Building a community style website

Sunday 20 February 2005 11:54:57 am

hello,

what im trying to do is building a portal with many personalised features, i.e, users can have his own blog, etc. Has anyone achieve this with ezp?

my flowcart so far reads like this:
i use a custom module to register new users. along with every newly registered user, there will be a new folder created under 'var' folder (var folder inside ezpublish, which is merely a db entry, not the var folder on the filesystem) with the same name of the new user. var folder is a folder i created to hold every user's stuff, such as image entries, blog entries, etc.
after the folder created the script continued to impose a subtree limited role to the new user which makes him able to create stuff within his own folder (the one under 'var').

what i want to ask:
is this the right way to achieve what i want in ezp? is there a hook in module/view "/user/register" or "/user/confirm" that get called after a user finished registering? is it ok to have so many role assignment? (if i have 3000 user registered there will be 3000 subtree limited role assignments).

i badly need advices..

thanks

Sunday 20 February 2005 12:50:57 pm

yes hacking into ezp sources is on my consideration too. but im trying as much as i can not to do that and use modules or availble hooks.

Monday 21 February 2005 12:28:21 am

I have used the last eight months building and running a community website with eZ Publish. We currently have over 300 registered users, and from 1000-1600 visits pr day.

Each user has his/hers own blog, image gallery, personal profile with image, basic info about themself (adress, email, msn etc), and a list of groups in the community that they belong to. I've also set up a messaging system, allowing users to send messages to each other. There's also a forum, much like the one here on ez.no.

Setting it up wasn't really as hard as it seems like you're planning on doing it. First of all, I used the user object as the container for the child objects - So that all messages, blogs and images are created directly under the user object. This gets me out of the custom module you mention, to create separate folders and rights for each user.

All (logged in) users are in principal allowed to create blogs, images and messages under ParentClass( User ). They also have the right to edit their own user (user selfedit *). I do the actual create and edit control in templates:

Because each user create blog entries and images directly under their own user, and the template that fetches the blog entries and images is the template for displaying the user (I use view parameters to check which view to enable - normal profile, blog or image gallery), a simple can_edit is enough to see if the current user should be allowed to create blogs and images (the can_edit checks the "user selfedit").

So, if the can_edit test is passed, I use a section to display a "Create blog-entry"/"Create image" button.

We've had this system up and running since August, and have had no problems with it so far.

I hope this was understandable.. Feel free to ask if anything's unclear :)

Monday 21 February 2005 1:16:18 am

That's correct. But seeing as the community I'm running is a closed one, there'd be no problem banning them from the site if they misbehave.

Monday 21 February 2005 10:10:33 pm

Yeah, it's a very noticable security breach, so unless you can trust your users to keep their hands of, and don't have any good ways to exclude people from the community, I guess you have to. But, as I said, I've had it running since August without problems :)

Friday 20 May 2005 1:08:01 am

If I may be so bold, Eivind.

Would you consider packaging your eZ publish installation and database and making the whole thing available to the community.

I would personally be very interested in re branding / cutting out your specific information and redistributing a finely tuned community distribution with all the settings required in place to start with instead of starting with a stock eZ publish installation.

I know there are others who share this interest.

respectfully,
//kracker

<i>Counting Crows : Up all Night ?</i>

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Friday 20 May 2005 5:21:13 am

Eivind,

I am willing to do the work for everyone as I am eager to <i>make</i> the time...

If you simply dump your database into your ezpublish directory and archive all of it with these commands:

cd /path/to/ezpublish ;
mysqldump -u userName dataBaseName -p > ezpublishDataBaseDump.sql;
cd ..;
tar -zcf ezpublishCommunityExample.tar.gz  ezpublish;

Simply email the ezpublishCommunityExample.tar.gz archive to <i>/dev/null</i> , no matter the size, please send the whole archive.

I will gladly take the time to trim out any specific branding / content from your build, host the whole edited archive publicly. I'll also break out the actual components / editions into smaller packages and host those publicly.

I can even host a live demo of the revisions for you to review for your approval of it's release.

Respectfully,
//kracker

Sixtoo & Sole & Sage Francis: When <i>Freedom</i> Rings

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Friday 20 May 2005 5:32:20 am

Our database contains sensitive and personal information on our 3000 members, so I can't do a complete dump, unfortunately. Any other approaches?

Friday 20 May 2005 11:22:07 am

Well,

I don't know if it will mean much of anything but I can't just give up without trying for the others who have already given up inside.

I myself am a systems developer who regularly turns his head away from 'noticing' others sensitive information?

I am well versed in ignoring / striping out sensitive information that I see in my day to day work in order to protect the client.

I doubt a solemn commitment, swear on my future (what ever it may be) in this community, my history in the community, that I could and very much would still like the opportunity to help you and everyone else asking for these kinds of solutions by cutting out the user details for you, with your review and approval (root access) to the entire reinstantiation of the code + the required edits of sensitive information without ever mentioning anything i might see while working with my head turned away as much as possible.

I'm sure the name, the sheer size of my posts, and more are good reasons at a distance to fear me, save this one thought that strikes me as i rise this afternoon....

I don't care about anything your trying to protect, I don't want what your trying to protect, I could care absolutely lesser than nothing.

I do care however for the community and I know I can handle the completion of the work for you, if the time it would take for you to commit to doing what is required to release.

An honestly, unless your storing credit card numbers in eZ publish (highly doubt it) you don't have anything worth being that paranoid about protecting, I don't want or care about what your using as an excuse not to contribute, your panicking over very little.

I'm a sysadmin, my day job is keeping quite about the client. When have you ever heard of me across the entire net dumping others secrets?

I think I've said just about what I woke up with (as dumb as my whole effort was here) ... I'll end with this ...

I can do what is needed, I swear that I would not redistribute anything without your in deep review of the released product + documentation. I swear that I would destroy all archives and copies at the end of the editing process.

We have had this conversation before, I remember it now, yet we have come back to this exact same point months later ...

<i>again....</i>
//kracker

<i>eminem : patiently waiting ...</i>

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Monday 23 May 2005 3:41:49 am

Export sounds like a possible sollution. How is that done?

And kracker, I'm sorry if I've been unclear. Refusing to give you the database isn't because of mistrust, but because it's a member registry for a youth organisation, including full names and adresses, birth dates and so on. So it's not about me trying to protect something, it's about me trying not to break the law. So even though I'm really interested in helping ez and the community, I'm not ready to go to prison for it.. ;)