Hi,

I'm using JA Submit 2.1 and Community Builder. JA Submit allows users to enter a "Full Name" and "Email" which are automatically and correctly filled with the user information as it shows in CB.

Is there a way to make the two boxed read-only, so that users are forced to submit using the information from CB?

Otherwise a user can pose as someone else, and there's no way telling since the backend shows only the name that was used in JA Submit.

Otherwise works great, many thanks!


== SOLVED ==

OK here's a quick'n'dirty fix. Changing the inputbox type in the ja_submit.html.php to type="hidden" just hides the box, so users can't access it any more. Like this:

From the original


<tr>
<td><label for="created_by_alias"><?php echo _H_FULLNAME; ?>*</label>:</td>
<td><input class="inputbox" type="text" name="created_by_alias" id="created_by_alias" size="50" maxlength="50" value="<?php echo $my->name; ?>" style="width:200px;" /></td>
</tr>
<tr>
<td><label for="email"><?php echo _H_EMAIL; ?>*</label>:</td>
<td><input class="inputbox" type="text" name="email" id="email" size="50" maxlength="50" value="<?php echo $my->email; ?>" style="width:200px;" /></td>
</tr>


to this


<tr>
<td><label for="created_by_alias"><?php echo _H_FULLNAME; ?></label>:</td>
<td><?php echo $my->name; ?><input class="inputbox" type="hidden" name="created_by_alias" id="created_by_alias" size="50" maxlength="50" value="<?php echo $my->name; ?>" style="width:200px;" /></td>
</tr>
<tr>
<td><label for="email"><?php echo _H_EMAIL; ?></label>:</td>
<td><?php echo $my->email; ?><input class="inputbox" type="hidden" name="email" id="email" size="50" maxlength="50" value="<?php echo $my->email; ?>" style="width:200px;" /></td>
</tr>


Now the user just sees her/his username and email but can't edit. Works ok though maybe not the most elegant solution.

Hi,
Now the user just sees her/his username and email but can't edit. Works ok though maybe not the most elegant solution.

How about unregistered visitors? If I want to let visitors submit news or articles, how can they input their name and e-mail if hacked folowing your method ?

How about unregistered visitors? If I want to let visitors submit news or articles, how can they input their name and e-mail if hacked folowing your method ?

You're right unregistered users can't post that way. My site is members-only and all members have a CB profile. I want to force them to use the name in that profile and not anything else. And I don't want unregistered members to post at all, they don't even have access to that part of the site.

Probably there's a way to address your problem too.

The following works for me, EDIT: NOT!
when logged in user can't change name or email.
File to change, ja_submit.html.php line 180 +
<tr>
<td><label for="created_by_alias"><?php echo _H_FULLNAME; ?>*</label>:</td>
<?php
if ( $my->id ) {
echo "<td>".$my->name."</td>";
}
else {
echo "<td><input class=\"inputbox\" type=\"text\" name=\"" .created_by_alias. "\" id=\"" .created_by_alias. "\" size=\"50\" maxlength=\"50\" value=\"".$my->name."\" style=\"width:100px;\" /></td>";

}
?>
</tr>
<tr>
<td><label for="email"><?php echo _H_EMAIL; ?>*</label>:</td>
<?php
if ( $my->id ) {
echo "<td>".$my->email."</td>";
}
else {
echo "<td><input class=\"inputbox\" type=\"text\" name=\"email\" id=\"email\" size=\"50\" maxlength=\"50\" value=\"".$my->email."\" style=\"width:200px;\" /></td>";
}
?>
</tr>

I would also want to disactivate the security image,
But first I'll have to get it working.

OK, sorry about that, the above actually doesn't work,:((
It sets the user name and email to a text object but then you can't send the post as there is no user related to the post... So,,,
the following changes the input text fields of the user and their email to read only, so they can't edit them.
<tr>
<?php
if ( $my->id ) {
$newtype = ("readonly");
}
else {
$newtype = ("");
}
?>
<td><label for="created_by_alias"><?php echo _H_FULLNAME; ?>*</label>:</td>
<td><input <?php echo $newtype ?> class="inputbox" type="text" name="created_by_alias" id="created_by_alias" size="50" maxlength="50" value="<?php echo $my->name; ?>" style="width:200px;" /></td>
</tr>
<tr>
<td><label for="email"><?php echo _H_EMAIL; ?>*</label>:</td>
<td><input <?php echo $newtype ?> class="inputbox" type="text" name="email" id="email" size="50" maxlength="50" value="<?php echo $my->email; ?>" style="width:200px;" /></td>
</tr>
What it does is check if you are logged in and set a variable "newtype" to "readonly" then places that newtype into the input field tag. Again you'll want to add this above code to the file ja_submit.html.php line 180 +
replacing the following, :
<tr>
<td><label for="created_by_alias"><?php echo _H_FULLNAME; ?>*</label>:</td>
<td><input class="inputbox" type="text" name="created_by_alias" id="created_by_alias" size="50" maxlength="50" value="<?php echo $my->name; ?>" style="width:200px;" /></td>
</tr>
<tr>
<td><label for="email"><?php echo _H_EMAIL; ?>*</label>:</td>
<td><input class="inputbox" type="text" name="email" id="email" size="50" maxlength="50" value="<?php echo $my->email; ?>" style="width:200px;" /></td>
</tr>

What I did is simply add a readonly="readonly" to the name and email <input> tag. Should works fine if you don't want unregistered users to post content.