Skip to main content
Invisible Members Started by Steeley · · Read 11785 times 0 Members and 1 Guest are viewing this topic. previous topic - next topic

Invisible Members

I've searched the ElkArte settings and this board with no joy so far., so I'm compelled to ask...

Is there a way to set an individual member to be unlisted in the member view/listing? (Perhaps an odd request, but I do have a valid reason.. nothing nefarious.)


// Deep inside every dilemma lies a solution that involves explosives //

Re: Invisible Members

Reply #1

Should be possible but I am not sure whether we have that as a feature. An addon for that should be easy, I think.

Re: Invisible Members

Reply #2

Quote from: ahrasis – Should be possible but I am not sure whether we have that as a feature. An addon for that should be easy, I think.

Well, I guess this topic should be moved to the wish list then. I have many talents - most of which are despicable I'm told -but php programming isn't one of them (yet), alas. :-(

// Deep inside every dilemma lies a solution that involves explosives //

Re: Invisible Members

Reply #3

What's the use case?

Doing so is a bit tricky but maybe there's a valid usecase for it benig part of the general core of the software.

The one angle that does occur to me: if they're someone who posts, one would presume their existence will be noticed in general...

Re: Invisible Members

Reply #4

In my case, Arantor, my server host is a "sleeper" forum member - he steps in only if/when I become incapacitated (or I run into some technical problem with the forum and the server that I can't handle). 
The website is an archive of a 'classified" Marine group during the 'Nam war, documents, pictures recollections, etc. - some of our activities were covert, and in a few cases are still classified. 
You might find the "public part" interesting click here
My server host is not a member of that group, but is a trusted, long time friend and a lot younger than me (and I'm about the youngest in the group) - his eventual role will be archiving the site (including the discussion forum) with the US DoD (arrangements are already made for that), if I no longer can run the forum and the site. Until then he's not going to log into in the forum (again, unless something breaks I can't deal with). He won't be posting anything. unless we're testing something, and those posts would be deleted (I have a hidden "sandbox" board only he and I can access).
But, if forum members know that someone without a "need to know" is among the membership, they will likely be less open with their discussions, and then we lose historically-relevant information. So it's best if he's not listed in the member list at all.
That's my use case.  I can think of similar situations that would find a hidden-member option useful., not all of them nefarious.. ;D
Last Edit: November 15, 2020, 06:01:59 pm by Steeley

// Deep inside every dilemma lies a solution that involves explosives //

Re: Invisible Members

Reply #5

Ah, OK, that makes sense.

The quickest way that occurs to me is simply to not have an account. Register only at the time needed, then if they're the server host, they presumably have access to the database to make themselves an administrator.

If that's not possible, the next method that occurs to me is to make account deletion require approval from admins, then delete the account - which puts the account in a limbo state unless someone approves the deletion, though it sounds like there's only one admin so you're not going to do that.

The key thing about an account in deletion, it shouldn't show up on any of the listings of members - fairly sure banning does something similar by moving the account into a different status - but account deletion moves it to a non-approved state and the user can undo this themselves by simply logging in where it will ask them if they want to undo the deletion.

This is based on my memory of it, I would test this before relying on it in production, but that's without having to change anything; this is a very specific change I wouldn't expect to see deployed as standard without it.

I don't remember if the account pending deletion is also hidden from people going directly to their profile.

Re: Invisible Members

Reply #6

Quote from: Arantor – Ah, OK, that makes sense.

The quickest way that occurs to me is simply to not have an account. Register only at the time needed, then if they're the server host, they presumably have access to the database to make themselves an administrator.

That is true...  And I may very well go that route...  Good idea.

Quote from: Arantor –
If that's not possible, the next method that occurs to me is to make account deletion require approval from admins, then delete the account - which puts the account in a limbo state unless someone approves the deletion, though it sounds like there's only one admin so you're not going to do that.

The key thing about an account in deletion, it shouldn't show up on any of the listings of members - fairly sure banning does something similar by moving the account into a different status - but account deletion moves it to a non-approved state and the user can undo this themselves by simply logging in where it will ask them if they want to undo the deletion.

This is based on my memory of it, I would test this before relying on it in production, but that's without having to change anything; this is a very specific change I wouldn't expect to see deployed as standard without it.

I don't remember if the account pending deletion is also hidden from people going directly to their profile.

That's an intriguing manipulation, and I might explore that just out of curiosity, learning the nuances of the platform operations.  However, I have been known to exploit "features" for non-documented purposes that later the developers tell me were bugs, and I learned the hard way  "Incompatibility is just an update away.."

// Deep inside every dilemma lies a solution that involves explosives //

Re: Invisible Members

Reply #7

Why not allow the server admin use of your credentials then hide your online status? The server admin would have database access, therefore access to all your messages and PMs anyway. Here's the rub with creating an invisible member: members are sequential. Your guys are super attentive to detail. It's possible someone could figure out "hey, I can visit members 34 and 36. Where, and who, is 35? If these are only approved members, something not right." The member number is right in the url and can be accessed manually. Something like ?action....u=35....

Just a few thoughts. ;)

Re: Invisible Members

Reply #8

I did think of that too, badmonkey, but If I change my password for some reason and neglect/forget to tell him..

As for the rest, these guys are all 'Nam vets, most in their 70's and 80's (I'm almost there), and it's all most can do just to figure out how to use email. Even if they did see a gap in the member numbering, they'd probably figure it's just a deleted member, certainly none of 'em would suspect they could sniff it out, much less figure out how.

But yea, that is a shortcoming if you have really savvy users, but I'm probably the most technically advanced of the bunch, and I wouldn't have thought of it...   :-[

// Deep inside every dilemma lies a solution that involves explosives //

Re: Invisible Members

Reply #9

Right on. Ok, here's another idea. I maintain a non admin account on my sites for testing purposes. Occasionally it's beneficial surfing the sites through the eyes of a normal member. Create such an account, do as Arantor suggested and make it's primary membergroup a normal member, and secondary admin. Tell your members it is your test account, which is true. Allow your server guy it's credentials.

Just thinking of the simplest, least intrusive means to accomplish the goal.

Re: Invisible Members

Reply #10

Yep - I have a "snuffy" account for just that purpose..  [not sociable at all - nobody likes him..  ;D ]

Unfamiliar with the concept of "secondary admin", doesn't that account then see everything as an admin, which sorta defeats the purpose?

// Deep inside every dilemma lies a solution that involves explosives //

Re: Invisible Members

Reply #11

Yup, but normally such secondary admin accounts don't have an admin badge and thus fly under the obvious radar.

Re: Invisible Members

Reply #12

Quote from: Steeley – Yep - I have a "snuffy" account for just that purpose..  [not sociable at all - nobody likes him..  ;D ]

Unfamiliar with the concept of "secondary admin", doesn't that account then see everything as an admin, which sorta defeats the purpose?
 
 I thought having the ability to see everything was the point? The server admin can already see everything, anyway.

Re: Invisible Members

Reply #13

May be the best is still creating addon for this purpose i.e. allow admin to set any member as invisible or unlisted?

Re: Invisible Members

Reply #14

Quote from: badmonkey –
Quote from: Steeley – Yep - I have a "snuffy" account for just that purpose..  [not sociable at all - nobody likes him..  ;D ]

Unfamiliar with the concept of "secondary admin", doesn't that account then see everything as an admin, which sorta defeats the purpose?

 I thought having the ability to see everything was the point? The server admin can already see everything, anyway.

OK badmonkey, you did the twist on me  - suggest a non-admin account (which we use to check to see if we broke something for our "normal  users"), make it an admin account? (which defeats the purpose of the non-admin account) and then ask about it being the purpose having the ability to see everything.

Ummm.. not the purpose of my snuffy account, no, but the purpose of my "hidden" account... yea. but It can't be both, can it? (Don't get me wrong, a valid alternative to "invisible" is an imposter).

Anyway, in discussion with my host, Arantor's suggestion is the path we took - my host replied with the following:

"You're welcome to delete my forum account. As noted, I can create a new one if I need it to support any future troubleshooting. Just don't tell anyone it's my server, - I can see every bloody thing on the box if I'm so inclined."

And if I thought he was "so inclined" and didn't have discretion he wouldn't be hosting my box, 

In any event, my issue is resolved (because he is my host, and can make himself admin via the database if I'm not able), but as ahrasis suggests, it might indeed be a nifty addon, or even a feature if it's easy to do, The next forum owner that needs it may have a guru that doesn't have god-level access to everything,

A "back-door" account in effect.  (Maybe call it a "milkman account"..)  :o



Last Edit: November 20, 2020, 05:15:12 am by Steeley

// Deep inside every dilemma lies a solution that involves explosives //