Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Allow user for 31 days  (Read 20257 times)

0 Members and 1 Guest are viewing this topic.

tortech

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Allow user for 31 days
« on: March 21, 2012, 11:21:51 am »

How to allow user to show gallery only for 31 days since the day of first time visit.
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Allow user for 31 days
« Reply #1 on: March 21, 2012, 03:08:06 pm »

By default Coppermine just saves the registration date and the date of the last visit. Is it okay that we check against the registration date, or do you really need to check against the first visit?
Logged

tortech

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Re: Allow user for 31 days
« Reply #2 on: March 21, 2012, 03:50:51 pm »

For me is necessery to store in database the day of first visit (when user watch gallery).
From this day program must count each day and after 31 days user stays unregistered.
How to do it programatically?




By default Coppermine just saves the registration date and the date of the last visit. Is it okay that we check against the registration date, or do you really need to check against the first visit?
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Allow user for 31 days
« Reply #3 on: March 21, 2012, 04:55:40 pm »

Open bridge/coppermine.inc.php, find
Code: [Select]
                    // If exists update lastvisit value, session, and login
                    if (mysql_num_rows($results)) {
and below, add
Code: [Select]
                            switch($CONFIG['login_method']){
                                case 'both':
                                    $where = "(user_name = '$username' OR user_email = '$username') AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                                case 'email':
                                    $where = "user_email = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                                case 'username':
                                default:
                                    $where = "user_name = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                            }
                            list($lastvisit, $regdate) = mysql_fetch_row(cpg_db_query("SELECT {$this->field['lastvisit']}, {$this->field['regdate']} FROM {$this->usertable} WHERE ".$where));
                            if (!$lastvisit) {
                                cpg_db_query("UPDATE {$this->usertable} SET user_regdate = NOW() WHERE ".$where);
                            } else {
                                if ($regdate < time() - 60*60*24*31) {
                                    return false;
                                }
                            }

This code will update the registration date on first login and then will check against it on each login.
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Allow user for 31 days
« Reply #4 on: March 21, 2012, 05:06:27 pm »

To kick users that are already logged in open bridge/coppermine.inc.php, find
Code: [Select]
                // Clean up old sessions every 5 minutes at maximum
                if ($CONFIG['session_cleanup'] < time() - 300) {
and below, add
Code: [Select]
                    $sql = "DELETE FROM {$this->sessionstable} WHERE user_id IN (SELECT {$this->field['user_id']} FROM {$this->usertable} WHERE {$this->field['regdate']} < ".(time() - 60*60*24*31).")";
                    cpg_db_query($sql, $this->link_id);
Logged

tortech

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Re: Allow user for 31 days
« Reply #5 on: March 23, 2012, 09:33:07 am »

Thank you for listing of code.
J try this changes on version CPG 15.12. For me is working good.
Notice:
This code dont change information in database.
Is neccessery to store oryginal file coppermine.inc.php because administrator is also unregistered.


To kick users that are already logged in open bridge/coppermine.inc.php, find
Code: [Select]
                // Clean up old sessions every 5 minutes at maximum
                if ($CONFIG['session_cleanup'] < time() - 300) {
and below, add
Code: [Select]
                    $sql = "DELETE FROM {$this->sessionstable} WHERE user_id IN (SELECT {$this->field['user_id']} FROM {$this->usertable} WHERE {$this->field['regdate']} < ".(time() - 60*60*24*31).")";
                    cpg_db_query($sql, $this->link_id);
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Allow user for 31 days
« Reply #6 on: March 23, 2012, 10:01:18 am »

I don't understand what you're trying to say. But I agree, that the current modification will also lock out admin accounts. I'll update the code accordingly to fix that issue.
Logged

tortech

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Re: Allow user for 31 days
« Reply #7 on: March 23, 2012, 10:57:49 am »

J think the easies way to unblock administrator account is to copy oryginal file coppermine.inc.php



I don't understand what you're trying to say. But I agree, that the current modification will also lock out admin accounts. I'll update the code accordingly to fix that issue.
Logged

tortech

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Re: Allow user for 31 days
« Reply #8 on: March 23, 2012, 10:59:37 am »

Also program can insert actual daytime to administrator account.

J think the easies way to unblock administrator account is to copy oryginal file coppermine.inc.php
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Re: Allow user for 31 days
« Reply #9 on: March 23, 2012, 11:45:54 am »

J think the easies way to unblock administrator account is to copy oryginal file coppermine.inc.php
I don't think that this is the easiest way. Instead, undo the above changes and use this updated code.

Open bridge/coppermine.inc.php, find
Code: [Select]
                    // If exists update lastvisit value, session, and login
                    if (mysql_num_rows($results)) {
and below, add
Code: [Select]
                            switch($CONFIG['login_method']){
                                case 'both':
                                    $where = "(user_name = '$username' OR user_email = '$username') AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                                case 'email':
                                    $where = "user_email = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                                case 'username':
                                default:
                                    $where = "user_name = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                            }
                            list($lastvisit, $regdate, $group_id) = mysql_fetch_row(cpg_db_query("SELECT {$this->field['lastvisit']}, {$this->field['regdate']}, {$this->field['usertbl_group_id']} FROM {$this->usertable} WHERE ".$where));
                            if (!$lastvisit) {
                                cpg_db_query("UPDATE {$this->usertable} SET user_regdate = NOW() WHERE ".$where);
                            } else {
                                if (!in_array($group_id, $this->admingroups) && $regdate < time() - 60*60*24*31) {
                                    return false;
                                }
                            }

find
Code: [Select]
                // Clean up old sessions every 5 minutes at maximum
                if ($CONFIG['session_cleanup'] < time() - 300) {
and below, add
Code: [Select]
                    $sql = "DELETE FROM {$this->sessionstable} WHERE user_id IN (SELECT {$this->field['user_id']} FROM {$this->usertable} WHERE {$this->field['usertbl_group_id']} NOT IN (".implode(', ', $this->admingroups).") AND {$this->field['regdate']} < ".(time() - 60*60*24*31).")";
                    cpg_db_query($sql, $this->link_id);
Logged

tortech

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Re: Re: Allow user for 31 days
« Reply #10 on: March 23, 2012, 03:35:31 pm »

Thank you for listing of code.
Now program CPG 15.12 is working good .
Administrator account is active.



I don't think that this is the easiest way. Instead, undo the above changes and use this updated code.

Open bridge/coppermine.inc.php, find
Code: [Select]
                    // If exists update lastvisit value, session, and login
                    if (mysql_num_rows($results)) {
and below, add
Code: [Select]
                            switch($CONFIG['login_method']){
                                case 'both':
                                    $where = "(user_name = '$username' OR user_email = '$username') AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                                case 'email':
                                    $where = "user_email = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                                case 'username':
                                default:
                                    $where = "user_name = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
                                    break;
                            }
                            list($lastvisit, $regdate, $group_id) = mysql_fetch_row(cpg_db_query("SELECT {$this->field['lastvisit']}, {$this->field['regdate']}, {$this->field['usertbl_group_id']} FROM {$this->usertable} WHERE ".$where));
                            if (!$lastvisit) {
                                cpg_db_query("UPDATE {$this->usertable} SET user_regdate = NOW() WHERE ".$where);
                            } else {
                                if (!in_array($group_id, $this->admingroups) && $regdate < time() - 60*60*24*31) {
                                    return false;
                                }
                            }

find
Code: [Select]
                // Clean up old sessions every 5 minutes at maximum
                if ($CONFIG['session_cleanup'] < time() - 300) {
and below, add
Code: [Select]
                    $sql = "DELETE FROM {$this->sessionstable} WHERE user_id IN (SELECT {$this->field['user_id']} FROM {$this->usertable} WHERE {$this->field['usertbl_group_id']} NOT IN (".implode(', ', $this->admingroups).") AND {$this->field['regdate']} < ".(time() - 60*60*24*31).")";
                    cpg_db_query($sql, $this->link_id);
Logged

JohannM

  • Coppermine frequent poster
  • ***
  • Offline Offline
  • Posts: 252
Re: Allow user for 31 days
« Reply #11 on: December 12, 2015, 08:53:39 pm »

Hi Andre

I have a group name VIP ... how can I implement this code for 30 days (once the person baught VIP for 30 days, and I change his group to VIP) and then after 30 days this person group change back to registered ?

Will this be complecated ?

Thanx in Advance
Logged
Pages: [1]   Go Up
 

Page created in 0.03 seconds with 19 queries.