Hide custom menu button from guests

Black Tiger · December 26, 2018, 03:19:14 PM

Hello.

A long time ago I created this block according to the SMF docs like this in Subs.php:

                        'nieuwe_posts' => array(
                                'title' => 'Nieuwe posts',
                                'href' => $scripturl . '?action=unread;all;start=0',
                                'show' => true,
                        ),

It shows new posts to users by pressing this button.

This block is also shown to guests, however if they click on it, they are automatically redirected to the login page.

I would like to change this behaviour and just have this block invisible for guest and only visible to logged in users.
I presume this can be done with some code change.

Can anybody tell me in a "take this and place after that" kind of method (I'm no coder) how to get this done please?

Arantor · December 26, 2018, 03:22:02 PM

Change the 'show' => true to 'show' => empty($user_info['is_guest']),

Black Tiger · December 26, 2018, 03:24:08 PM

Ah thank you Arantor, just also found out myself.

Just realised the search function is also visible for registered users so I used the same as for the search. New post is also kind of search.
So I changed the show=truee to

Code Select

'show'= $context['allow_search']
Seems to work fine.

But yours is better, thanks!

Arantor · December 26, 2018, 03:25:12 PM

Makes sense, as allow_search is what's used in stock SMF to decide if search is available...

Kindred · December 26, 2018, 03:26:01 PM

hey Arantor...

Is there a realistic difference between

'show' => empty($user_info['is_guest']),
vs
'show' => !($user_info['is_guest']),
vs
'show' => $user_info['is_logged']),

Black Tiger · December 26, 2018, 03:32:10 PM

@Arantor: Yep, that's why I found your solution better, so I already changed it to your solution.

Arantor · December 26, 2018, 03:35:58 PM

Quote from: Kindred on December 26, 2018, 03:26:01 PM
hey Arantor...

Is there a realistic difference between

'show' => empty($user_info['is_guest']),
vs
'show' => !($user_info['is_guest']),
vs
'show' => $user_info['is_logged']),

First one always safe in terms of the variable existing, the second should be but can sometimes fail in odd ways (especially with mods), third one... is that even consistently defined? I don't remember any more.

Black Tiger · December 27, 2018, 02:27:06 PM

Addition questin. Guest can still use this as direct link in their browser:
https://www.mydomain.com/forum/index.php?action=unread;all;start=0
and they will see a login block.

Is 't possible to adjust this some how in code, that they are not allowed to do this, or they get automatically redirected to the official login page "index.php?action=login" some how?

Arantor · December 27, 2018, 02:35:45 PM

Hmm, I can think of a couple of ways out here, either to modify just that page to redirect, or possibly to interrupt the entire is-not-guest handling such that anything called that expects an authenticated user forcibly just redirects to action=login.

The former, go to Sources/Recent.php, find the function UnreadTopics() and change the call from is_not_guest() to:

Code Select


if (!empty($user_info['is_guest']))
{
    redirectexit('action=login');
}

This will change it for just that one page. If you were interested in doing for all such tests, you'd want to change Security.php, inside is_not_guest() itself, and after the test for isset($_REQUEST['xml']) is done, you could just brute force redirect again with redirectexit. The key is to make sure that the weird tests are done first (like checking for $_REQUEST['xml']) so that other things aren't broken by that.

Black Tiger · December 27, 2018, 02:45:58 PM

Oke I'll try the first solution in Recent.php first.

I will explain why this is, maybe that clears things up.
I'm using Google Adsense, and users have to agree to several terms which they can read before registering. Those pages do not have any adsense blocks or banners.
Now the login page had, so I removed the banners there due to an adsense policy complaint.

Now on december 25th I had again 2 complaints. One again for the index.php?action=login and a new one for the unread topics.
I now used my Christmas theme, but as far as I know there were no adsense adds anymore on the login page. Only 2 non-coded for another company not via Google.

For both links I got the "Valuable Inventory: no content" notice. And thought it was caused by the "new post" button which is made invisible now.
However, I forgot that Google still could use the direct link to check, so I also removed the ads in the new post check part.

I just want to keep using Adsense and get rid of those "no content" policy notices. So when they (so guests) can't call those anymore, they won't see them.

So maybe the Security.php edit is better then.

I don't mind doing some code changes in php files, but if you now a better way, I'm all ear ofcourse.

Arantor · December 27, 2018, 03:36:39 PM

Those changes I outline above are the only two ways I can think of - but the latter is probably better for you since if you're hitting pages with a login on them that isn't the main login form, you're going to end up with the same problem, so fixing it in is_not_guest canonicalises everything to go to the action=login instead.

Black Tiger · December 27, 2018, 03:55:57 PM

The latter... you mean the Security.php?

No clue where to put it since I don't want to break things like you mentioned. I found this:

Code Select


// Require a user who is logged in. (not a guest.)
function is_not_guest($message = '')
{
        global $user_info, $txt, $context, $scripturl;

        // Luckily, this person isn't a guest.
        if (!$user_info['is_guest'])
                return;

        // People always worry when they see people doing things they aren't actually doing...
        $_GET['action'] = '';
        $_GET['board'] = '';
        $_GET['topic'] = '';
        writeLog(true);

        // Just die.
        if (isset($_REQUEST['xml']))
                obExit(false);

        // Attempt to detect if they came from dlattach.
        if (!WIRELESS && SMF != 'SSI' && empty($context['theme_loaded']))
                loadTheme();

        // Never redirect to an attachment
        if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false)
                $_SESSION['login_url'] = $_SERVER['REQUEST_URL'];

        // Load the Login template and language file.
        loadLanguage('Login');

Can I just replace the :

Code Select

        if (!$user_info['is_guest'])
                return;

With the same fix for recent.php or do I have to put it somewhere else? I'm no coder, I don't have a clue.

I also find something like this under the Fatal Error section. All in Security.php.

Arantor · December 27, 2018, 05:02:31 PM

Find

Code Select

        if (isset($_REQUEST['xml']))
                obExit(false);

After it:

Code Select

redirectexit('action=login');

You want it specifically in is_not_guest.

Black Tiger · December 27, 2018, 06:31:05 PM

That works superb!

Thank you very much to describe it for me like this so I could put it in easily. Great!

News:

Hide custom menu button from guests