phpBB

Development Wiki

Founder

From phpBB Development Wiki

A Founder is any user with the user_type set to 3 (USER_FOUNDER constant)
This user (Founder) is able to access all administrative areas of the board regardless of assigned permission, they have full administration permissions and can never be banned, deleted or altered by non-founder users.
This does not effect any user or moderation permissions.
At least one founder is required for a board.
Founder status can be given to more than one member at a time, note however, that any Founder can set another founder to a normal (non-founder) user, so this option should be handled with care.

Setting Founder Status

There are two ways to set a user to Founder status.

  1. Go to ACP > Users & Groups tab > [ type in username ] > Set Founder to: Yes.

  2. The second option should only be used in situations where there is no other logical method. If another admin requires founder status, a SQL Query is may be a good option if you are unable to access portions of the ACP due to limited admin permissions.
    UPDATE phpbb_users SET user_type = 3, user_permissions = '' WHERE user_id = x
    Where x = user id of User you are setting to founder status.


Founder Only Variables and Switches

To use a switch or variable to pass on to the templates for founders only...

$template->assign_vars(array(
    
'MY_VARIABLE'    => ($user->data['user_type'] == USER_FOUNDER) ? $variable_for_founder $variable_for_user,
    
    
// or a switch... (better)
    
'S_IS_FOUNDER'    => ($user->data['user_type'] == USER_FOUNDER) ? true false,
));

Template usage:

<!-- IF S_IS_FOUNDER -->Only the Founder can see this! :<!-- ELSE -->Non-founder users can see this<!-- ENDIF -->

and...

{
MY_VARIABLE}

Restricting Scripts/pages to Founder Access Only

For scripts that could potentially be dangerous, instead of allowing open usage, or using...

die('please disable this die message to use this script');

Which leaves the script open for as long as you have it on your server without the die message in place.
The following method should be used in such occasions:

<?php
/** 
*
* @author Highway of Life
* @package Develop
* @version $Id: page.php $
* @copyright (c) 2007 copyright info
* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
*
*/

/**
* @ignore
*/
define('IN_PHPBB'true);
$phpbb_root_path './../';
$phpEx substr(strrchr(__FILE__'.'), 1);
include(
$phpbb_root_path 'common.' $phpEx);

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('common');

// is the user logged in?
if (!$user->data['is_registered'])
{
    if (
$user->data['is_bot'])
    {
        
// the user is a bot, send them back to home plate...
        
redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
    }
    
// the user is not logged in, give them a chance to login here...
    
login_box('''LOGIN');
}
else if (
$user->data['user_type'] != USER_FOUNDER)
{
    
// the user is logged in, but they are not a founder, give them a nice warning message
    
trigger_error('NOT_AUTHORISED');
}

// the rest of your script/page

You can also limit page viewing to admins with special permissions.
e.g.: (instead of the above: else if ($user->data['user_type'] != USER_FOUNDER)

else if (!$auth->acl_get('a_'))
{
    
// the user is logged in, but they do not have admin permissions, give them an error message...
    
trigger_error('NOT_AUTHORISED');
}

// or...
else if (!$auth->acl_get('a_user'))
{
    
// the user is logged in, but even though they may be an admin, they don’t have user admin permission,
    // so they get an error message...
    
trigger_error('NOT_AUTHORISED');
}


See Also