Logaan’s Site

I have seen so many people make the move from phpBB 2 to 3, then make so many mistakes with permissions. I don’t really know what causes this but they seem to apply permissions to objects rather than use roles. I can understand that the permissions in 3 can seem a bit overwhelming but once you understand the part that roles play it should all click into place.

So here are my recommendations for dealing with permissions in 3:

Use Roles
Roles are sets of permissions. Avoid explicitly setting permissions on any object (person, group, forum etc) in the system. Instead reuse the existing roles or setup new ones.
This helps because you cannot easily see or manage lots of permissions on individual objects. If you use a role, you can grant additional permissions or remove all permissions (if for example, you plan to remove that role).
 
Use Groups
Add users to a groups, then grant groups a role against certain forums.
This makes it really easy to categorize lots of users, and there is no reason why you cannot have more than one user in more than one group, so you can make some of the groups really specialized.
For example, our officers group, only has permissions to the officers forum and nothing else. But they also belong to the members group so they also have permissions to the rest of the forum.
 
 
So, this is how you grant roles to a group against a certain forum:

 
• Go to the Forums tab
• Go to the Groups’ forum permissions
• Pick the group your are interested in
• Select the forum or forums you wish to set roles on (at the moment you have a managable number of forums that you can tick All Forums, however later on I wouldn’t recommend it. Lots of javascript can slow the browser down)
• For each forum listed, select the appropriate Role you wish to assign
• Now click Apply.

To test it, go to a users profile (back to the main index, click on the user or administrate the user and view the profile)
You get an option which says “Test out user’s permissions”, using this you essentially become the user, and you can see and do everything that the user can do. Really helps with testing out settings, means you don’t have to create test users all over the place.

In a previous update for phpBB 2, they added visual confirmation to the registration page. However, bots have started to get past this so I have devised a very simple solution that just makes it a little more difficult for them.

What this mod will do is change the length of the visual confirmation image to 8 characters, but will also remove some HTML that may give bots pointers to how long your image should be.

Open:
includes/usercp_register.php
Find:
$code = substr(str_replace('0', 'Z', strtoupper(base_convert($code, 16, 35))), 2, 6);
Find in-line:
6);
Replace With:
8);
Open:
templates/subSilver/profile_add_body.tpl
Find:
<td class="row2"><input type="text" class="post" style="width: 200px" name="confirm_code" size="6" maxlength="6" value="" /></td>
Find in-line:
size="6" maxlength="6" value=""
Replace With:
value=""
SQL:
ALTER TABLE `test_confirm` CHANGE `code` `code` CHAR( 8 ) NOT NULL;
And its as simple as that. This one change I made on several boards I maintain had the result of going from 10 or more different kinds of bots to no bots registering at all and have had no more since.