Topic Password Protection

[Adriano Faria]

On 11/10/2016 at 6:41 PM, Safety1st said:

We noticed continuous errors when a user accesses to any not existed topic

I'll take a look in a couple of days. Tks.

[GrooveOnBeat]

This app works on browsers.

However, when users use an app such as Tapatalk they can see and reply to password protected threads without entering a password.

[Adriano Faria]

51 minutes ago, GrooveOnBeat said:

This app works on browsers.

However, when users use an app such as Tapatalk they can see and reply to password protected threads without entering a password.

Tapatalk is an independent app and has nothing to do with the hook system, so it won't work there. 

Edited July 6, 2017 by Adriano Faria

[GrooveOnBeat]

17 minutes ago, Adriano Faria said:

Tapatalk is an independent app and has nothing to do with the hook system, so it won't there. 

Ah, no wonder. Thanks!

[Shiyo]

Hello,

I've been using this app for nearly six months now, and it's always been working fine on my board except for a couple events: a (very) few users have been reporting at different times that they were somehow temporarily able to access (and read) distinct password protected topics as if they weren't protected at all (no password was asked to them). Of course as we promptly checked none of those password had been changed at the times of the incidents.  

I'd be really grateful if you could investigate on this.

Edited March 18, 2018 by Shiyo

[Adriano Faria]

1 minute ago, Shiyo said:

except for a couple events: a (very) few users have been reporting at different times that they were somehow temporarily able to access (and read) distinct password protected topics as if they weren't protected at all (no password was asked to them).

It uses cookies. There's a setting for this. If they are accessing the topic withing the allowed time, no password will be required.

[Shiyo]

13 hours ago, Adriano Faria said:

It uses cookies. There's a setting for this. If they are accessing the topic withing the allowed time, no password will be required.

Yes, I'm aware of that. Problem is: how did they get the cookies in the first place if they never ever provided any password? 

[Adriano Faria]

Aren’t they in a secondary group that is allowed to access without password?

Sorry, say that something happened temporarily to a few users isn’t enough to reproduce and try to fix any issue. I need more information. 

[Shiyo]

Believe me, I can totally understand your difficulties in answering this.

They were in no secondary group (just normal users), and including administrators no group on our board is allowed to bypass topic protections. Also, the issue seems to disappear right after a simple page refresh. 

Last user to report the issue stated that he managed to enter the protected topic by clicking on the last post's date from the index page. Unfortunately that's all the details I can provide.  

Edited March 19, 2018 by Shiyo

[Adriano Faria]

Ok, that’s not enough as I told you but I’ll try to reproduce it. 

[Adriano Faria]

What's New in Version 2.1.0:

• Upgraded to IPS 4.3.X
• Fixed content visibility of protected password topics on user profile -> Activity -> Forums -> Posts

[LiquidFractal]

This is a great plugin, @Adriano Faria 😄

I have one issue though.  Right now, anyone who knows the topic password can view it, whether or not they're signed in as a member.  Is there a way to force them to sign in before they can view password-protected topics?

Edited November 18, 2018 by liquidfractal

[Adriano Faria]

I’d need to make a change. 

[Adriano Faria]

On 11/18/2018 at 5:26 AM, liquidfractal said:

Is there a way to force them to sign in before they can view password-protected topics?

What's New in Version 2.1.1:

• Added new setting to force guests to login before enter the topic password

Made it as a setting because it already checks the permission. So if the guest can view the topic, it's enough to enter the password.

[LiquidFractal]

Ok, so I'm using the most recent version (2.1.1) and when I create a password-protected topic which a guest tries to access (on a different IP), I get a "Sorry, we couldn't process your request" EX0 error with the following in the System Log:

OutOfRangeException:  (0)
#0 /XXX/public_html/init.php(460) : eval()'d code(14): IPS\_Content::loadAndCheckPerms('374')
#1 /XXX/public_html/system/Dispatcher/Controller.php(96): IPS\forums\modules\front\forums\hook1743->manage()
#2 /XXX/public_html/system/Content/Controller.php(50): IPS\Dispatcher\_Controller->execute()
#3 /XXX/public_html/applications/forums/modules/front/forums/topic.php(39): IPS\Content\_Controller->execute()
#4 /XXX/public_html/system/Dispatcher/Dispatcher.php(146): IPS\forums\modules\front\forums\_topic->execute()
#5 /XXX/public_html/index.php(13): IPS\_Dispatcher->run()
#6 {main}

This also happens when I log into a test account and try to access the same topic.  In fact, now I'm getting a lot of these errors for various pages, 99% of them existing before I installed the Password Protected Topic plugin. 

And when I disable the PPT plugin, the topic is still there but I get an entirely different error when I try to access it (2s136V, no permission).

I'm sure the error codes don't help (Invision once said that even they don't have an in-house manual for them!), but thought I'd include them anyway.

[Adriano Faria]

20 minutes ago, liquidfractal said:

which a guest tries to access

Are you using or not the settting you requested to force guests to login?

Need to know the settings you're using to try to reproduce.

Do guests has permission to view topics? It seems they don't but it shouldn't show an error like that.

Sent you a PM with a try/catch in the topic.

The second error seems not to be related to the PPT plugin because it is disabled.

 

Edited December 5, 2018 by Adriano Faria

[LiquidFractal]

Everything works now....Adriano was right; I had neglected to set the proper View Topics access for guests.

Thanks @Adriano Faria!

[Adriano Faria]

Compatible with IPS 4.4.

[Adriano Faria]

What's New in Version 2.1.2:

• Hide topic and post content in topic/post embed template.

Edited June 21, 2019 by Adriano Faria

[kmk]

Hello, could you enable this for clubs too?

[Adriano Faria]

On 1/16/2020 at 1:32 PM, kmk said:

Hello, could you enable this for clubs too?

What's New in Version 2.1.3:

• Add Clubs to the setting Forums field

[kmk]

Try give it update, but appear this message:

Sorry, you do not have permission for that!

The version number appear as 2.1.3 but turn it to disable.

I turn it as enable, but still appear the Notification message "Update Available!"

[Adriano Faria]

I'm able to upgrade from 2.1.2 to 2.1.3 without issues:

Nothing was done beyond add a few characters in the settings form to allow Clubs in the Forums field.

13 hours ago, kmk said:

I turn it as enable, but still appear the Notification message "Update Available!"

I'm not sure what you mean with this. This plugin doesn't has the update check feature.

If it insists, then you will have to uninstall and re-install the plugin.

[LiquidFractal]

Hi Adriano...any news on an updated version for 4.5.x?

[kmk]

Hello, please could you update this app?