Matt
Junior Member
Yep, I like making websites. Websites made: 5
Posts: 61
Matt said 0 great things
|
Post by Matt on Sept 11, 2009 3:51:49 GMT -8
Tested: IE AND FF Placement: Main Footer Description: This code does some stuff to allow only certain members of staff to modify the Headers/Footers and anyone else will get sent to the Main Page <script type="text/javascript">
<!--
/*Stop Random Staff from modifying your Headers/Footers V1,
This code is Copyrighted 2009,
Created by Matt, Help to make it Wormopolis.
Do not RIP, Repost or Claim
NOTE: This code can be By-passed by the disabling of java-script*/
var Allowed="(admin|user1|user2)";
var AllowedMessage='YOUR MESSAGE TO ALLOWED PEOPLE HERE';
var NotAllowedMessage='MESSAGE TO NOT ALLOWED PEOPLE HERE';
if (location.href.match(/action=headersfooters/)) {
if (pb_username.match(Allowed)) {
alert(AllowedMessage)
}else{
alert(NotAllowedMessage)
location.href="/index.cgi/"
}
}
//-->
</script> |
To add Staff to the list of who is allowed to modify headers/footers, edit the Pink. NOTE: THIS HAS TO BE THE USERNAME OF THE STAFF AND MUTS BE SEPARATED BY A "|" CHARACTER. To modify the message the staff on the list get when they enter the modify Headers/Footers page edit the Yellow. To edit the message any other members that arnt on the list and enter the modify Headers/Footers page edit the Red Preview: None at current moment Possible Updates: User Editable Homepage Url (This is where the NonAllowed people are sent
Any comments/questions just Reply or PM me Matt
|
|
|
|
Post by Wormopolis on Sept 22, 2009 16:01:37 GMT -8
Im curious.. If they shouldnt be accessing headers and footers, why do they have access in their group powers?
|
|
Matt
Junior Member
Yep, I like making websites. Websites made: 5
Posts: 61
Matt said 0 great things
|
Post by Matt on Sept 22, 2009 21:03:39 GMT -8
Well, if there are people in the administrator group that you dont want to be able to modify them, then you use this. That like if i have "admin, emily and test" in the administrator but you only want "admin and emily" to be able to modify the headers/footers then use this.)
|
|
|
|
Post by Wormopolis on Sept 22, 2009 22:32:42 GMT -8
I see. I will move it to database under the condition you put a disclaimer in there that the code CAN be bypassed by someone disabling javascript. That way if someone come back here and says your code should have kept someone out, you can point to the disclaimer.
|
|
Matt
Junior Member
Yep, I like making websites. Websites made: 5
Posts: 61
Matt said 0 great things
|
Post by Matt on Sept 22, 2009 23:52:30 GMT -8
Done ;D ;D
|
|
|
|
Post by Wormopolis on Apr 17, 2010 6:08:06 GMT -8
ok.. this has been moved. Although using javascript is one way to do it, a better way would be to create a new group with all the same powers as admin, except the ability to modify headers. however, if you DONT want to have to create a new group, this code should suffice. keep in mind, however, that if you dont trust someone with that kind of access, you shouldnt give them any opportunity to circumvent codes like this and cause you damage.
|
|