I am making a telephone book on the net. I want to give users the possibilities to indicate or other user can search for example on their email adres?

does anybody knows how to do this ?


gr
martijn

I think he is talking about modifying the search process as opposed to just hiding the results... if I search on eliot@anthrotech.com and your record comes up, I pretty much know what your address is regardless of whether it is displayed or not.

It's a hard question. I experimented with disallowing wildcard searches on just the email address, but allowing exact matches and it works on the form based search (with a little help from JavaScript), but anybody with even an ounce of sense can just manually change the URL... so no solutions yet.

------------------
The Immuatable Order of Modding
-=-=-=-=-=-=-=-
1. Read the FAQ, 2. Search the board, 2a. Search the board again, 3. ask the question, 4. back-up, 5. experiment, 6. rephrase question (or better yet, post solution to original question)

I'm not sure of the coding.. but I believe you would have to add either a checkbox, or radio button field for every field you want the user to be able to hide.. (in the %db_def )

Then in the 'sub html_record' section.. you would have to add the appropriate 'If' statements eg.. if you wanted to ensure no-one could search your email address..


The above if statement means.. if $rec{hideemail} WAS NOT checked.. then it will print the email address for this person to the screen. (This is assuming you have made the checkbox variable called 'hideemail')





------------------
-----------
millsie

A smile a day...
keeps the viri' away.


[This message has been edited by millsie (edited March 01, 2000).]

thanks,

But when I for example search on the email address, I still find the profile of the user. You can't see the email address but if you know it, you can find the rest of the users' profile.
I want the user give te possibility to check, if they don't want to be found on the email address.
It is for a phonebook, on the net where users can enter there own profile with gsm phonenumber.

so if a user is going to search in the phonebook and they only know a email address they can search the book on email address. but not every user wants to be found on the email address..


I hope you know a solution


gr
martijn

millsie provided you the answer!

To clarify...

1) ADD a new field called hideemail or even better EmailPermission in the db_def hash in the default.cfg file. Make this a Yes or No field.

2) Then define this field as a %db_checkbox_field or %db_radio_field in the default.cfg file.

3) Then in your sub html_record_form routine, add this field as you defined it as either a checkbox or radio field (using the print &build_checkbox_field codes).

4) Then in the sub html_record routine add the following codes:


The translation of these codes is that if the person accessing the database is the admin and if the Permission of the field is No, then only the Admin will be able to view it.

Else...if the person enters Yes to have the Email address added publicly, then everyone can view it.

Adding the {$per_admin) condition will ensure that people cannot search for the Email field in your search form.

Of course, another solution is to create your own search form (turning off auto-generation off) and only include specific fields in the search form and NOT use the keyword option.

Then you would follow the above steps, except that in your sub html_record routine, you would replace the codes I've posted above with a variation of what millsie posted:


Regards,

------------------
Eliot Lee....
Former Handle: Eliot
* Check Resource Center
* Search Forums

True...However, additional codes can be added in the db.cgi file to "hide" the field completely from the query string, using similar codes that Carol (JPDeni) wrote for the recent Record Validation Mod.



Except I cannot locate the Mod, since she still has the older one in her "Mods" directory, which does not hide the field from the query string.

Oops...If I come across the Topic with the codes for hiding the field from the query string, I will post it here.

Regards,

------------------
Eliot Lee....
Former Handle: Eliot
* Check Resource Center
* Search Forums


[This message has been edited by AnthroRules (edited March 01, 2000).]

[This message has been edited by AnthroRules (edited March 01, 2000).]

I just thought of a "quick and dirty" way to do this only for the email part... remembering that the best security of all is if the email address is not even in the DB if not needed. Assuming you are using JPDeni's Secure Password mod, you could modify the change_email_in_records subroutine to ONLY copy over email addresses if showEmail is checked. Problem then becomes how to call the change_email_in_records when the showEmail pref is changed, but that shouldn't be as hard...

Look at this line...

You could change it to...

------------------
The Immuatable Order of Modding
-=-=-=-=-=-=-=-
1. Read the FAQ, 2. Search the board, 2a. Search the board again, 3. ask the question, 4. back-up, 5. experiment, 6. rephrase question (or better yet, post solution to original question)

[This message has been edited by oldmoney (edited March 01, 2000).]

[This message has been edited by oldmoney (edited March 01, 2000).]