PHPBB DOCUMENTATION:
phpBB Local PHAS Mods
Out of the box phpBB allows users to register themselves, with or without
email confirmation or Admin approval. The guiding principles for the
local modifications on our site:
- We want PHAS users to automatically be able to participate in discussions,
without having to register and/or remember another username/password.
For the time being and for this purpose, "PHAS users" is defined as all those
on the "everyone@phas.ubc.ca" email list (ie. faculty, staff, postdocs, others,
adj-assoc and grads).
- We don't want the world (aka Anonymous in phpBB jargon) able to register,
see our forums or our usernames.
- We might want to be able to create "guest" phpBB accounts though - eg. for
a specialist in a particular topic.
Board Configuration
You can give "Groups" of users various permissions to forums. PHAS users are
assigned to a phpBB group corresponding to the email list they are on (faculty, staff,
etc.). Also all PHAS users are assigned to the "Everyone" group. At a
future date we might open up the board to undergrads.
The ideas is to create forums which are permitted to the Everyone group only.
This way they won't be visable to anyone who happens to link to
"https://www.phas.ubc.ca/phpBB/". We can also set up special "Grad Student Only"
or "Faculty Only"
forums.
Notes:
- In order to keep Anonymous from seeing a list of Forums:
- when you create a
new forum, you need to change the default Forum Permissions from "Registered" to
"Registered [Hidden]".
- In order to restrict a forum to a particular Group:
- we will have to set the Forum Permissions to "Private [Hidden]", and then
go the Group Permissions to allow post/reply/etc. access. More details when
I have actually done this.
- Rather than hack the code further to get rid of the "Who is Online" box:
- I set the default user profile to disable the "view online" feature. So I
think by default it won't show any usernames. I did this to frustrate that nasty
Anonymous guy again ...
Login via our secure site
PHAS users logged onto our secure site will see a "Discussions" button
on the home page. The first time they click on it, a phpBB user account will
be automatically set up for them, with the following fields set:
- username = PHAS username
- password = empty (this means they will ONLY be able to log in
via the portal, and not the phpBB login page - otherwise we have to somehow
track PHAS passwords in the phpBB tables ...)
- signature - set to full name
- group - set to email list
In general, the default user profile settings where chosen so as to allow
PHAS users to identify each other easily, while prohibiting outside users from
seeing anything.
Files Modified
The following files have been modified (in /wwws/phpBB2/):
login.php
- modified to check for PHAS session when [Login] button hit. If PHAS session
exists then doesn't check username or password field, just passes the PHAS username
on to the appropriate script to handle the login.
profile.php
- modified to call register-disable.php script when Anonymous user tries to register.
memberlist.php
- modified to say membership list is disabled for Anonymous users.
includes/register-disable.php
- local script. Just says registration is disabled and gives link back
to main page.
includes/phas_session.php
- local script, with two functions:
function check_phas_session () {
// function to check whether a PHAS session has been authenticated
// if not, returns FALSE
// otherwise, retrieves PHAS username and returns it
// - if not already a phpBB user, will auto-create
function create_phpbb_user ($username,$fullname,$email,$group="") {
// function to create a phpBB user for given PHAS user