username exists

Post by **Jan** » 07 Jul 2008, 16:17

1. users can use the name which they want but they cannot use the name of some registered user, so if they are not logged and they are anonymous they cannot use own name... if you are not logged, you are anonymous

the users can always (logged in or not) use their own credentials. can you use your bank account if you are not verifed? How can Joomla know that if you are anonymous (not logged) that you use your name. So can every anonmous use the name of the registered user ...

2. you can change it in the php code, so that no text (guest or name of the registered user) will be displayed in the box

Jan

salec · Post by **salec** » 13 Aug 2008, 01:31

pls add to back end export and add a post, so I don´t need to login in front end (we don´t use it) and can use admin name, thanx

Post by **Jan** » 13 Aug 2008, 16:37

salec · Post by **salec** » 13 Aug 2008, 22:37

I want to add post in back end as administrator or another admin user, is it possible?

Post by **Jan** » 15 Aug 2008, 19:34

no, you can only edit posts in admin area ... you can add new post in frontend

Post by **Jan** » 03 May 2009, 22:31

Hi, see this forum, I have explained the reasons for this behaviour...

This is the same like in this forum, I cannot use your account to write entries, so some anonymous user cannot use account of some registered user to post a message. The Phoca Guestbook is a free script. So it is a basic solution and if you need, it has other behaviour, you can customize it, because the code is open source.

For me, security is important, so I have done three main things:

- implemented HTML Purifier method to clean bad code
- developed 3 different Captchas
- implemented solution for protecting registered users, so nobody can write some message as some registered user.

Yes of course, for somebody the security is not so important. Then please take a look at the code and customize it. I hope, you understand, that the basic solution should have these features. It is still better to disable security features than to have none of them.

Jan

theevil · Post by **theevil** » 26 Jan 2010, 00:12

To allow anonymous users to post with the same name as a registered user, you need to turn off username checking in phocaguestbook.php in /components/com_phocaguestbook/controllers.

To disable the check, remove the following lines (Don't forget to make a backup!):

Line 223-234

Code: Select all

// Check for existing username
			$query = 'SELECT id'
			. ' FROM #__users '
			. ' WHERE username = ' . $db->Quote($post['username'])
			. ' OR name = ' . $db->Quote($post['username'])
			. ' AND id != '. (int) $user->id
			;
			$db->setQuery( $query );
			$xid = intval( $db->loadResult() );
			if ($xid && $xid != intval( $user->id )) {
				$username = 0; JRequest::setVar( 'username-msg-3', 	1, 'get',true );
			}

and line 259-270

Code: Select all

// Check for existing username
			$query = 'SELECT id'
			. ' FROM #__users '
			. ' WHERE username = ' . $db->Quote($post['username'])
			. ' OR name = ' . $db->Quote($post['username'])
			. ' AND id != '. (int) $user->id
			;
			$db->setQuery( $query );
			$xid = intval( $db->loadResult() );
			if ($xid && $xid != intval( $user->id )) {
				$username = 0; JRequest::setVar( 'username-msg-3', 	1, 'get',true );
			}

meanmom · Post by **meanmom** » 06 Feb 2010, 02:32

Thank you! This is just what I needed. Works great.

Phoca Forum

username exists

Re: username exists

Re: username exists

Re: username exists

Re: username exists

Re: username exists

Re: username exists

Re: username exists

Re: username exists