[Snippet] - PPP 0.3 beta - Extended user profiling (w. custom fields)

66 Posts

bkvernst Reply #61, 17 years, 4 months ago

Good! Either way is fine, you know!

Is it ready for release yet?

80 Posts

nicpan Reply #62, 17 years, 4 months ago

Hi Anders,

Just a question about ppp :
I get a list of user. The link redirects me to the page where i can view the user’s profile. Let’s say the link is "http://mysite.com/index.php?id=2&WID=5"
5 is not my id, which is 1.
I have a page where i can edit my profil, the link of this page is "http://mysite.com/index.php?id=1"
Now if I add to the url the wid, i can edit someelse profil...!? with "http://mysite.com/index.php?id=&WID=5"

Have i done the right configuration, did i miss something? Or can I had something somewhere to check if it’s really the owner of the account that tries to edit the profil?

Excuse me for my poor english, hope my question was clear enought!

Thaks for your answers,

nicpan

358 Posts

Uncle68 Reply #63, 17 years, 4 months ago

Hi Nicpan!

I thought I handled the possibility for users to change other users profiles, but I now see it wasn’t a perfect solution, actually it doesn’t work at all as I expected.

It’s not possible for anyone to change another users data, but it is possible to see the other users data on the edit page if the user "hacks" by sending a WID to the edit page.

If changing something on other users data it doesn’t get saved, and it should show an error message. But I noticed that instead of getting the error message things get changed on the hackers profile! So it would be very easy to see who the hacker was as he will get the same name as the user he tried to hack! tongue

Although the hacker can’t destroy for other users, I’ll still fix the code so that no one even can see other users data on the edit page.

I’ll post new version as soon as I get a litte time to work with it!

Thanks for finding this out!

EDIT: Fixed this and also functionality to edit other users data (only from front end) in new version. I’ll post it very soon, just needs some more testing.

358 Posts

Uncle68 Reply #64, 17 years, 4 months ago

Hi! New release: PPP v 0.3 beta

NEW: Front end admins can now edit any users profile

(I know you want me to fix these admin functions inside manager, but at this time I don’t have enough time to spend on learning how to do that. Sorry.)

FIXED: Now a "hacker" no longer can populate fields from other users on the edit page (wouldn’t have been able to save changes to other profiles though). Thanks Nicpan for bringing this up to my attention!

FIXED/NEW: Also made an extra parameter to be used on any page where you want to be extra sure that the users are able to see only his/her own data: &showOwnOnly=`1`. This is to prevent someone trying to send someone elses id (by GET) to get to see some other users "personal page".

Upgrading:

Just overwrite the ppp.inc.php and ppp.resources.inc.php files.

New install:

Read instructions in the zip-file.

Be sure to make use of the eForm functionality for validation as the form input will be put into the database!

To check the new edit other user functionality, login to the demo site at http://www.learningmodx.com and check the user listing in the left column.

You can download the new version at the bottom of the first post in this thread.

Thanks!

/Anders
(Uncle68)

80 Posts

nicpan Reply #65, 17 years, 4 months ago

Quote from: Uncle68 at Jan 02, 2007, 05:08 PM

Thanks Nicpan for bringing this up to my attention!

Your welcome wink

Thanks for this new version, i’ll give you some feedback as soon as possible!
Thanks for this amazin snippet grin

898 Posts

chucktrukk Reply #66, 17 years, 4 months ago

Anders,

This is great.

Thanks,
Chuck

Chuck the Trukk
ProWebscape.com :: Nashville-WebDesign.com
- - - - - - - -
What are TV's? Here's some info below.
http://modxcms.com/forums/index.php/topic,21081.msg159009.html#msg1590091
http://modxcms.com/forums/index.php/topic,14957.msg97008.html#msg97008

73 Posts

EnDLeSs Reply #67, 17 years, 4 months ago

Hey I have a question.. I made the profile fields and everything then when I go to edit my profile and click submit it says
"Some errors were detected in your form:
The following required field(s) are missing: MSNMessengerHandle, SkypeName, AIMScreenName, YahooMessengerHandle, Location, Biography, Interests"

How can I make it so that they are optional and not required?

My chunk code is

	<p><span style="color:#900;">[+validationmessage+]</span></p>
		<form method="post" id="inputForm" action="[~[*id*]~]">
	<fieldset style="padding: 0px 4px 4px;">
<legend>Real Name</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	We ask, as a courtesy, that you give us your real name (given name (s)). We 
	like to get to know our members, so whenever an Administrator contacts you 
	they can address you by your real name rather then a username. If you 
	choose, your real name can be hidden from all members except for 
	Administrators.</div>
<div>
	<p><b><label for="fullname">Real Name</label></b><label accesskey="f" for="fullname">:</label><br>
	<input type="text" name="fullname" value="[+fullname+]" maxlength="60" eform="Fullname::1" /></p></p></label></div>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Email Address</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	As a member of Endless Bleach we require you to supply a valid e-mail address. 
	This is so we can contact you if necessary. Endless Bleach will never share 
	your e-mail address with any third-parties, and if selected your e-mail 
	address will be kept private to all members except for Administrators.</div>
<div>
		<p><b>Email Address:</b><br>
	<input type="text" name="email" value="[+email+]" maxlength="60" eform="E-mail::1" /></p></p></label></div>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Home Page URL</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	If you would like to let other visitors to this site know the URL of your 
	own web site, enter it here.</div>
<div>
		<p><label accesskey="h" for="HomePageURL"><b>Home Page URL</b>:</label><br>
	<input type="text" name="HomePageURL" value="[+HomePageURL+]" maxlength="60" eform="HomePageURL::1" /></p></p></div>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Instant Messaging</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	You may enter your registered identity for the instant messaging networks if 
	you would like other visitors to be able to contact you using that medium.</div>
<div>
		<p><b><label accesskey="i"  for="ICQNumber">ICQ Number:</label></b><br>
	<input type="text" name="ICQNumber" value="[+ICQNumber+]" maxlength="60" eform="ICQNumber::1" /></p></p>
		<p>	<b>	<label accesskey="m" for="MSNMessengerHandle">MSN Messenger Handle:</label></b><br>	
	<input type="text" name="MSNMessengerHandle" value="[+MSNMessengerHandle+]" maxlength="60" eform="MSNMessengerHandle::1" /></p>
		<p>	<b>	<label accesskey="s" for="SkypeName">Skype Name:</label></b><br>	
	<input type="text" name="SkypeName" value="[+SkypeName+]" maxlength="60" eform="SkypeName::1" /></p></p>
		<p>	<b>	<label accesskey="a" for="AIMScreenName">AIM Screename:</label></b><br>	
	<input type="text" name="AIMScreenName" value="[+AIMScreenName+]" maxlength="60" eform="AIMScreenName::1" /></p>
		<p>	<b>	<label accesskey="y" for="YahooMessengerHandle">Yahoo! Messenger Handle:</label></b><br>	
	<input type="text" name="YahooMessengerHandle" value="[+YahooMessengerHandle+]" maxlength="60" eform="YahooMessengerHandle::1" /></p></p></p></p></div>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Location</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	Please tell us what country you are from! We have interesting statistics 
	pages with details about our members as a whole. Please help us out by 
	selecting what Country you are currently residing in.</div>
<div>
	<b><label accesskey="l" for="Location">Location:</label></b><br>
	<input type="text" name="Location" value="[+Location+]" maxlength="60" eform="Location::1" /></div>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Biography</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	If you would like to write a brief biography for other members to read and 
	enjoy, feel free to do so. This is a quick way to tell others about your 
	interests and what not.</div>
<div>
	<b>
	<label accesskey="b" for="Biography">Biography:</label></b><br>
	<input type="text" name="Biography" value="[+Biography+]" maxlength="600" eform="Biography::1" size="50" /></div>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Interest</legend>
<div style="padding-top: 4px;">
 </div>
<div style="margin-bottom: 4px;">
	Your hobbies, etc</div><b><label accesskey="i" for="Interests">Interests:</label></b><br>
	<input type="text" name="Interests" value="[+Interests+]" maxlength="60" eform="Interests::1" />
</p>
<div style="padding-bottom: 4px;">
	</div>
</div>
</fieldset>
	<p><input type="submit" name="submit" value="Modify Profile"></p>
	</form>

Im also stuck in step 5 where it says "Use any placeholders as you like on the "show profile" page" All I have on that page is "[[ppp? &useTable=`web_user_test`]]" which is the right table and everything.
and the html for it is

<fieldset style="padding: 0px 4px 4px;">
<legend>General Information</legend>
<div style="padding-top: 4px;">
 </div>
<table border="0" cellpadding="0" cellspacing="0" width="100%" id="table1">
	<tr>
		<td width="30%"><b>Username</b></td>
		<td width="70%">[+username+] <Fix this!</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>Real Name</b></td>
		<td width="70%">[+fullname+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>Country of Residence</b></td>
		<td width="70%">[+Location+]</td>
	</tr>
	</table>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Contact Information</legend>
<div style="padding-top: 4px;">
 </div>
<table border="0" cellpadding="0" cellspacing="0" width="100%" id="table2">
	<tr>
		<td width="30%"><b>Home Page</b></td>
		<td width="70%">[+HomePageURL+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>Email Address</b></td>
		<td width="70%">[+email+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>MSN Messenger Handle</b></td>
		<td width="70%">[+MSNMessengerHandle+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%">	<b>	Skype Name</b></td>
		<td width="70%">[+SkypeName+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>AIM Screen Name</b></td>
		<td width="70%">[+AIMScreenName+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>Yahoo! Messenger Handle</b></td>
		<td width="70%">[+YahooMessengerHandle+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>ICQ Number</b></td>
		<td width="70%">[+ICQNumber+]</td>
	</tr>
</table>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Additional Information</legend>
<div style="padding-top: 4px;">
 </div>
<table border="0" cellpadding="0" cellspacing="0" width="100%" id="table3">
	<tr>
		<td width="30%"><b>Interests</b></td>
		<td width="70%">[+Interests+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>Favorite Anime</b></td>
		<td width="70%">[+FavoriteAnime+]</td>
	</tr>
	<tr>
		<td colspan="2" style="padding-top: 4px;"> </td>
	</tr>
	<tr>
		<td width="30%"><b>Favorite Manga</b></td>
		<td width="70%">[+FavoriteManga+]</td>
	</tr>
	</table>
</fieldset>
<div style="margin-top: 8px;">
 </div>
<fieldset style="padding: 0px 4px 4px;">
<legend>Brief Biography</legend>
<div style="padding-top: 4px;">
 </div>
<table border="0" cellpadding="0" cellspacing="0" width="100%" id="table4">
	<tr>
		<td colspan="2" width="100%">
		[+Biography+]</td>
	</tr>
</table>
</fieldset>

I dont know where to put the HTML Or what is a placeholder?

☆ A M B ☆
24,524 Posts

sottwell Reply #68, 17 years, 4 months ago

eform="AIMScreenName::1

should be

eform="AIMScreenName::0

Studying MODX in the desert - http://sottwell.com
Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
Join the Slack Community - http://modx.org

73 Posts

EnDLeSs Reply #69, 17 years, 4 months ago

OK after I do that And I try submitting my modified profile I get this

« MODx Parse Error »
MODx encountered the following error while attempting to parse the requested resource:
« Execution of a query to the database failed - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 »
      SQL: SELECT * FROM `endless_bleachtest`.web_user_test WHERE webuser = ;
      [Copy SQL to ClipBoard]
 
Parser timing
  MySQL: 	0.0024 s	(11 Requests)
  PHP: 	0.0671 s	 
  Total: 	0.0695 s

Can you also answer the second part of my post where I talk about step 5

358 Posts

Uncle68 Reply #70, 17 years, 4 months ago

Hi Endless, seems you have put a lot of work in learning eForm and PPP! I’ll try to help you get it to work!

First of all, the parse error you get have to do with that that the form doesn’t seem to send any user id, you can see that it says "WHERE webuser = ;" in the sql error message.

It’s a bit hard for me to know why you’re getting this, buy I would guess that it is because... hmmm... what would I guess...

It seems that you’re not logged in as a webuser, that would render that error message.

If you want to, you can pm me the login to you manager, and I can have a look. If not, check the steps in the instruction again and be sure you do everything in the order as stated there.

About step 5. I had a quick look at your code and it seems that you have made it right. If nothing shows up when you enter that page from the front end I guess the problem is the same as in your other problem, you’re not logged in as a webuser.

With the information you have provided it seems like the problem is the above, but it could of course be something other.

Again, check every step again, and possible try step 6 too. And also again, if you provide me with access I can have a look!

/Anders (Uncle68)

EDIT: I haven’t installed ppp from start since the first version, it could be that I have made some changes that make it not to work when creating the system from start. Especially in version 0.3 I made some pretty big changes that could affect the setup. I’ll try to find some time to make a fresh install to see if it works as expected. Have someone managed to install 0.3 from start with success, pls let me know and I’ll save some time.