Reviews Module

Posted: Sun Jun 29, 2008 9:30 am

How can I make it such that ONLY a registered user can write a review but is also visible to ALL users? As it stands now, if the module is set to view by ALL then any anonymous user can write a review and submit it. Of course it must be approved by Admin but I'd rather not even let anons be able to even write a review.

Also, after testing the module, wrote a test review. Did not receive an email to "admin" advising that a review was submitted. Did not find anything in the prefs to enter a submit email. Have to rely on logging in as admin and checking submissions dialog box.

Cheers

Posted: Sun Jun 29, 2008 10:54 am

There isn't a way to do these things. The review module is very old and basic. Someone would have to rewrite it to add this functionality.

Posted: Sun Jun 29, 2008 11:04 am

Quote:

The review module is very old and basic

Hey, I resemble that remark. Smile

Thanks, sorta figured that was it.

Cheers

BTW: The Member_Map in your sig is only for PHP5 and won't run AFAIK in PHP4 that I currently use and don't plan on PHP5 anytime soon.

Posted: Sun Jun 29, 2008 11:14 am

Ok, well, found a way that works:

Edit the modules/Reviews/index.php file and find the write_review() function:

Code:

function write_review() {


    global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, 


    $currentlang, $multilingual, $dbi, $module_name;


    include ('header.php');


    OpenTable();

Add the following check after the call to OpenTable():

Code:

    if (!is_user($user)) {


        echo "You need to be 


        <a href=\"account.html\">logged in</a> or 


        <a href=\"account-new_user.html\">become a member</a> 


        to submit reviews.";


    } else {

This check will only allow registered users to continue with a review, while pointing others to the login or register page. Of course, the IF statement has to be closed - just put a } at the end of the function, as shown below:

Code:

    CloseTable();


    include ("footer.php");


}


}

Tried and tested ...

Cheers

Posted: Sun Jun 29, 2008 12:59 pm

If that works for you thats fine but there is really no problem to use this module like it is currently because for RavenNuke we added the captcha for this module and therefore you are protected against spam entires. Spam was a great problem with the standard reviews module in Nuke.
You ´ll find here a lot of entries about these problems and how people tried to change FBs code and the behavior of the reviews module in the one or other way.
I `m just glad that I switched over from standard Nuke to RavenNuke so I can use this module without restriction wich I had to use in the past to protect my site. Wink

Posted: Sun Jun 29, 2008 1:20 pm

dad7732 wrote:

BTW: The Member_Map in your sig is only for PHP5 and won't run AFAIK in PHP4

Yes, that is stated in the docs.

dad7732 wrote:

that I currently use and don't plan on PHP5 anytime soon.

Your loss. Smile

Posted: Sun Jun 29, 2008 1:33 pm

Well, "Your loss" could mean loss of customers as some are using old PHP (not just nuke) versions and really have no need to upgrade, etc. If my server was to upgrade to PHP5 then I stand to lose customers, etc. No will do .. Smile

Hoever, I may put up another server to host more modern softwares and keep the older one for older folks. As it stands, ain't fixin something that ain't busted.

Cheers

Posted: Sun Jun 29, 2008 1:40 pm

Susann: My goal was to prevent an anonymous user from being able to write a review even though it has to be approved by Admin. Anonymous users should not have the ability to write ANYthing in ANY module AFAIK. Anon users should only be able to VIEW and that's what this little Review mod accomplishes. How can RN prevent an anon user to write a review about Viagra or Cialis, etc. I can see how RN pevents the running of an auto-scripted review, yes, but not one that's manually produced.

Now all I have to do is to get a submission emailed to Admin letting me know that one has been written, just like in Submit News rather than relying on having to log in and check for new review submissions.

Cheers

Posted: Sun Jun 29, 2008 2:53 pm

Depending on your needs and how much effort you want to expend you could filter words like that using Nuke Sentinels string blocker for the POST string; add additional checks (maybe a regex or list of prohibited words) to the arguments passed through the existing form or if you were using PHP5 there's a really nice Akismet Class that would have been ideal.

Posted: Sun Jun 29, 2008 4:10 pm

You may lose customers who will want to upgrade to newer fancier stuff that is written only in PHP5. It is a decision that has trade-offs and you'll have to decide that for yourself obviously. I, for one, will never develop in PHP4 again. PHP4 is obsolete and only critical security fixes will be available for it until 2008-08-08. After that it will not be supported at all.

Posted: Sun Jun 29, 2008 4:15 pm

BTW, consider submitting your reviews modules changes back to RN. As with many open source projects, things only get done when someone has a particular itch to scratch. By sharing it the whole community benefits.

Posted: Sun Jun 29, 2008 5:24 pm

Gremmie:

Quote:

BTW, consider submitting your reviews modules changes back to RN

The only changes I made so far are listed in this thread and of course if I make more they will likewise be posted here. Also, I have had the same customers for over five years now and their sites are very basic with nothing fancy, all commercial sites that don't have things flashing and moving .. Smile

Guardian: Easier to just limit review writing to reg'd users. If some kiddie registers just to write an ill review it can still be previewed and removed prior to submission.

Cheers and thanks everyone for the input so far.

Posted: Sun Jun 29, 2008 5:42 pm

Quote:

Also, I have had the same customers for over five years now and their sites are very basic with nothing fancy, all commercial sites that don't have things flashing and moving ..

PHP5 versus PHP4 has little if anything to do with things "flashing and moving". It is just a natural evolution in the product. If you use any "outside" modules (e.g., Gallery) you will find that they no longer support PHP4. While analogies such as this are always inexact, it is like driving an old car for which you can't get parts. Eventually you will give up an buy a new one.

Posted: Sun Jun 29, 2008 5:57 pm

In order to move to PHP5 I have to move up to VPS v3 2000 from my VPS v2 2000 and I'm not ready to do that. VPS v2 does not support PHP4 and from what I understand from support is that migrating from PHP4 to PHP5 is either not doable or a lot more difficult than I'm willing to traverse right now. I fully understand where I'm at and the inevitable move in the near future.

And yes, I understand about flashing and moving but that was just to convey the nature of my customer's sites, plain and simple.

Cheers

Posted: Mon Jun 30, 2008 6:14 am

dad7732, sorry that this thread has taken on a PHP4 vs. 5 bent, but you did so well on the Reviews piece we had nothing more to say there. Laughing

It is unfortunate that your host does not allow both PHP4 and 5 to run on the same VPS. It is easy enough to do and Raven does it for his clients... at least for the transition period.

Anyways, thanks for the Reviews suggestions! I have made note of this thread to come back to after our upcoming 2.3.0 release (we're a bit busy on it atm).

Posted: Mon Jun 30, 2008 6:27 am

I have no problems with venturing threads when there is so much to learn from so many experts. Having been in the support arena since '94, I've seen many such adventures, some quite nasty. My host does support PHP4 100% on the V2 VPS but not on the V3's. I'll probably switch to V3 in the coming months but ONLY after making 100% sure of compatibility with the customer's sites. My sites? No problem, all run RN. Smile

Also, one little correction on my last reply .. V2 DOES support PHP4, but not PHP5

Cheers