Block user search

dhdesign

I'm using my Vanilla install as a ticket support system for clients. I would like to block clients from being able to do a search to find other users.

I've checked through the forum and the available extensions, and haven't found anything that would do this.

Anyone have any ideas on how to accomplish this??

FlyinFinn

Bump and same problem here. Or at least I'd like to hide all user details from non admin users. I just don't know how to do it properly. Any advices are welcome.

WallPhone

Private accounts extension could be a good starting point. Just upgrade it from hiding details from guests to normal members.

FlyinFinn

Thanks mate! It was easy to edit that extension so that people (except admins) can't go to account.php page, BUT I'd like to prevent them seeing search results of users, too. I'm sure it's not a hard one, but can't see easy solution. So hiding the whole user search would be the best solution.

WallPhone

Try commenting out line 82 of library/Vanilla/Vanilla.Control.SearchForm.php ($this->TypeRadio->AddOption('Users', $this->Context->GetDefinition('Users'));), that should remove the option. To secure further, you may want to comment out the code that handles search further down.

FlyinFinn

Ok, here is what I did:
- commented some details from /themes/search_results_users.php
- commented line 82 of library/Vanilla/Vanilla.Control.SearchForm.php
- commented "Advanced User Search Form" from /themes/search_form.php , but left fieldset tags that it wouldn't break ShowAdvancedSearch() function, like this:
// Begin Advanced User Search Form echo '<fieldset id="SearchUserFields">'; /* ... */ echo '</fieldset> </div>';

Not the secure nor best solution, but it's enough at the moment Thanks for you.