Page 2 of 2
Re: username exists
Posted: 07 Jul 2008, 16:17
by Jan
1. users can use the name which they want but they cannot use the name of some registered user, so if they are not logged and they are anonymous they cannot use own name... if you are not logged, you are anonymous
the users can always (logged in or not) use their own credentials. can you use your bank account if you are not verifed? How can Joomla know that if you are anonymous (not logged) that you use your name. So can every anonmous use the name of the registered user ...
2. you can change it in the php code, so that no text (guest or name of the registered user) will be displayed in the box
Jan
Re: username exists
Posted: 13 Aug 2008, 01:31
by salec
pls add to back end export and add a post, so I don´t need to login in front end (we don´t use it) and can use admin name, thanx
Re: username exists
Posted: 13 Aug 2008, 16:37
by Jan
???
Re: username exists
Posted: 13 Aug 2008, 22:37
by salec
I want to add post in back end as administrator or another admin user, is it possible?
Re: username exists
Posted: 15 Aug 2008, 19:34
by Jan
no, you can only edit posts in admin area ... you can add new post in frontend
Re: username exists
Posted: 03 May 2009, 22:31
by Jan
Hi, see this forum, I have explained the reasons for this behaviour...
This is the same like in this forum, I cannot use your account to write entries, so some anonymous user cannot use account of some registered user to post a message. The Phoca Guestbook is a free script. So it is a basic solution and if you need, it has other behaviour, you can customize it, because the code is open source.
For me, security is important, so I have done three main things:
- implemented HTML Purifier method to clean bad code
- developed 3 different Captchas
- implemented solution for protecting registered users, so nobody can write some message as some registered user.
Yes of course, for somebody the security is not so important. Then please take a look at the code and customize it. I hope, you understand, that the basic solution should have these features. It is still better to disable security features than to have none of them.
Jan
Re: username exists
Posted: 26 Jan 2010, 00:12
by theevil
To allow anonymous users to post with the same name as a registered user, you need to turn off username checking in phocaguestbook.php in /components/com_phocaguestbook/controllers.
To disable the check, remove the following lines (Don't forget to make a backup!):
Line 223-234
Code: Select all
// Check for existing username
$query = 'SELECT id'
. ' FROM #__users '
. ' WHERE username = ' . $db->Quote($post['username'])
. ' OR name = ' . $db->Quote($post['username'])
. ' AND id != '. (int) $user->id
;
$db->setQuery( $query );
$xid = intval( $db->loadResult() );
if ($xid && $xid != intval( $user->id )) {
$username = 0; JRequest::setVar( 'username-msg-3', 1, 'get',true );
}
and line 259-270
Code: Select all
// Check for existing username
$query = 'SELECT id'
. ' FROM #__users '
. ' WHERE username = ' . $db->Quote($post['username'])
. ' OR name = ' . $db->Quote($post['username'])
. ' AND id != '. (int) $user->id
;
$db->setQuery( $query );
$xid = intval( $db->loadResult() );
if ($xid && $xid != intval( $user->id )) {
$username = 0; JRequest::setVar( 'username-msg-3', 1, 'get',true );
}
Re: username exists
Posted: 06 Feb 2010, 02:32
by meanmom
Thank you! This is just what I needed. Works great.