Arantor, 17:3-5
  And I said unto him, thy database query shalt always be sent by the messenger of $smcFunc
  And $smcFunc shall protect you against injections and evil
  And so it came to pass that mysql_query was declared deprecated and even though he says he is not
  dead yet, the time was soon to come to pass when mysql_query shall be gone and no more

Advertisement: