1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Check user/user group permissions in php

Discussion in 'XenForo Development Discussions' started by RichardKYA, Mar 6, 2016.

  1. RichardKYA

    RichardKYA Well-Known Member

    How can I check if a user (not visitor) has a certain permission in an external php file?

    For example, check if a user (not visitor) has permission to upload an avatar?

    How would I be able to do that in php?

    Thank you for any help :)
     
  2. RichardKYA

    RichardKYA Well-Known Member

    Sorry, forgot to add, and how would I do the same for user group permissions?
     
  3. James

    James Well-Known Member

  4. wang

    wang Well-Known Member

    First you must initialise xenforo 's framework in your external script. And enter the full path to your forum for the $fileDir variable.

    PHP:
    <?php

    $startTime 
    microtime(true);
    $fileDir '/full_path_to_your_forum';

    require(
    $fileDir '/library/XenForo/Autoloader.php');
    XenForo_Autoloader::getInstance()->setupAutoloader($fileDir '/library');

    XenForo_Application::initialize($fileDir '/library'$fileDir);
    XenForo_Application::set('page_start_time'$startTime);

    XenForo_Session::startPublicSession();

    $visitor XenForo_Visitor::getInstance()->toArray();

    ?>
    Then you declare the $visitor variable which will give you access to all its records.

    Then you check for permissions like this:

    PHP:
    if($visitor->hasPermission('avatar''allowed'))
    {
       
    //your code
    }
     
  5. RichardKYA

    RichardKYA Well-Known Member

    Thank you both for your responses

    @wang - Can that method be used for the $user variable as well?
     
    wang likes this.
  6. wang

    wang Well-Known Member

    You can use the $visitor array. It is the same thing. E.g, you can get users names with $visitor['username']. What member information do you want to display btw?
     
  7. RichardKYA

    RichardKYA Well-Known Member

    Unless I'm misunderstanding something in your reply, I thought $visitor will give you the visitor info (eg: The member viewing the site) and $user will give you the user info (eg: Other members using the site, including the visitor also).

    Example: If I was viewing your profile page, you would be $user and I would be $visitor, but if I was viewing my own profile page, I will be referred to as both $visitor and $user. OR if I was viewing a page like "Notable Members - Most Likes" - I would be $visitor and $user, and everyone else would also be $user - this is what i want, $user, so that I can check all $users on the page and not just me, $visitor.

    What I want to do is check if $users have a certain permission, for example: permission to upload an avatar, have a custom user title or signature.

    Using the helperAvatarUrl as an example...

    Code:
    public static function helperAvatarUrl($user)
       {
        if($user->hasPermission('avatar', 'allowed')) {
              Do this
        }else{
               Do that
        }
       }
    
    ...but if I do this...

    Code:
    public static function helperAvatarUrl($visitor)
       {
         $visitor = XenForo_Visitor::getInstance()->toArray();
    
        if($visitor->hasPermission('avatar', 'allowed')) {
              Do this
        }else{
               Do that
        }
       }
    
    ...won't that just check my permissions?


    Thank you for help :)
     

Share This Page