Drupal 7: Reveal field to anonymous user after an email validation - drupal

This is the requirement for a Drupal 7 site -
The site will not have any registration facility for visitors. It is basically a content oriented site with all content created by content editors.
All content are visible to anonymous users.
There is specific content type (consider "document") that will have a file upload. Users can download the files.
The "document" nodes will not reveal the file download link when an anonymous user views the node for the first time. Rather it will ask the user to input his email address.
Once the user inputs a valid email address, the link to the file is revealed.
There will be a log record of the user input email addresses.
I want to know if there is a contributed module that can already do this. If not, is it possible to achieve this by using a combination of contributed modules? If even that is not possible, what could be the best way to achieve this?

Related

How to provide service that hosts user data without violating user privacy?

I'd like to start a website that provides users with photos editing/storing experience. The initial idea is that the user has his own account where we store the edited photos and some settings. I'm am a WordPress web developer and when I try to consider how to build such a website in WordPress I don't really understand how to provide such a services without having access to user photos. My idea was to create a custom post type and save it with the user as an author. But as an admin of the website, I will have access to all the created/saved photos and I would like to build it in a way that I don't have it. Is it possible?
I've used previously the app to write a diary that saved the data to my Google Drive and if I understand correctly, it never had access to my files.
So my question is: what are the best practices to build such a resource? Is it normal to have access to all of your user photos if you provide such a platform?
In your case, as you will use WordPress and you are the developer you will always have access to the data of everything.
You will always have a way of knowing which data is from user or which data belongs to another user.
You have two options to do this, but this will take some development work:
1 - You must recreate the way WordPress works where the user is not related to an email and not private data that can relate to the user.
Example: You ask the user to register only that only asks for a hash that can be any word, number, or any other information and a second field would be the password.
With this in the backend you get this two information and do some kind of hash I'll give the example using md5 but do not use it.
After that join these two data and this will be the user.
and to login the user needs to repeat this information and will be within the platform. With this you will be able to maintain the anonymity of the user and will not know who the user is.
In this option you will have for each hash and password a different user :)
But I recommend not using wordpress if you choose this option. You can use a framework like CodeIgniter for example which is super simple.
2 - The second way would be to use the normal wp User, not worrying about who the user is and their information. But one way to keep photo information "anonymous" is to generate a unique hash with each user and have some way of relating the user to it.
Example: When uploading a file to edit it will generate a passkey, you must warn the user that when they want to edit this photo or view they will need to type it into an input. With this you will not know which information is from which user. but it requires extra work for the user
This way you will always have anonymity of user information. I hope I helped you somehow.

drupal how to allow logged in user to edit specific content node?

I have a Drupal 7 site with single SSO via the LDAP module, which allows us to run the site as n Intranet and users that hit the site with IE will get automatically authenticated using their active directory credentials.
I have a personnel directory content type that holds a list of all of our employees and some of their stats (photo, email, phone number, etc.).
The problem I want to allow the logged in user to be able to edit the node in the personnel directory page that represents them, but because there is no relation between the logged in user and the nodes under the personnel directory content type I am not sure how to go about allowing users to edit their own entries?
The personnel directory page is automatically populated/updated via feeds (it looks at our AD, and pulls down users and updates them if it detects updates in AD meta data).
Somehow I need to tie the logged in user to the specific node, any idea how I could automate this as there are over 300+ nodes/users.
Ultimately, I'd like to have a "edit personnel bio" link that they can link, that will link based on their [current logged in user ID] it will allow them to edit the correct node in the [personnel directory] content type.
I hope this was clear enough to point me to some direction.
Thank you.
basically you want to create a user "role". Then in your permissions page (the one with 1000 checkboxes) you can add edit access to your "personnel bio" content type (or fields) for just that user role.
Then in your template you provide the user a link to the same page with /edit in the url.
Make sure the user has permissions to edit the node of that type. Upon creation of the node via feeds, create a rule (use the Rules module https://drupal.org/project/RULES) to change the creator of the node to that user's uid.
Add another field in the user's account to match their AD username to tie them together. To do this, create a module as seen at https://drupal.stackexchange.com/questions/8253/how-to-add-extra-fields-to-user-profile

How can I get rid of spam users

The company I work for have a small Plone blog. But we have a problem with spam accounts. We use captcha on the site and Plone sends a mail to the users that they must confirm before they can edit the user profile. Still about 600 spam users are created every day. In the Plone user profile they paste all kinds of commercial links.
We are located in Denmark and the blog is in danish, therefore I have made a script to delete all users with a non danish mail adress. But even though most of the real users have a danish mail account I probably still deletes some real users when running the script.
The spam users register from a vide range of ip-adresses, so blocking ip's is not an option.
Does anyone have ideas to what to do about this problem?
Disable Plone comments/public user creation and use a third party commenting service such as Disqus.
They somehow trick recaptcha (if you find out, please let me know :)
But how do they do the email validation? They don't have to. Plone join_form has a hidden field for password which is filled by this bot and Plone saves it as the real password (check the REQUEST object comming from this bot)
So the bot doesn't need to check email for password. That's how they get in and activate those accounts. So fix the hidden password field from join_form.
Then, remove all users that have links in their profile description (as a real user you don't do that, do you?). Also don't let the users to input HTML within their profile description.

Drupal 6 - Email Newsletter Module - Attaching nodes/stories content, mail collect send to access denied page

I have hard time using this module in my Drupal 6 site. Since I downloaded and installed required modules such as:
Email Newsletter,
Bounced Email,
Deliver,
HTML to Text,
Identity Hash,
Publication,
Schedule,
Subscribe Members,
Subscribed,
Subscribed Silverlight,
Templates,
I have problem solving some issues, enewsletter sends mails with proper information in Tokens, but it does not attach any nodes nor story information. I've insured that publishing options in content type are selected (default checked) and followed instruction described in readme.txt, but nothing happen.
I receive test emails only with token information nothing more. There is something else, when i set block with collect mails option block show up as predicted, but when i enter particular e-mail address after submitting, page reloads to access denied page.
I'm more designer than developer, so I could use some help.
Cheers
Use this module drupal.org/project/simplenews_content_selection to select the particular content, You can select any number of contents
To send automatically use the below module
http://drupal.org/project/simplenews_scheduler Download and install the module, choose the appropriate setting, see the below image

Show uploaded files to Anonymous user but only allow download from registered

On Drupal 6 I am attaching a file to a node. This can be done using the core upload module or as a CCK field (What ever will achieve the permissions issue).
I would like anonymous users to be able to see the file, but once they click on it to be prompted to login or register. Once logged in (or registered) then to be taken to either the same page they started on or start the download.
Not really sure where to start on this (related to the permissions and then the eventual redirect).
One method that i would do is in the template files detect if there is a userid variable (To indicate they are logged in), if there is show the link to the file - if they are not then to send to the login/registration page. I can store the link they wanted in the user session. But then how would i detect their registration is complete and redirect them to the page/file?
Ideally there is a module (which I am still hunting around for) that does this task!
Basically, you just need to set the destination parameter, this works for the basic login/registration form. If you however require something like email confirmation for registration, then it's going to be a lot more complicated.
Example Links:
user/login?destination=download_url
user/register?destination=download_url
There is also an API function that will automatically generate the destination part for the current URL: http://api.drupal.org/api/drupal/includes--common.inc/function/drupal_get_destination/7.

Resources