Managing Users with PHP-Nuke

PHP-Nuke is about web communities, and communities need members. PHP-Nuke enables visitors to your site to create and maintain their own user account, and add their personal details. This is usually required for them to post their own new stories, make comments, or contribute to discussions in the forums. Those annoying little tasks like managing lost passwords are also taken care of for you by PHP-Nuke.

User accounts can be created in two ways:

  • By the super user (that's you)
  • By the user registering on your site

The second method involves a confirmation email sent to the user's email account. This email contains a link for them to click and confirm their registration to activate their account (this needs to be done within 24 hours or the registration expires).

Once a visitor is registered on your site, the gates to enjoy the full glory of your site will be thrown wide open. Visitors, or users as you could now call them, will be able to contribute to discussions on forums, add comment on posted stories, even add their own new stories, as well as access parts of the site that are off-limits to the 'riff-raff' unregistered visitor.

Ingredients of a User

Every user requires a certain amount of information to uniquely identify them in PHP-Nuke. There are the usual three things required of every user in PHP-Nuke:

  • A nickname: This is an alias or username if you like. This identifies who the user is, and is their online identity in PHP-Nuke.
  • A password: This is required to verify that the user is who they claim to be.
  • A valid email address: This is where the confirmation email is to be sent.

Once the user account is created for a user, the user is of course able to modify their details, and also view the details of other users.

Information such as the URL of the user's own website, messenger ID (MSN, AIM, and others), their location, and interests are also part of the user 'profile', but are not compulsory.

By default, the real email address of any user is never made public, for both security and to prevent harvesting by spammers. Users can specify a 'fake email' address, possibly in spam-obfuscated form (for example, which will be displayed to other users, although this is not required. A user's privacy is always protected.

Setting Up a New User

User management starts by clicking the Users icon in the Modules Administration menu:

Building Websites with PHP-Nuke

Clicking on this icon brings you to the User's Administration panel. This panel consists of two mini-panels, Edit User and Add a New User , whose use is given away by their titles.

We'll start by setting up a new user. Our user will imaginatively be called testuser.

Time For Action—Setting Up a New User Manually

  1. If you're not at the User's Administration panel, click on the Users icon in the Modules Administration menu.
  2. In the Add a New User panel, enter testuser into the Nickname field.
  3. Enter Test User into the Name field.
  4. Enter your own email address into the Email field.
  5. Building Websites with PHP-Nuke

  6. Scroll down to the Password field. Enter testuser as the password.
  7. Click the Add User button. When the page reloads, you will be taken straight back to the administration homepage.

What Just Happened?

We created a new user. For this simple user, we only specified the required fields Nickname, Email, and Password, and provided a single piece of personal information, Name. Failing to specify the required fields will mean that the user is not set up, and you will be prompted to go back and add the missing fields.

No email notification is sent to the user when the user is set up in this way, and no confirmation of the registration is required. As soon as you click Add User, provided all the required fields have been entered, the user is ready to go.

Editing the details of a user is equally easy, but you do have to know their nickname to edit the details. Simply enter this into the Nickname field of the Edit User panel, select Modify from the drop-down box and click Ok! If you have taken a sudden dislike to a particular user, enter their nickname into the Nickname field and select Delete from the drop-down box, click Ok! and they are gone forever (the account, not the person).

Subscribing a User

Once a user has been created, you have the option to subscribe this user. We mentioned the idea of Subscribed Users in earlier articles; it's a mechanism for restricting module access to specific groups of people, such as fee-paying customers. There is only one group of Subscribed Users in PHP-Nuke at present, so once a user has a subscription, they are able to access any module restricted to Subscribed Users only.

The option to subscribe a user is not available when you create the user manually, as we did above. To find the option, you have to edit the user's details. This is done by entering their username into the Edit User panel, selecting Modify from the drop-down box, and clicking on the Ok! button.

The subscription options are near the bottom of the user details, underneath the newsletter option. The Subscribe User option does not refer to 'subscribing to' the newsletter; you sign up the user or remove them from your newsletter mailing list with the Newsletter option. The Subscribe User option makes the user into one of the site's elite, a Subscribed User.

Building Websites with PHP-Nuke

If you subscribe the user, then you must specify the Subscription Period. This is the length of time that the user remains subscribed, and ranges from 1 year to 10 years, in yearly increments. If you leave the Subscription Period at None then the user will not be subscribed.

Once a user has been subscribed, you can change their subscription details from the same panel:

Building Websites with PHP-Nuke

You can unsubscribe the user, or extend their subscription period. To shorten the subscription period, you would have to unsubscribe the user, subscribe them again, and then set the new period.

Subscribed users are reminded of the passing of time and the impending expiry of their subscriptions when they visit the Your Account module—we'll further explore this module later in the article:

Building Websites with PHP-Nuke

Time For Action—Registering as a User

This time we'll register to create a user account as a normal visitor would. We'll call the user account userdude. If you do not have your mail server set up, then you will just have to follow the text and screenshots for now. The confirmation email sent by PHP-Nuke is a key part of the registration process, and includes a special link for the visitor to click to activate their account. Don't worry though, when your site is live on your web hosting account, you will undoubtedly be able to access a mail server.

  1. If you are still logged in as the super user, logout by clicking the Logout icon in either of the administration menus, or click the Logout link in the Administration block.
  2. If you are still logged in as testuser, logout by clicking on the Your Account link in the modules block, then click the Logout/Exit link in the navigation bar that appears:

    Building Websites with PHP-Nuke

    Alternatively, you can enter the logout URL directly:

  3. You will be redirected to the site homepage. Now click the Your Account link in the Modules block:

    Building Websites with PHP-Nuke

  4. Click the New User Registration link. This brings you to the New User Registration panel. The top part of that panel is shown here:

    Building Websites with PHP-Nuke

  5. Enter the Nickname of userdude.
  6. Enter your own email address into the Email field.
  7. We are going to use userdude for the password as well as the nickname. If you think of another password at this point, enter it instead. Then put the password into the Re-type password field as well.
  8. Click the New User button. You will come to the final step of the registration process:

    Building Websites with PHP-Nuke

  9. Click the Finish button.
  10. Open up your email client, and log in to check your mail. You should find a mail with the subject New User Account Activation waiting for you. It will be from the email address you specified in the Administrator Email field in the Site Configuration Menu. The body of that email will look something like this:

    Welcome to the Dinosaur Portal

    You or someone else has used your email account
    ( to register an account at the Dinosaur

    To finish the registration process you should visit the following
    link in the next 24 hours to activate your user account,
    otherwise the information will be automatically deleted by the
    system and you should apply again:

    Following is the member information:

    -Nickname: userdude
    -Password: userdude
  11. Click the link in the email, or copy the link and paste it into your browser, and you will be taken to the New User Activation page where you will see a message of the form:
    userdude: Your account has been activated. Please login from 
    this link using your assigned Nickname and Password.
  12. Clicking on this link takes you back to the User Registration/Login page of the Your Account module, and you can use your nickname and password to login.

What Just Happened?

You just created a new user account. The page for logging in is the homepage of the Your Account module. We'll talk more about this module in a minute; as you could guess, it handles everything to do with 'your' user account.

If the visitor is not logged in, they are presented with the login panel when they visit the Your Account module page. From here they can enter their nickname and password to log in, or click the New User Registration link to register a new user account, as we did.

For visitors that have forgotten their password, clicking on the Lost your Password? link will take them to a screen where they can enter their nickname, and an email will be sent to their registered email address containing a confirmation code, a random-looking 10 digit string; with this code they can have their password changed. A new, random password is generated and emailed to them. PHP-Nuke never stores raw passwords in its database, so it can never reveal any password. With the new password, the user can log in and change their password to something easier to remember.

The registration process for the user is straightforward; they only require a nickname, a valid email address, and a password. There are certain rules, however, that are followed by PHP-Nuke:

  • Only one occurrence of an email address is allowed on the system; if someone uses an email address that belongs to another user account that address will be rejected, and the user will have to choose another.
  • Only one occurrence of a particular nickname is allowed as well; the system will check the uniqueness of the nickname before creating the account.

After the visitor clicks Finish on the final step, the user account is created. Following that, the confirmation email is sent to the email address. If the email address specified is invalid, or not the visitor's email address, then that visitor will have to create their account with a new email address. If the user doesn't mind being embarrassed, they can contact the site administrator, or wait 24 hours for the account to be deleted from the list of 'waiting to be activated' accounts, and then try again.

You will notice that the link to activate the account contains the URL of your PHP-Nuke site:

It is very important that you have configured your Site URL option correctly in the Web Site Configuration menu (we saw this in Aritcle 4). If you haven't done that, then the activation link will point to the wrong site!

The check_num part of the URL is what identifies the unregistered visitor to the system. When the visitor registers his details, PHP-Nuke stores them in the database along with the check_num value. When the visitor visits the above link, PHP-Nuke will check the value of check_num against the values stored in the database, and if it finds a match, it will move that visitor's details to the proper users table in the database, and remove them from the table of visitors waiting to confirm their registration.

That's all there is to creating user accounts. It is possible to turn off the registration, so that only the administrator can create accounts. If you feel the need for this, you can read more about it in the PHP-Nuke HOWTO:

That section of the PHP-Nuke HOWTO also has a number of other user account hacks that you can make use of.

Graphical Code for User Registration

PHP-Nuke enables you to add a security code to the login or registration pages on the site. The security code is a small graphic with some digits, and is shown under the password fields, along with a textbox for the visitor to type in the digits from the graphic.

Building Websites with PHP-Nuke

The point of this device is to prevent automated registrations; without typing the correct digits into the Type Security Code field, the submission will not be accepted. The digits displayed in the image are not part of the page HTML, and the only way for the digits to be read is to actually see them when they are displayed on a monitor.

Use of the security code is controlled by a setting in the file config.php in the root of your PHP-Nuke installation. (This was the file in which we made some database settings in Article 2.) The setting to change is the value of the $gfx_chk variable. By default, it looks like this in the file, which means that the security code is not used:

$gfx_chk = 0;

The config.php file itself has a description of the values for this variable as seen in the table:


Effect on the Security Code


Security code is never used.


Security code only appears on the administrators login page (admin.php).


Security code only appears on the normal user login page.


Security code only appears for new user registrations.


Security code appears for user login and new user registrations.

Thus to have the security code appear only at the administrator login, you would set $gfx_chk to 1 and then save the config.php file:

$gfx_chk = 1;

For the graphical code to function properly, the GD extension will need to work properly with PHP on the web server. The GD extension takes care of drawing the graphics, and if this isn't functioning for whatever reason (possibly it's not installed), then the graphic will not be displayed properly, and it will be impossible to determine the security code. In that case, you will have to change the setting in config.php to remove the graphical code.

If you are running your site on a web hosting account and the graphical security code is not being displayed when it should, then you should contact your host's technical support to find out if there is a problem with the GD extension. You can tell if the GD extension is installed by using the phpinfo() PHP function. Open a text editor and enter the following code:


Save this file as phpinfo.php in the web server root (xampphtdocs). When you navigate to that page in your browser, a number of PHP settings are displayed, including the status of the GD extension:

Building Websites with PHP-Nuke

If you do not see a table like the one above on the page, or if it does not say enabled next to GD Support, then contact your host's technical support. The XAMPP package we install in Appendix A has GD installed and working.

Seeing Who's Who

Log in to your site as the super user and activate the Members List module (deactivated by default). After activation there will be an additional option available in the Modules block called the Members List module, which provides anyone able to view this module with a list of the registered users:

Building Websites with PHP-Nuke

Clicking on the username will bring up a view of that user's profile:

Building Websites with PHP-Nuke

This is only a view of the user profile, and it is not an editable form. You will notice the word Forum in the above screenshot. The user profile displayed here is actually the user profile from the Forums module (and note also that the Forums module needs to be activated for this screen to be seen). You will also notice that the name of the site is wrong—it says, which is not the value we set for our site name. This is because the Forums module has its own set of configuration settings. We will see how to set these in Article 8. Also note that the Members List module takes information from the Forums module configuration settings.

The Forums module is a complete application—phpBB, one of the best pieces of free, open-source forum software around—integrated into PHP-Nuke. One aspect of the integration is the shared user account—the user account you create for the PHP-Nuke site also functions as a user account on the forums. As a user, it is possible to work with your details in two places in PHP-Nuke—from the Your Account module and also from within the Forums module.

Although there are two views of information, and two places to edit your details, there is still only one user account. At the moment, the Your Account module offers more user details than are found in the Forums module, such as newsletter subscription information.

The integration between the PHP-Nuke user account and the user account for the Forums module has gradually become tighter over the versions of PHP-Nuke, and they are likely to 'converge' further in future versions of PHP-Nuke.

Once a user account is created, and the user has logged in, a whole new world opens up to them.

The Your Account Module

The Your Account module is a visitor's space. The visitor is guided round their space by a graphical navigation bar as seen below:

Building Websites with PHP-Nuke

Before we look at each of these links, let's mention what else is on the front page of the Your Account module:

Building Websites with PHP-Nuke

  • My Headlines: The user can view a list of headlines from an RSS news feed of another site. The user can select from one of the headline sites that we saw in the previous article, or enter the URL of the site directly.
  • Broadcast Public Message: The user can enter the text of a public message to be shown to all current visitors of the site. We'll look at this in a moment.

These two features are not always displayed; their display is controlled by options in the Web Site Configuration menu that we'll see in a moment. However, the user is always able to see their Last 10 Comments posted and their Last 10 News Submissions on this page.

Returning to our discussion of the links in the navigation bar of the Your Account module, we've already seen what the Logout/Exit link does; it logs the visitor out.

The Themes link takes the visitor to a page from where they can choose one from the list of themes installed on the site.

We'll look at the Comments link in detail in the next article; it leads to options for viewing and posting comments on stories.

Note that when you are logged in as the super user, the Your Account module displays another panel called Administration Functions. This panel allows you to modify certain details of that user. We will talk about these in the next article and meet them in their natural context.

Editing the User Profile

The Your Info link takes the user to their user profile. We saw some of the options here when we looked at creating the user manually. These options are generally for personal details (name, email, and so on), newsletter subscription, private message options, and forum configuration, among others. The options themselves are straightforward. A number of options in the user profile correspond to forum profile options, and don't particularly affect the user outside of the Forums module.

After making any changes to a user profile, the Save Changes button needs to be clicked to save these changes. Note that the Save Changes button is not the button at the very bottom of the user details page—the Save Changes button is above the Avatar Control Panel:

Building Websites with PHP-Nuke

The button at the bottom of the form is marked Submit , and is only active when the options in the Avatar Control Panel are enabled.

The Avatar Control Panel seen at the bottom of the user profile contains an interesting option. An avatar is a small graphic, representing you as an online character. You can choose a graphic from the already existing library by clicking on the Show Gallery button next to the Select Avatar from gallery option:

Building Websites with PHP-Nuke

Clicking on this button brings up a selection of little images for the user to choose from. Simply click on the required image and this will be assigned to the user profile:

Building Websites with PHP-Nuke

Clicking the Back to Profile link will return you to the Your Info page.

The library of images you just saw can be found in the modules\Forums\images\avatars\gallery folder of your PHP-Nuke installation. If you want you can add in more images here, but make sure your image is a GIF file, and that it isn't more than 80 pixels wide or 80 pixels high.

Your Account Configuration

The Your Home link provides some options for configuring Your Account further:

Building Websites with PHP-Nuke

From this panel, the number of news stories displayed on the homepage of the site can be controlled. Remember, this setting only applies to you—and only when you are logged in.

Talking to the World with Public Messages

You can activate or deactivate public messages from Your Home too. Public messages are displayed to every visitor to the site They appear near the top of the page on the homepage of the site and remain there for 10 minutes, or until another public message appears:

Building Websites with PHP-Nuke

Public messages can be entered from the front page of the Your Account module page:

Building Websites with PHP-Nuke

Simply type in the text of your message and click on the Send button, and your public message is broadcast to all and sundry.

You can imagine having a message that is displayed to every single user on the front page of your site may be a bit too much. Fortunately, users cannot 'spam' the public message feature by constantly submitting public messages—once they have submitted a message they must wait for that message to expire before another is accepted from them.

Also, any user can turn off the public messages by setting to No the Activate Broadcast Public Messages? option in the Your Account module. This turns off the display of public messages to everyone. However, any user can turn them back on again by setting this option back to Yes!

The administrator can override all of this from the menu. The Web Site Configuration menu. The Activate Broadcast Messages option in the Users Options panel allows public messages to be turned off for everyone, with nobody other than the administrator able to turn them back on. The image below shows this panel in the Web Site Configuration menu:

Building Websites with PHP-Nuke

This setting, unlike the one in Your Home above, will prevent public messages from being entered and not just from being broadcasted. The Activate Broadcast Public Messages? option in Your Home is also not made available to users, since public messages have been banned anyway.

In the Users Options panel of the Web Site Configuration menu, the Activate Headlines Reader? option controls the display of the My Headlines panel on the front page of the Your Account module. Setting this to No means that no user can see or select other site headlines to be displayed in the Your Account module. The Let users change News number in Home option is simple; if set to No a fixed number of stories will be displayed to all users.

It's My Block and I'll Cry if I Want to...

The final option in the Your Home area, Activate Personal Menu, allows the user to enter some HTML that will be displayed as a block on the homepage of the site. This block can be used for easy access to handy links. By checking the box and entering some text your block will be created. We have inserted links to two articles here:

Building Websites with PHP-Nuke

When Save Changes is clicked, and you return to the homepage of your site, your block can be seen (by default it is on the right-hand side of the page):

Building Websites with PHP-Nuke

Remember that this block is seen only by you, the current user. In this way, every user can have a personal block.

Private Messages

Visitors can send messages to each other through the Private Messages conduit. It's a kind of site-specific email system, except that you can only send a message to one recipient at a time, and you can't send attachments.

While going through the Your Info module, you would have seen some options for visitors to be notified of any private messages sent to them; Notify on new Private Message by Email and Pop up window on new Private Message. If the administrator has activated the Private_Messages module, then the homepage of a user's Your Account displays a count of the private messages sent to them, and allows them to send a new message:

Building Websites with PHP-Nuke

Sending a private message from here can be confusing—there is no Submit or Send Message button. To send a private message, you simply enter the nickname of the intended visitor into the Send a Private Message to box and press the Enter key to submit the page. Provided there is some text in that box, PHP-Nuke will interpret that as a user nickname and move you to a screen for entering your message.

If you have any private messages, the number of messages is displayed as a link in the You have ... private messages(s) text. Clicking this link takes you to your private messages inbox:

Building Websites with PHP-Nuke

From here you can manipulate private messages in much the same way as you work with emails in any email client, although the Outbox and Sentbox deserve mention. Messages you have sent will first appear in the Outbox. However, once the recipient reads the message, that message moves into your Sentbox and you immediately know that your message has been read.

If the idea of private messages disturbs you as an administrator—after all, there is no option for a user to not receive private messages—then your only option is to turn them off for everyone by deactivating the Private_Messages module from the Module Administration area.

Note that the Private_Messages module is very different from the Messages functionality that we saw at the end of Article 3, do not get them confused. The Private_Messages functionality is also tied to the Forums module; that's why the screenshot above shows the wrong site name, as we explained earlier for the Members Lists module.

User Journal

In PHP-Nuke, every registered user is able to keep a journal. This is supplied by the Journal module and can also be accessed from within the Your Account module, which is why we are discussing it here. Rather confusingly, clicking on the Journal link in the Modules menu brings you to the Journal page, but with the same navigation bar of the Your Account module, so you feel like you are in the Your Account module. Note that if the Journal is deactivated, it will not be displayed in the navigation bar of the Your Account module.

In their journal a user can enter their thoughts and opinions, while other visitors can read these thoughts, and add comments in response. The user journal is like a mini 'weblog' for each user. Clicking the Journal link in the Your Account module brings up the main journal control panel:

Building Websites with PHP-Nuke

From here, you can view a list of other users' journals (Journal Directory), or the entries in your own journal.

Your Journal Entries

Let's start with your journal. Clicking on the Your Journal link brings up three links:

Building Websites with PHP-Nuke

When you have added some journal entries, a list of your journal entries is displayed under this panel.

Adding a Journal Entry

Clicking on the Add New Entry links brings you to a simple panel for adding your entry:

Building Websites with PHP-Nuke

You set the Title for the entry, its main content goes in the Body field (with the usual restrictions on the use of HTML), and a Graphic element. This element actually goes at the start of your journal entry, to encapsulate, in some way, the mood of your entry.

You decide if the body of the entry can be read by other visitors with the Public drop-down box. Note that if you set Public to No, other people will still be able to see the title of the entry, but will not be able to read the entry itself.

Clicking on the Add New Entry button records your entry in the journal.

Viewing your Journal Entries

You can view a list of your journal entries from the Your Journal page, and you will see your twenty most recent journal entries. Clicking on the List All Your Entries link will display all of your entries, more or less ordered by the date of their entry.

Building Websites with PHP-Nuke

The listing shows the date and time each journal entry was added along with its title, and some buttons to edit or delete the post. Of course, only the owner of the journal entry is able to modify or delete a journal entry, and not just any passing visitor. The Public column in the table indicates if the content of the entry can be viewed by other visitors. Clicking on the Title of a journal entry brings you to its content, and comments if there are any.

Building Websites with PHP-Nuke

From this view, you can edit or delete your entry, or add comments to the entry. The View More link actually takes you back to the list of the journal entries by this user (that's you here), rather than showing you more of the entry (there is no more). The User Profile link doesn't really do much here, since you are clicking on a link to show information about yourself, and it simply returns you to the Your Account homepage. When viewing the journal entries of others, this link will take you to some information about that user, including their most recent posts. Also when viewing the journal entries of another user, the Send a Message link can be used to send a private message to that user.

As the owner of the journal entry, you are also able to delete any comments attached to your entry, even if you are not the author of the comment. This is one way of keeping dissenting views about your opinions in check!

Peeking into the Journals of Others

Clicking on the Journal Directory link from the Journal homepage displays a list of other user's journals. You will see the list of the twenty users who have most recently added an entry to their journal, or you can click on the List All Journals link to see every user who has a journal. Although not a problem at this point, if you visit another PHP-Nuke site with many users and view all the journals, this can be a very long list.

Building Websites with PHP-Nuke

The rather gruesome sounding Search a Member link allows you to search for some text in other posts. You can search for your text in the user's name, the title or body of the entry, or the comments for each entry. A list of all journal entries matching your text is returned.

When viewing the list of users with journals, clicking on either the name of the user or the icon in the View Journal column brings up the list of that user's journals. Clicking on the icon in the Member's Profile column brings up some information about that user, which comes from the Your Account module, and includes such things as a history of their recent stories and comments made, and their online status.

As mentioned earlier, logged-in users are able to add comments to any public journal entry. The form for entering comments is very simple, consisting of a single box and a button to submit the comment. The comments for an entry are displayed in a line and it is not as rich in features as the one for story comments as you will find out in the next article. Since you have to be a logged-in user to post a comment to a journal entry, there is no anonymous posting and the username of the poster is displayed along with the comment.

Rewarding the User

Users who interact with the site can be awarded points. With enough points accumulated, a user becomes a member of a particular user group. You can restrict access to certain modules to registered users only; but you can take this even further, and allow only members of a particular user group access to the module. In this way, you can reward users who frequently participate in your community with extra modules or content that only they can view.

Although user groups and subscribed users seem similar in the sense that you can restrict module access exclusively for them, there are a number of key differences:

  • Anyone can join a particular user group by participating in enough prize-winning activities on the site. Users can only be subscribed through the action of the super user.
  • Conversely, without going into PHP-Nuke's database, the super user cannot put a particular user into a user group; this is something that the user has to earn.

Currently in PHP-Nuke we can restrict access only to an entire module; there is, in general, no way to restrict individual pieces of content within a module to specific user groups.

Points on Offer

By default, the following activities in PHP-Nuke qualify for points:

  • Views: Viewing any page on the site.
  • News: Getting a story published (namely submitting a story that then actually appears on the site, no points for just submitting a story!), posting a comment to a story, rating a story, or sending a story to a friend.
  • Polls: Voting in polls or sending them to a friend.
  • Downloads: Downloading a file, rating a download, or posting a comment about a download. There are also points available for similar activities in the Web Links module.
  • Forums: Making a new post or replying to an existing post.
  • Reviews: Posting a review in the Reviews section.
  • Journal: Making a journal entry or commenting on someone else's entry.

There are also points for clicking on banners, broadcasting a public message, or recommending the site to a friend.

The number of points scored for each activity can be set up from the User Group Administration area. You are able to assign a different number of points to any of the activities, including, if you want to be sneaky, a negative number of points! By default, all the activities have 0 points.

The User Group Administration area is found by clicking on the User Groups icon in the Administration Menu:

Building Websites with PHP-Nuke

This area shows you the currently created user groups, lets you to create a new user group, and lets you edit the number of points awarded for each activity.

Time For Action—Awarding Points for Viewing Pages

We will create a new user group, called PageViewers, to reward people for looking at the pages on our site. We will award one point for each page viewed, and membership to the group requires at least 20 points.

  1. Make sure you are logged in as the super user. If you are not in the User Group Administration area, click on the User Groups icon in the Administration Menu.
  2. In the Add New Users Group panel, enter the details of our group:

    Building Websites with PHP-Nuke

  3. Click on the Create This Group button.
  4. When the page reloads, you can see your newly created PageViewers group in the list of user groups. The Edit or Delete links enable you to modify the details of the group or remove it completely should you require.

    Building Websites with PHP-Nuke

  5. Scroll down the screen to the Points System panel, and continue to do so until you see Page View in the left-hand column of the table. Enter the number 1 into the third column:

    Building Websites with PHP-Nuke

  6. Click on the Update button at the end of that row in the table. If you click on the Update button of another row, your changes will not be saved!
  7. Now view some pages; just click on a couple of the links in the Modules block, and then click on the Your Account link. The points you have accumulated by viewing the pages can be seen in the middle of the page:

    Building Websites with PHP-Nuke

What Just Happened?

We just created a user group. The user group was called PageViewers, and we set a value of twenty points for the user to qualify as a member.

The only activity that we assigned points to was Page View. Every time the user visits a page on the PHP-Nuke site they will score one point; we only assigned one point to each page view. The number of points the user has accumulated can be seen in the Your Account module page, but any group to which they currently belong isn't displayed.

Restricting Module Access to User Groups

After you have created at least one user group, the option to restrict module access will appear in the Module Administration area. To restrict module access to a specific user group (and it can only be at most one user group) the module has to be first restricted to registered visitors only.

Time For Action—Restricting the Statistics Module to Frequent Page Viewers

  1. Click on the Modules icon in the Modules Administration area.
  2. Find the Statistics module in the list of modules, and click on the Edit icon in its Functions column.
  3. Select Registered Users Only from the Who can View This? drop-down box.
  4. Select PageViewers from the Users Group drop-down box:

    Building Websites with PHP-Nuke

  5. Click on the Save Changes button.
  6. When the page reloads, make sure the Statistics module is active by clicking the Activate link in the Functions column if necessary.

What Just Happened?

We restricted the Statistics module to members of the PageViewers group only. We had to select Registered Users Only for who can view the module; after all, the members of the PageViewers group are a subset of all the registered visitors. Finally, we made certain the Statistics module was activated.

However, when you click on the Statistics module, it is possible that you will still be able to see it, although you do have not enough points—the module should only be viewable to people with at least 20 points. This problem arises because of a bug in the file modules.php. We first need to correct this bug in the following manner:

  1. Open the file modules.php in a text editor (WordPad will do fine).
  2. Find the following line (reformatted here for readability):
    }else if ($view == 1 AND (is_user($user) OR is_group($user, $name))
    OR is_admin($admin)) {

    And replace with the following:

    }else if ($view == 1 AND (is_user($user) AND is_group($user, $name))
    OR is_admin($admin)) {

    Note that all we have done here is replace the first OR with an AND.

  3. Save the file.

Now you will not be permitted to view the Statistics module. You will first have to visit some other pages to rack up your page view score (up to more than 20), and only then will you be allowed to view the module.

Managing Other Administrators

The super user account that you have been working with has complete control over the entire site. As your site grows, it is possible that you may wish to get other people to help you out with some administration of the site, such as moderating news stories, or monitoring downloads, but you don't want them to have full super user power.

PHP-Nuke provides a secondary type of administrator account, with privileges for certain modules. These accounts are the solution to the above problem. These other administrator accounts are also known as authors in various parts of PHP-Nuke. Users of these accounts also log in at the admin.php page as the super user does. The author accounts are not ordinary user accounts that have been 'promoted'; they are a 'genuine' administration account.

Authors versus the Super User

Specialist administrators (authors) can be created with power over any of the default modules (Content, Downloads, Encyclopedia, FAQ, News, Reviews, Surveys, Topics, Web Links, and Your Account modules), and these privileges can extend to more than one module. In fact, any module (default or third-party) that appears in the Modules Administration menu can have privileges set for it. Whether that module makes use of the privileges or not is another matter.

The difference between author accounts (administrators) and the super user account is that the authors only have access to module administration. They do not have access to core 'system' functionality as we saw in Article 4. For example, you cannot create an author account that has privileges for the module, and also privileges to configure NewsBlocks. The only way to achieve this is to give that account full super user power; it is possible to assign the super user power to an author account.

We saw that the Administration Area was divided into two menus of icons, the Administration Menu and the Modules Administration Menu. An author account will only have the Modules Administration Menu displayed to the author in the administration area. We will see this in a moment after we create an example author account.

Consequently, without the core system abilities, an author account cannot create another author account. This can only be done through an account with super user power.

Creating an Author

To create a new author, click on the EditAdmins icon in the Administration Menu:

Building Websites with PHP-Nuke

This brings up the Author's Administration page, which includes a panel for editing the details of an existing administrator account, including the super user account, or deleting a previously created administrator account:

Building Websites with PHP-Nuke

The super user account is called the God account here.

Underneath this panel you will see a form to Add a New Administrator account:

Building Websites with PHP-Nuke

You need to provide a Name for the account—this is different from the Nickname of the account, which is used to log the administrator in. Also required is an email address for this administrator, and of course a password.

The Permissions field contains a list of modules with a checkbox for each. By checking these boxes, you are able to endow this administrator with privileges for that module. By clicking the Super User box, the account will have the same privileges as the super user account. However, this account can be deleted, unlike the original 'God' super user account that we created when we first set up the site.

Once the permissions are set up, and the account details entered, click Add Author to create this administrator account. This account is now valid from the administrator login (admin.php). Note that there is no additional 'normal' user account option available as was the case with the 'God' account.

If you use this form to change your super user account password, you will find yourself logged out and you will have to log in again with the new password.

Once an administrator account is set up like this, when the administrator logs in they will be met with a limited set of options in the administrator menu. The following screenshot shows an administrator account with permissions for the News, Surveys / Polls, Topics, and Users modules:

Building Websites with PHP-Nuke

If this administrator attempts to bypass this menu and enter the URL of some of the other administrator pages directly, PHP-Nuke will still prevent access.


In this article we have seen how to add users to your site and how users are able to register themselves on your site, and have explored the personal area for each user provided by the Your Account module. Within the Your Account module each user is able to create their own Journal, which can be used to record their opinions, and can be viewed and commented on by other visitors to the site.

We also saw aspects of how to manage the users of your site, such as creating a subscription for a particular user. Subscriptions are typically used to restrict module access only to fee-paying customers. We also looked at user groups, and saw how PHP-Nuke can award points to users when they participate in site activities. When a user collects enough points, they can become a member of a user group, and possibly earn themselves access to restricted modules.

Finally, we looked at creating other administrator accounts that are less powerful than the super user account. These administrators, or authors as they are known in PHP-Nuke, can have permissions for specific modules, and allow you as the site administrator to put the management of these modules into the hands of others.

Next article, Story Management with PHP-Nuke, is where we really start adding content to the site.

[ 1 | 2 | 3 | 4 | 5 | | 6 | 7 | 8 | 9 | 10 ]

If you have read this article you may be interested to view :


You've been reading an excerpt of:

Building Websites with PHP-Nuke

Explore Title