Jump to content

Post Anonymously


TSP

Recommended Posts

%7Boption%7D



File Name: Post Anonymously

File Submitter: TSP

File Submitted: 15 Nov 2012

File Category: User and Social Engagement

Supported Versions: IP.Board 3.3.x, IP.Board 3.4.x



With this members are able to post in forums anonymously. All posts posted with the anonymous function will be tied to one account that you define in the Admin CP. You will be able to check the true identity behind posts in the Mod CP. Posts posted will have a generated hash in them, to be able to tell members in discussions apart. (Please read further details on this in the attached readme).

This is developed and used with the thought of letting members be able to share or ask about sensitive / personal topics in specific forums. The users will not need to be logged out to ask as a guest and you will not have to enable guest posting. That's how we use it, you may use it differently :smile:


Main Author: Preben at Mediehuset Tek (Modern version, Mads developed the initial version)


Features

  • Members of the user groups you allow will be able to post anonymously in the forums you choose
  • An md5-hash will be added to these posts to be able to tell members apart. Read the attached readme for details
  • Support is in place to have this work with quick reply, but it will require one file change and a template change


Installation
This hook requires one hook xml-file to be uploaded from the AdminCP. It also includes one file to upload.


How can I get this to work with quick reply?
You need to do a file change in the file public/js/ips.topic.js . To do this you need file access on the server where your board is installed.

In the file ips.topic.js, find:


/* Fetch post contents */
		var Post  = ipb.textEditor.getEditor( ipb.topic.fastReplyId ).getText();
		var isRte = ipb.textEditor.getEditor( ipb.topic.fastReplyId ).isRte();

Add this below:

var _postAsAnon = false;
		
		if(document.getElementById('_postAsAnon')) {
			var _postAsAnon = document.getElementById('_postAsAnon').checked;
		}

A little bit further down, in the same file, find:

parameters: {
md5check: ipb.vars['secure_hash'],
Post: Post.encodeParam(),
isRte: isRte
},

Change it to this:

parameters: {
									md5check: 	ipb.vars['secure_hash'],
									Post: 		Post.encodeParam(),
									isRte: 		isRte,
									_postAsAnon: _postAsAnon
								},

Save the file. Now you need to change a template bit in your templates. In your skins, find the template group Topic View, then open the template bit TopicViewTemplate. Look for this, near the end of the template:

{parse editor="Post" options="array( 'type' => 'full', 'minimize' => 1, 'isTypingCallBack' => 'ipb.topic.isTypingCallBack', 'height' => 180, 'autoSaveKey' => 'reply-' . $topic[tid], 'warnInfo' => 'fastReply', 'modAll' => $topic['_fastReplyModAll'] )"}
				<br />

Below it, add this:

<if test="custom_hw_anonhook:|:1 == 1"></if><!-- HW_CUSTOM custom anon hook point -->

Save the template. If you've done everything correctly you should now be able to reply anonymously with quick reply aswell.








Background: This is a popular feature we currently have installed on three different large Invision Power Boards we host, two of them 3.3 and one of them 3.2. First version was developed in March 2010 and it have been used and improved on two of the forums since then. (NOTE: This public version will not work on 3.2).


We hope that by sharing some of what we develop it will help us gain new ideas and more insight into developing for the Invision Power Systems. If any other developers have any hints or tips on changes that should be done to the code etc., then please let us know! :smile:



here to download this file

Link to comment
Share on other sites

  • Replies 87
  • Created
  • Last Reply

Two small things.

In the ModCP plugin:

{$this->lang->words['dnoanon_modcheck']} <a href='{$this->settings['base_url']}act=findpost&pid=$pId'>$pId</a>: <strong><a href="/index.php?showuser={$results['member_id']}">{$results['name']}</a></strong>

act=findpost? While it may redirect to the correct URL right now, you should still use the correct version. app=forums&module=forums&section=findpost&pid=$pId

And no FURL support. You may not use it, but others do.

The new table is forced as an InnoDB table. You may use it, others don't. And those who doesn't, often disable it (like me). And you're not sticking to the "standards" when saving a timestamp. You're using MySQL specific methods (MSSQL don't know what NOW() is). Do it as a int(10) field, and use the same timestamp as the one from $this->_postClass->getPostData().

Link to comment
Share on other sites

This sounds like a great hook but I don't like the way it works. Howbabout working this hook so that someone can choose to post anonymously but that their username is actually greyed out inistead of simply setting up an account where that abnonymous content is posted to. I'm concerned about this hook because if you install it and someone wanted to post anonymously then they could subvert your forum rules by posting hateful messages on your community.

Link to comment
Share on other sites

How it does really works? Do you replace the post author by your bot and store the real author in a new column or do you "skinoverload" all the places to show the bot? And what happens when the hook is uninstalled? The real author shows up?

Thank you.

Short answer: The real author would not show up. The real author id is stored in another table, while the bot information is used to populate regular ipb tables that are used when posting posts.

What I basically do is to extend the two post classes that are used for submitting posts. (There is one for ajax and one for regular posting.)

If the checkbox is checked for posting anonymously then I make them use my methods. If the checkbox is not checked, I just send the call to the parent / regular posting class. This in order to avoid problems with regular posting or too much trouble if people upgrade and forget to update this or a newer released version is not released.

The anonymous posting methods is in large part a copy of their parent method, but with custom code put in the appropiate places in between.

I wanted to do data hooks for a while, but at the time I was considering to rewrite to use data hooks, it didn't seem like it would be possible to implement all of the functionality in that way.


I use another table to store the real author. Only the bot information is used when submitting this to the database, in my methods discussed above I basically retrieve the anonymous user information and then set $this->memberData = $this->anonUser to ensure that only those user details are used. Not every "API method" in IPB let's you send the memberid as a parameter.

I view it as too risky and too much effort to have it work any other way. There is too many places where the information could potentially leak out if you hadn't set up all skin overloads to work properly etc.

So if you were to uninstall the hook, then they would still be tied to the bot account. The only issue you would have is that the table used to store the real author would be gone and you wouldn't be able to check it later.

This sounds like a great hook but I don't like the way it works. Howbabout working this hook so that someone can choose to post anonymously but that their username is actually greyed out inistead of simply setting up an account where that abnonymous content is posted to. I'm concerned about this hook because if you install it and someone wanted to post anonymously then they could subvert your forum rules by posting hateful messages on your community.

I'll agree that I should likely put some easier way for moderators to check the real author. Now you'll have to go to the modcp with the copied postid in order to find out. We don't have an issue with this ourselves, since we're not checking it that often, but I do realize that an easier way to check is probarbly at the top of the list of improvements that should be done in order to make it more useful for others.

But if you do suspect someone of the misusing the feature, you should check the real author (in modcp) and then ban them if they can't behave, just as regular forum rules. Currently I'm not hiding the ip address with this hook either, so you could be able to tell by that aswell.

act=findpost? While it may redirect to the correct URL right now, you should still use the correct version. app=forums&module=forums&section=findpost&pid=$pId
And no FURL support. You may not use it, but others do.

The new table is forced as an InnoDB table. You may use it, others don't. And those who doesn't, often disable it (like me). And you're not sticking to the "standards" when saving a timestamp.

Thanks for pointing things out here! I was about to change the timestamp before I released it publicly, but I forgot it (the timestamp). As regards to the database type, can you leave that field blank when exporting to not force either? I have to admit I've never tried that, but I've just noticed that it says to write either myisam or innodb when exporting, and I've just gotten used to innodb.

About the urls, I haven't really put any thought into that, I'll admit. The only place where the url shows up is in the mod cp area, which is somewhat lacking in proper attention overall at this point. I can't say I view it as important to add furl-support in this area, but I'll likely get around to fixing it in order to follow standards and get a better understanding of it later. But I'll do the change to app=forums&module=forums&section=findpost&pid=$pId in next update. Probarbly later today or tomorrow.
Link to comment
Share on other sites

Uploaded an update.

What's New in Version 1.0.1 (See full changelog)

  • Fix for mysql strict (Gave sql error upon post submit, not saving real authorid)
  • Fixed hash mismatch if the topic starter was anonymous (Due to $_POST['TopicTitle'] not being trimmed upon hash generated.)
  • Changed posted-field in table from TIMESTAMP to int(10)
  • Updated direct url to post in modcp to use the proper url
  • Updated hook information in ACP hook overview
Link to comment
Share on other sites

Anyway to force anonymous posting for selected forums?


Not at the moment.

Not sure if or when I would use time to add it either. It's not the first thing I would add.

I guess you could sort of make it happen by doing some template changes in the anonReply-template.

You could try to add this in the top of the template bit:
<php>if($this->request['f'] == 3 OR $this->request['f'] == 5) {
$this->request['_postAsAnon'] = 'yes';
$this->_forceAnon=true;
}</php>

And then in the same template bit, find this:
<li class='ipsField ipsField_checkbox'>

And change it to this:
<li class='ipsField ipsField_checkbox'<if test="$this->_forceAnon"> style='display:none;'</if>>

But note that I haven't tested this. You would have to change 3 and 5 (and add or remove) to the forum ids you wish it to be forced in.

Edit: actually, I tested it now and it worked. But I had an error in my first code suggestion. Fixed now. Remember you would need to change this in the mobile template aswell. And to the other "modes" in the template bit. I'm sure you're able to figure out how to do it for the other modes in the template bit aswell. And you would have to edit ips.topic.js and topicViewTemplate (Instructions are available in the first post), to have it work with quick reply.
Link to comment
Share on other sites

Not at the moment.

Not sure if or when I would use time to add it either. It's not the first thing I would add.

I guess you could sort of make it happen by doing some template changes in the anonReply-template.

You could try to add this in the top of the template bit:

<php>if($this->request['f'] == 3 OR $this->request['f'] == 5) {
$this->request['_postAsAnon'] = 'yes';
$this->_forceAnon=true;
}</php>


And then in the same template bit, find this:


<li class='ipsField ipsField_checkbox'>


And change it to this:


<li class='ipsField ipsField_checkbox'<if test="$this->_forceAnon"> style='display:none;'</if>>


But note that I haven't tested this. You would have to change 3 and 5 (and add or remove) to the forum ids you wish it to be forced in.



Edit: actually, I tested it now and it worked. But I had an error in my first code suggestion. Fixed now. Remember you would need to change this in the mobile template aswell. And to the other "modes" in the template bit. I'm sure you're able to figure out how to do it for the other modes in the template bit aswell. And you would have to edit ips.topic.js and topicViewTemplate (Instructions are available in the first post), to have it work with quick reply.

Thanks! Any method is better than no method! :smile:

Link to comment
Share on other sites

TSP, while I would love to install this on my site, this hook bothers me for one reason: once every year, I get some troll who will register on my site and post slander against my community and the forum staff. I would rather have a hook like this that allows members to post anonymously but that doesn't display their actual username for that post but where only forum staff with the right permissions can see who actually posted what anonymous content.

Have you thought about designing this hook so that when a member posts a message that they can choose whether the posted content they are making on the forum is either 'visible' or 'hidden'. That only forum staff can see that 'hidden' information. For instance, if a member on my forums decided to post an anonymous message on my forums that I should be able to look at that post and be able to see who posted that content.

Take the login method for IPB. Members are allowed to log into their account anonymously. However, while guests and other members cannot see who is logged in anonymously, the admin and moderators, if they have the right permissions, can see who is logged in anonymously. They just appear with an asterisk (*) next to their name indicating they are logged in anonymously. I think something similar to that could be applied to your hook, where you can configure your "Post Anonymous" hook so that when someone decides to post a message anonymously, that only those with the right permissions will be able to see those anoonymously posted messages.

This way, if someone posts anonymously, and violates your forum policy or disrupts your community, that admin and moderators can halt that member before any further damage is done.

Link to comment
Share on other sites

Have you thought about designing this hook so that when a member posts a message that they can choose whether the posted content they are making on the forum is either 'visible' or 'hidden'. That only forum staff can see that 'hidden' information. For instance, if a member on my forums decided to post an anonymous message on my forums that I should be able to look at that post and be able to see who posted that content.


You can check this by going to your modcp and pasting the postid into the Check Anonymous module there. But I agree that this information or link should be more accessible for the staff.

I'm not sure I fully understand your other suggestion, but I'm pretty sure you can achieve this without any big issues. The solution would be to put the anonymous user account under moderation queue as you would with a normal user account. That way you would have to approve all posts posted anonymously.
Link to comment
Share on other sites

Why create an anonymous user account for this hook to operate? I think that kind of defeats the purpose. This hook has potential but the whole purpose of allowing anonymous posting is that if a member posts an anonymous message that the post he or she creates should be associated with that member's forum account, not with the anonymous account. I guess that's the point I was trying to make. :sweat:

Link to comment
Share on other sites

I'm not sure how it would be anonymous if the "anonymous post" would be associated with their real account. What would the purpose be?

As I've written before there is simply too many places you would have to ensure that the real author info didn't "leak out" if it was done another way, and it wouldn't be "compatible" with other hooks either.

I will update this hook to have the checking tool more accessible for staff, but I can't see a good argument to do any major changes to how this is implemented. Saving the original author information to the original IPB fields creates no real benefits in my opinion, but a lot more work.

I just can't see the logic in having this be saved in a less anonymous way.

Link to comment
Share on other sites

My point being is that you shouldn't have to create a dummy anonymous account in order for this hook to work.


Then we disagree on that, and I will not change my mind. I'm thankful for your opinion and input but there is simply no reliable, secure and update-friendly way to solve this by not using a dummy account. I prioritize the anonymity of the end users using this first.
Link to comment
Share on other sites

Hello,

Thanks so much for sharing this with us! I really like this hook. However, I cannot get the fast reply as anonymous to work. I have spent a couple of hours checking to make sure everything was correct, and as you instructed. The post as anonymous check box is in the fast reply window, but will not work!

The mod is working in full editor though.

Here is my code:

(ipb.topic.js)

/* Fetch post contents */
		var Post  = ipb.textEditor.getEditor( ipb.topic.fastReplyId ).getText();
		var isRte = ipb.textEditor.getEditor( ipb.topic.fastReplyId ).isRte();
		
		var _postAsAnon = false;
		
		if(document.getElementById('_postAsAnon')) {
			var _postAsAnon = document.getElementById('_postAsAnon').checked;
		}
{
								method: 'post',
								encoding: ipb.vars['charset'],
								evalJSON: 'force',
								parameters: {
									md5check: 	ipb.vars['secure_hash'],
									Post: 		Post.encodeParam(),
									isRte: 		isRte,
									_postAsAnon: _postAsAnon
								},
								onSuccess: function(t)
								{ 

I also edited the template bit per your instructions. Any ideas or instruction?

Thanks!

Link to comment
Share on other sites


Thanks so much for sharing this with us! I really like this hook. However, I cannot get the fast reply as anonymous to work. I have spent a couple of hours checking to make sure everything was correct, and as you instructed. The post as anonymous check box is in the fast reply window, but will not work!

Hmm, since the box is in the fast reply box, it shouldn't be a problem with your template atleast. What browser do you use? Tested in another?

Do you have any experience with Chrome Dev Tools or Firebug in Firefox? Not really sure what could be going on here.

It could be that you're browser is still loading an older cached ips.topic.js (I would try to empty your browser cache first) or that some other error will be visible in Firebug or Chrome Dev Tools upon submit.

post-135437-0-64012600-1353184496_thumb.
If you open Chrome Dev Tools, can be found in menu "Display / show" -> "Developer" or similar. Then open the network tab and check the checkbox, then click submit. There should now show up a new line in the network tab, click on that (Index.php..). Now ensure that you're on the "Headers" bar for the inspect of index.php and scroll down until you see Form Data, it should look like this:

post-135437-0-24796200-1353184508_thumb.

Also.. please check that you're actually updated the correct ips.topic.js by going to the url /public/js/ips.topic.js for that forum? I know I've done mistakes like that myself...
Link to comment
Share on other sites

hi,

this mod can to work with 3.2.x?

very good mod, nice job


I haven't tested this version in IPB 3.2, but I don't think it would work. There shouldn't be any harm in trying and see what happens though. Do you have a local test board?
Link to comment
Share on other sites

Hmm, since the box is in the fast reply box, it shouldn't be a problem with your template atleast. What browser do you use? Tested in another?

Do you have any experience with Chrome Dev Tools or Firebug in Firefox? Not really sure what could be going on here.

It could be that you're browser is still loading an older cached ips.topic.js (I would try to empty your browser cache first) or that some other error will be visible in Firebug or Chrome Dev Tools upon submit.

attachicon.gifpost-before-submit.png
If you open Chrome Dev Tools, can be found in menu "Display / show" -> "Developer" or similar. Then open the network tab and check the checkbox, then click submit. There should now show up a new line in the network tab, click on that (Index.php..). Now ensure that you're on the "Headers" bar for the inspect of index.php and scroll down until you see Form Data, it should look like this:

attachicon.gifpost-after-submit.png

Also.. please check that you're actually updated the correct ips.topic.js by going to the url /public/js/ips.topic.js for that forum? I know I've done mistakes like that myself...

I though about the cache, after I posted my question. I do use a CDN so JS is cached. I purged the cache of the CDN and cleared my browser cache. When i refreshed the screen, the topic view was messed up/misaligned. I just replaced the JS file with the original JS file, and turned off the hook for now until I can figure out what is going on with my test board.

I will use the tools you pointed out here. thanks

Link to comment
Share on other sites

It looks like you've set it up to work correctly to me. But just to rule out everything, if it still doesn't work after you've got it sorted. You can download my version of ips.topic.js. But I'm 99% sure that will not make any difference. Your edits looked exactly like they should be.

ips.topic.js.zip

Your test board is 3.3 and not 3.4 Beta right? I haven't had time to test and update this for 3.4.

If you have an url available to your test board, then maybe you could send me the url in PM?

Link to comment
Share on other sites

It looks like you've set it up to work correctly to me. But just to rule out everything, if it still doesn't work after you've got it sorted. You can download my version of ips.topic.js. But I'm 99% sure that will not make any difference. Your edits looked exactly like they should be.

attachicon.gifips.topic.js.zip

Your test board is 3.3 and not 3.4 Beta right? I haven't had time to test and update this for 3.4.

If you have an url available to your test board, then maybe you could send me the url in PM?

Thanks for your support. My test board is 3.3.4, as is my live board.

I will have to mess with it at another time, probably within the next 5 days. I have to build another online store ATM :facepalm: lol

I will keep you updated!

Link to comment
Share on other sites

Thanks for your support. My test board is 3.3.4, as is my live board.

I will have to mess with it at another time, probably within the next 5 days. I have to build another online store ATM :facepalm: lol


Sure, no problem. I'm interested in resolving any problem here since we use it on three boards ourselves.

Good luck with that online store! :smile:
Link to comment
Share on other sites


I will have to mess with it at another time, probably within the next 5 days. I have to build another online store ATM :facepalm: lol


Actually.. You know what, I can totally reproduce this issue. I have absolutely no idea why atm. I'm flabbergasted, it totally works on my dev board, and it totally works on two live forums where I have this version installed.

While I did some changes before I released this public version, I really can't imagine any of them causing this issue...

I'll have to investigate this more at a later time. But I don't think there is an issue with your board here. It seems it's totally something weird in my code.
Link to comment
Share on other sites

Looks like I might've found a way to temporarily work around the issue. This actually seems to be browser cache related after all, or server cache. Not really sure...

Could you try to switch the setting Minify CSS and JS to the opposite of what you have now? Please report back to me whether it worked and what it was previously set to.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...