Skip to:
Content
Pages
Categories
Search
Top
Bottom

User Statistics


  • Chuckie
    Participant

    @ajtruckle

    I know I asked about this before and the decision was to pull the plugin off line. But this is not a solution for me.

    The drawback with the user statistics plugin is that if a user is not logged in they can see the usernames of all logged in people for last 24 hours. The can’t view their profiles though. None-the-less, a non logged in user should not see the user statistics.

    I don’t know how to fix this plugin to rectify that. I need a resolution or an alternative plugin that works and is not commercial.

    Thanks.

Viewing 17 replies - 1 through 17 (of 17 total)

  • jurry66
    Participant

    @jurry66

    yes thats the big bug i am also looking the answer from developers.


    Chuckie
    Participant

    @ajtruckle

    Yes. I wish I had enough confidence to delve in with this issue myself. It seems it is going to be a simple fix:

    display stats = no
    is user logged in?
      is user forum role not blocked?
        display stats = yes
    
    if display stats = yes
      show stats

    That would be the simplest solution.


    Robin W
    Moderator

    @robin-w

    The drawback with the user statistics plugin is that if a user is not logged in they can see the usernames of all logged in people for last 24 hours.

    are you sure that this is not a ‘caching’ problem? either on server or your pc ?

    does it just disappear after 24 hours and exactly 24 hours?


    Chuckie
    Participant

    @ajtruckle

    I am very sure! Easy to test too. Started Firefox and initiated a private browser. Navigated to my site (where no user is logged in), clicked on the forum (where I have 1 pubic forum with FAQ info) and the stats show.


    Chuckie
    Participant

    @ajtruckle

    Look at the function build_html():

            // Actually build all of this HTML
            function build_html() {
                
                $this->sort_users();
                $data = $this->stats_builder();
                $HTMLOutput = "";
                
    			//if (is_user_logged_in())  {
    
    				foreach( $data as $key => $html ) {
    				   $HTMLOutput .= "<div class='bbpas-" . $key . "' id='bbpas-" . $key . "'>" . $html . "</div>";
    				}
                //}
    			
                return $HTMLOutput;
            }

    It calls sort_users(); That in turn does a select query to get a list of active users:

            private function sort_users() {            
                
                // Set the active users
                $this->_activeUsers = $this->get_ActiveUsers();
                
                // Work out the longest time possible for a user to be classed as active
                $active_timeframe = strtotime( $this->_sqlTime ) - ( $this->parent->option['user_inactivity_time'] * 60 );

    At no point can I see anywhere that it checks to see if the active user is logged in and not blogged in the forum. It should be doing these tests because it should not be exposing user names.

    You can see it with my site if you use private mode.

    This has to be fixable and I don’t understand why it was never implemented in the first place really. I just don’t know how to do it.


    Chuckie
    Participant

    @ajtruckle

    Notice this code is actually commented out?

    //if (is_user_logged_in()) {

    That must have been done for a reason.


    Robin W
    Moderator

    @robin-w

    since the plugin is not being maintained, suggest you just edit that file to take out the comment out !!

    so change

    //if (is_user_logged_in())  {
    
    				foreach( $data as $key => $html ) {
    				   $HTMLOutput .= "<div class='bbpas-" . $key . "' id='bbpas-" . $key . "'>" . $html . "</div>";
    				}
                //}

    to

    if (is_user_logged_in())  {
    
    				foreach( $data as $key => $html ) {
    				   $HTMLOutput .= "<div class='bbpas-" . $key . "' id='bbpas-" . $key . "'>" . $html . "</div>";
    				}
                }

    Chuckie
    Participant

    @ajtruckle

    I confirm that that works. No if no one is logged in it will not show the user statistics.

    The only outstanding issue IMHO is that we should somehow test if the user is not “blocked” because I don’t think a blocked user should have the right to see the stats or any log activity.

    How do we test if the user is “blocked”?


    Robin W
    Moderator

    @robin-w

    add an additional if statement

    if ( is_bbpress() && ! current_user_can( 'spectate' ) )

    if they can’t spectate then they are blocked


    Chuckie
    Participant

    @ajtruckle

    Thanks, so something like this:

    // Actually build all of this HTML
    function build_html() {
        
        $this->sort_users();
        $data = $this->stats_builder();
        $HTMLOutput = "";
        
    	if (is_user_logged_in())  {
    		if ( is_bbpress() && current_user_can( 'spectate' ) ) {
    			foreach( $data as $key => $html ) {
    			   $HTMLOutput .= "<div class='bbpas-" . $key . "' id='bbpas-" . $key . "'>" . $html . "</div>";
    			}
    		}
        }
    	
        return $HTMLOutput;
    }

    Yes?


    Robin W
    Moderator

    @robin-w

    that should do it


    Chuckie
    Participant

    @ajtruckle

    Thanks. 🙂

    Why can’t those changes be put into the official plugin and it be reactivated in the plugin directory?


    Robin W
    Moderator

    @robin-w

    if you can find someone who is willing to clone the plugin, learn how to upload, maintain and then answer the support forum questions for free, then no reason why it should not be made live again.


    Chuckie
    Participant

    @ajtruckle

    I can’t help because I am not in a position to offer support. Not enough knowledge. Be like in a rowing boat without a paddle!


    Robin W
    Moderator

    @robin-w

    🙂


    fikadeg517
    Participant

    @fikadeg517

    yes its work fine now thanks.


    spencer987
    Participant

    @spencer987

    This definitely works, thanks for the useful info.

Viewing 17 replies - 1 through 17 (of 17 total)
  • You must be logged in to reply to this topic.
Skip to toolbar