ℹ️
Welcome to the archive of the old FlatPress support forum. Browse more than a decade of FlatPress wisdom! Login is disabled.

The current FlatPress support forum is available here: forum.flatpress.org
Feature/Plugin Request
  • I wanted to know if it were possible to have multiple authors for a blog. I'm administrating a blog with someone else, and we would like it if we could use different logins. It could be something that an admin would have to add while logged in, but couldn't see the password. Thanks for anyone who helps.
  • Currently, it isn’t possible. However, I was always wondering what are the files in folder fp-content/user doing. One of them is my login, sure. But I may create more of them.
  • You can run setup twice (or as many times as you want) to create extra logins, but it's not recommended to have more than one author for FlatPress... in case you break it. Just remember to delete your setup files when you're done - otherwise anyone could visit your blog and create an account for themselves the login and wreak havoc.

    I do this then set up Windows Live Writer for each user so they can post using that rather than the FP control panel editor.

  • I’ve fallen in thinking. Actually, very little is missing for a full-fledged multi-user blog. Unpacked Flatpress to a localhost folder and ran setup. Created a user and wrote an entry. Logged out, deleted the setup lock, ran setup again. Created a user and wrote another entry. Deleted the two copies of the welcoming entry. And now I have a blog with two entries, written by two different authors. The Leggero theme (and many others) display the name of the author, too.
    So, multi-user is partly supported.
    Let’s see what’s missing yet.
    1. To add a new user, we have to call core.users.php the appropriate way, I’ve lost in the labyrinth but that’s just me. Only one thing has to be changed: the array $user, stored in fp-content/users/[username].php, to store an additional value, a boolean telling if the user is an admin. When the first user is created, this is set to true; for other users, it’s set to false.
    2. The Control Panel needs some redesign, decisions here and there upon the admin status of the active user. When a non-admin user lists entries in the Control Panel, only his/her own entries should be shown. An admin can see all of them.
    3. A new panel should be added, called Users. This appears for admins only. It lists users and offer commands like Toggle Admin Status and Remove User. And there is a command to add new user. So, only an admin may add a new user.

    We can touch it up a little, of course. For example, additional user statuses may be created: Owner (the same as an admin but other admins aren’t allowed to take his/her admin status), Editor (the same as a non-admin but has the right to edit other users’ entries, just not to remove them) – or we may implement specific rights for separate actions like changing theme, adding/editing/removing static pages different from entries, enabling/disabling plugins, and so on.
  • Hi, I would also write something about this topic :-)
    The problem of allowing more than one user to login in flatpress is very old.

    Creating an user is very easy. After you obtained an hash for a password, you can create the user creating "by hand" a file, like LAttilaD said.

    The historical problem was the lock on the index: if two users writes the index in the same problem the behaviour is undefined: what is saved on the file? The content of the first user? The content of the second user?
    However NoWhereMan implemented a lock system, but Flatpress can't be considered to be used from two users.

    So now we could consider the lock problem as done, however an ACL is still missing.
    How would you implement it?
    Would you replace old APIs? What about plugins?

    Last problem (not so important): what about old comments? How would you differentiate admins/author of the post from normal users?
  • Knowing nothing about the index, I have no medicine. Maybe if I’m told how does it work.
  • Only NoWhereMan knows it :-)

    However if you open core.bpt.php and core.fpdb.php, you find the whole code.
    There are many stages and if you see at the moment there if there is a lock a warning is triggered and the entry is saved as draft.

    I think that the main problem will be with old plugins, such as remote posting and the administration panel.
    There should be a plan to add the multi-users feature.
  • Surely I can find the whole code, simply I don’t understand it. Most of Flatpress code is so tricky and complicated I cannot reach it. However it’s a beautifully designed code. My knowledge is insufficient.
  • I'm just asking about having multiple admins.

  • I'm just asking about having multiple admins.

      As I said, you can run simply setup twice (or as many times as you want) to create extra logins but you really need to do this when you first set your blog up** because:

    1) It'll wipe any settings you may have entered (e.g. new theme selection, blog title) back to the default settings each time you run setup.

    2) It will also create another "Welcome to FlatPress" post (which you'll need to delete).

    3) You should delete setup.php and your setup folder for security reasons.

    n.b. Each time you re-run setup you'll see a warning telling you to first delete a lock file which the previous setup procedure will have installed on your server. This is an added security feature to stop someone fishing around for FlatPress installations where the user has forgotten (or simply not bothered) to delete their setup files to prevent a complete stranger from creating an admin account for themselves.

    All of the above is pretty painless - I do it most of the time to create a separate admin account for myself whenever I set a blog up for someone else, so we can each have our own passwords.

    ** You can copy the setup folder and setup.php file back to your server in case you want to do this after you've already deleted those files. I think there's another way to do all of this but this is how I do it.

  • Hi, what Stanley said is right.
    This is the simplest way to create admins.

    The other way can be used also to change password.
    It consists in creating the hash of passwords (calling the function user_pwd) and then creating manually the file of the user.
    Last way is calling the function user_add, with the clear password (it's hashed automatically).
    However these two ways are for "advanced" users.
Start a New Discussion

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion