Hey all, I'm looking for some help(and verification if possible) on an issue when a user changes groups via the phpBB3 plugin. The way I have it setup is the default user(those without an active subscription) is a "guest" and when there is an active subscription the user is moved to a "registered user". The problem I'm running into is if an active subscription becomes expired the user is properly made a "guest" in phpBB3 as far as the guest group id being attributed to the user in the users table and the user added as part of the guest group in the groups table....the user when logged in, though, is still able to post, read and send PM, etc..all things that a "registered user" does but are not permissions allowed for guests. This works in reverse, too, btw...if a user is a "guest" because of an expired subscription and resubscribes they are made a "registered user" in the db but when logged in are unable to post, read pm's, etc. The only way I've been able to resolve the issue is to go into the ACP of phpBB3, search for the user, and simply click on the submit button....the user then has proper viewing of the forum associated with their group. Now, I'm pretty sure what is causing this but I sent in a help desk ticket and have twice now been told alls I need to do is rebuild the db. I've done this twice already to humor myself and it's pretty frustrating not to even have my idea of what's going on be acknowledged by the support staff but so be it...I come to you Has anyone else working with phpBB3 noticed the same issue? I'm almost thinking all phpBB3 plugin users are effected the same way but perhaps there hasn't been a big enough turn around of users in the forum for it to be noticed. The way phpBB3 works is that there are group id's....when a user is in a group the id of the group is added to the user in the users table...and, in the groups table the user_id is added as part of whatever group one is a member of. This is pretty much what the plugin does and works well this way. The thing is phpBB3 also uses a field in the users table called "user_permissions" which is a cached copy of all the individuals permissions...this field when phpBB3 is used natively is emptied everytime a user changes groups(or permissions changed) and the first time a user logs in after the field is emptied is rebuilt based in part on the group the user is a member of. If this field is not emptied, the permissions in this field can't be rebuilt, and the user continues to have the same permissions as before the user was changed to a different group. This is how it is defined as working by first my own testing and then also by the developers of phpBB3. The phpBB3 plugin for AMember is simply not emptying out the "user_permissions" field when a subscription is expired when a user changes groups so the user still maintains their origional permissions. I imagine within the plugin every time a users group is changed it needs to be added to also empty this field so it can be rebuilt with the new permissions...which is also why I'm posting this Sorry for the long one but I am really curious if anyone has run into or noticed the same issue (I don't think I'm going crazy) and/or if you have any good ideas on how to add the emptying of the "user_permissions" field within the plugin when the users group changes. Hope I made sense...again, the support team here didn't even acknowledge that this could be a possibility where if it was explained to me why not I'd probably be rebuilding the db for a third time thanks
If anyone runs into this this is what I did..... edit phpbb3.inc.php.. beginning around line 206 change PHP: $this->query("UPDATE [db]users SET user_type = '$user_type', group_id = '$max', user_password = '$pass', user_email = '$member[email]', user_email_hash = '".crc32(strtolower($member[email])).strlen($member[email])."', # user_timezone = '$user_timezone', # user_style = '1', user_colour = '$group_colour' WHERE username = '$username' "); to PHP: $this->query("UPDATE [db]users SET user_type = '$user_type', group_id = '$max', user_permissions = '', user_password = '$pass', user_email = '$member[email]', user_email_hash = '".crc32(strtolower($member[email])).strlen($member[email])."', # user_timezone = '$user_timezone', # user_style = '1', user_colour = '$group_colour' WHERE username = '$username' "); and then beginning around line 246 change PHP: $this->query("UPDATE [db]users SET user_type = '$user_type', group_id = '$max', username = '$newmember[login]', user_password = '$pass', user_email = '$email', user_email_hash = '".crc32(strtolower($email)).strlen($email)."', # user_timezone = '$user_timezone', # user_style = '1', user_colour = '$group_colour' WHERE username = '$old_username'"); $this->phpbb_update_groups($newmember['login'], $additional_max); to PHP: $this->query("UPDATE [db]users SET user_type = '$user_type', group_id = '$max', user_permissions = '', username = '$newmember[login]', username_clean = '".strtolower($newmember[login])."', user_password = '$pass', user_email = '$email', user_email_hash = '".crc32(strtolower($email)).strlen($email)."', # user_timezone = '$user_timezone', # user_style = '1', user_colour = '$group_colour' WHERE username = '$old_username'"); $this->phpbb_update_groups($newmember['login'], $additional_max); it's basically just emptying the 'user_permissions' field upon subscription update and creation for existing users. I know this is an issue after seeing some third party scripts for user management for phpBB3, reading several related threads at the phpBB3 forums, and getting a response directly from one of the developers. The actual permissions for a user are built off the groups and individuals defined permissions and stored in the 'user_permission" field...permissions aren't simply giving a user a group id. Anyway, the line in the 2nd edit, username_clean = '".strtolower($newmember[login])."', isn't needed for this purpose but I added it for it allows one to change a username in aMember and have it correctly reflected in the 'username_clean' field of the phpBB3 DB...if not added you can't edit a user directly in the phpBB3 ACP if a username(if it has capitals) has been changed via aMember. of course, edit at your own risk.....I don't think it would be supported by the developer of aMember because of what I mentioned in the first post.
Thanks zenpig66 for this. I just experienced the same issue as you described and I'm glad I found your post. User was added to a group after he purchased "upgraded" access, but his permissions were not set correctly. I was fixing this issue manually by changing his default group to a basic access and then changing it back to the upgraded access. I compared SQL snapshots before and right after my workaround and the only value that has changed is "user_permissions". It was set to from some long hexadecimal value to just empty ' '. So I can definitely confirm what you wrote. I believe this issue should be address by aMember developers and incorporated into the phpBB plugin. I found that in the most recent phpb3 plugin the developers added the line Code: username_clean = '".strtolower($newmember[login])."', but they should add the Code: user_permissions = '', fix as well.
I think im having the same problem HOWEVER when im testing out users and expiring there memberships they still seem to have premium.
Maybe this problem only exists when I delete a payment from a member.... will wait and see what happens if it naturally expires!
also noticed that any membership group that existed in phpBB on amember signup is also removed on expiry. e.g. if user is a member of registered user on phpBB prior to amember signup and they then add a premium account, on expiry any previous groups they were members of prior to amember are also removed so they get removed from the registered user group. I know you can set a default group to add to the member once their account subscription expires, but they should not be removed from the user groups they were members of previously??
also noticed that any membership group that existed in phpBB on amember signup is also removed on expiry. e.g. if user is a member of registered user on phpBB prior to amember signup and they then add a premium account, on expiry any previous groups they were members of prior to amember are also removed so they get removed from the registered user group. I know you can set a default group to add to the member once their account subscription expires, but they should not be removed from the user groups they were members of previously OR give an option via admin panel to let them keep their previous groups prior upgrade?