having some issue with permission , not sure if im doing it wrong or actual bug.
just created userspice with 4.3.5

made page call test.php - located outside of /users . thus on root of site.

<?php
require_once 'users/init.php';
require_once $abs_us_root.$us_url_root.'users/includes/header.php';
require_once $abs_us_root.$us_url_root.'users/includes/navigation.php';
?>

<?php if (!securePage($_SERVER['PHP_SELF'])){die();} ?>
<?php
//PHP Goes Here!
?>
<div id="page-wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-sm-12">
<h1>This is the main content section</h1>

<?php if($user->isLoggedIn()){
$user_id = $user->data()->id;
// echo $user_id;
if (hasPerm([1],$user_id))
{
echo "<br> Has user access <br>";
}
if (hasPerm([2],$user_id))
{
echo "<br> Has admin access <br>";
}
if (hasPerm([3],$user_id))
{
echo "<br> Has expiremental access <br>";
}
if (hasPerm([4],$user_id))
{
echo "<br> Has none exisiting group access <br>";
}
}
else
{
echo " please login ";
}
?>
</div> <!-- /.col -->
</div> <!-- /.row -->
</div> <!-- /.container -->
</div> <!-- /.wrapper -->


<!-- footers -->
<?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>

<!-- Place any per-page javascript here -->

<?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>

i set page permission to group 3 . ie no admin selected.

when i visit the page as admin i get . all 4 echo statements.
group 4 does not exist.

what i wanted to is to show some content based on level . ie on the page can read <p>1 </p> if basic user, can continue to read <p>2 </p> if experimental user . etc . so not separate pages but restrict part of page based on access level .

actual site sms.an-holdings.com/app/V2/test.php

1. I have been using the 'Test your email settings' option on v4.3.4 using a gmail account to send to another gmail account using a Siteground host.

When the 'use isSMPT' option is set to Yes, and email debugging has a value of 2, the email message is not sent and an SMPT error is shown on the browser display.

When the 'use isSMPT' option is set to No, the email message is successfully sent and received, and no debugging message is shown on the browser window. However, if view the site by ftp, a php_mail.log file is produced (about 456 bytes in size). For every email message successfully sent the php_mail.log continues to increase in size.

I have checked the https://github.com/PHPMailer/PHPMailer/w...leshooting site 'SMTP Error: Could not connect to SMTP host.' where they suggest - This is often reported as a PHPMailer problem, but it's almost always down to local DNS failure, firewall blocking (for example as GoDaddy does) or another issue on your local network. Not particularly helpful when the email message is successfully sent and received without an error showing on the browser window, but a php_mail.log file is steadily increasing in size.

I can suppress this error using error_reporting(E_ALL ^E_WARNING);
or I could delete the php_mail.log file automatically each time an email is successfully sent using the PHP unlink() function.

I am not sure if these are sensible solutions. I would rather fix a fault rather than suppress/delete the error message.

Does anyone else have this problem, and has anyone come up with a fix?



2. I also noticed that the 4.3.4 version of Userspice has two phpmailer installations, one in the classes folder called by class.autoloader in init.php and a second called by vendor/autoload.php in helpers.php

Can the phpmailer folder in classes be deleted without causing any problems?


Thanks

When you update your user settings, and success messages are displayed on selecting Update, the updated values are saved but the screen does not show the updated values.

file: users/user-settings.php

Change from: (approx line 230)

$errors[]="Current password verification failed. Update failed. Please try again.";
} }
$userdetails=$user->data();
}
$userdetails=$user->data();
}

?>
<div id="page-wrapper">
<div class="container">


To

$errors[]="Current password verification failed. Update failed. Please try again.";
} }
//$userdetails=$user->data(); (Don't think this is needed?)
}
//$userdetails=$user->data(); (Don't think this is needed?)
}

// mod to allow edited values to be shown in form after update
$user2 = new User();
$userdetails=$user2->data();

?>
<div id="page-wrapper">
<div class="container">

I haven't used the messaging system yet but I'm going to get to it soon and modify it so that it uses AES256 encryption.

Bringing MQTT to UserSpice allows you to interact with the world in a completely different way. The possibilities are endless. Here's a quick sneak peak. More videos/demos to come.

I will keep a repository of my code examples for IOT stuff up to date here
https://github.com/mudmin/usiot/archive/master.zip

You can clone the repository with
git clone https://github.com/mudmin/usiot.git

https://www.youtube.com/watch?v=IYEoLhkp...e=youtu.be

I now have a fullly working 2FA implemented in UserSpice. Will post here soon when I have a break from work.

Hi - I have recently upgraded to the latest version of userspice but now I cant see the pages I have already created in the admin system.

<?php //DO NOT DELETE THIS FILE.
$path=['','users/','usersc/'];


//Only add or remove values in the $path variable separated by commas above

$abs_us_root=$_SERVER['DOCUMENT_ROOT'];

$self_path=explode("/", $_SERVER['PHP_SELF']);
$self_path_length=count($self_path);
$file_found=FALSE;

for($i = 1; $i < $self_path_length; $i++){
array_splice($self_path, $self_path_length-$i, $i);
$us_url_root=implode("/",$self_path)."/";

if (file_exists($abs_us_root.$us_url_root.'z_us_root.php')){
$file_found=TRUE;
break;
}else{
$file_found=FALSE;
}
}
//redirect back to Userspice URL root (usually /)
header('Location: '.$us_url_root);
exit;

?>

Hello again, in my user_settings.php I have three additional fields, which are phone number, address and company. I can not add the verification or the success or error message. I already have the form ready and I have the three respective tables for those fields but I do not manage to record this data in my db, I had this resolved in 4.2 but in 4.3.4 it is hitting me hard in the head. maybe you can help me

I have made a few modifications to the 4.3.4 version:

1. make use of a modified version of the zxcvbn bootstrap password strength meter as shown on

http://martinw.net/zxcvbn-bootstrap-strength-meter/

2. add secure headers which improve the grading of a fresh install of 4.3.4 from grade D to grade A when scanned on

https://securityheaders.io/

If you are interested what would be the best way to submit these changes?

I see topics in this forum edited during several weeks.
I only can edit my topic for a few minutes. After that only 'Reply' is available.

How can I edit my topics after a longer time?
Is it possible to delete my own topics?

It would be great!

greetings,
Evert