Ban Authors « Hardkap

Hardkap » Pritlog - Blogging made simple

Ban Authors

(4 posts) (2 voices)

Started 3 years ago by john
Latest reply from Prit

Tags:

authors
ban

john
Member

Hi Prit,

Since I plan to use automatic registration, I'm tring to find an effective way to ban an author if required, and also prevent him to re register under a different username.

The best way I thought to achieve this, is to 1. change his password and 2. modify the script to disallow registration using an existing mail address, in the same way authors are disallowed to pick an existing username.

As said, to ban I would just change his password, but keeping his username and mail in the authors db to do the check if he tries to register again.

I also thought about using an IP based ban but this could be easily be defeated registering from a different computer.

Prit, I would appreciate your advice to modify the required functions, and specifically on how to do the checking for duplicate mail addresses in the authors db.

PD: the next question I'll raise after solving this one, is how to ban undesirable users from leaving comments. I could certainly block their IP using htaccess, but the admin panel already has a field to enter IPs that shouldn't be logged. Any way to adapt this to reject comments ?

Posted 3 years ago #
Prit
Pritlogger

Hi John...

Since you already have the authors email id available, it would be easy to adapt the existing username checking to use the email id checking as well. Also, the two activation related fields (activation code and active/not), can be reused to have certain values that could be checked later in the code to stop these users from writing. And you could add admin fields to control these two fields such that they are inactive always and will not be able to write.

You could ban ip's by expanding the current dont-log functionality. But, everything on the admin advanced page goes to the main config file and if you keep blocking ips, it would make this file bigger. So my suggestion would be to add a new table to the Sqlite database for banning the ips. I might add this to this or the next version anyway.

Posted 3 years ago #
john
Member

Prit,

I finally added a checkbox to set the activation status to ban authors as this integrates seamlessly with the existing logic:
- 0 not activated / 1 activated / 2 banned
- On ban reset activation value is returned to 1
- Banned authors remain in the db

I also added a check to detect duplicated email on self registration form (but not in the administration add author form, to allow admin to use dups if he wants)

Detecting dup email serves to 2 purposes, making it more difficult for a banned author to register under another user name, and also for same person to open multiple accounts.

I'll look forward to see your blocking ip solution to ban comments, as mentioned in post above.

Finally I found many blogs that require some kind of registration for commenters too. At least a valid mail address that has to be confirmed. It sounds reasonable to me in these days, otherwise anonymous visitors might be tempted to enter garbage as seen in many blogs and even more in forums. I think this will probably be my next change unless you plan to do it in a next release.

This would complete the ideas I had in mind to give admins some control about people allowed to write on the blog.

Posted 3 years ago #
Prit
Pritlogger

John .. I think we can make the email id mandatory on the comments form. Right now, since it is optional, leaving a comment on Pritlog would be very easy.

Posted 3 years ago #

RSS feed for this topic

Reply

You must log in to post.