Questions

I am interested in using aspplayground. I have some questions.

Will I have the ability to see if a user changes their password (not through password retrieval) in their profile?

Do you have a lock out feature available for password guessing?

What are the IP tracking features? Can I set up to have IP's viewable to anyone? Or just admins and mods?

Can I block an IP?

How does your blacklist feature work?

If a user checks the hide online selection in their profile can I still track where they are in the forums?

Can I set it up so that both mods and admins can track where the user goes in the forums, providing they do not check their hide online selection?

Will I have the ability to read my users private messages? If so, can I set it up that other staff can too?

TIA

thanks for your interest in our software:

1) no about password change
2) no for password guessing - this is not desirable because usernames are publicly available and anyone can play a prank to lock out other's account
3) IP viewable to admin and mods only
4) yes about blocking IP
5) once a user is in the blacklist you will not see his posts nor will you receive PM from the user
6) yes, as long as you are an admin, you will see them no matter if they choose to hide
7) everyone can see who is doing what unless the person decide to hide from the online list. See point 6 above.
8) you can impersonate an account (this is one of the admin's privilege) and go into the PM page to read user's private message. You can have multiple admins in our software.

Thank you for your response Samuel very good.

The following was a bit confusing:

6) yes, as long as you are an admin, you will see them no matter if they choose to hide
7) everyone can see who is doing what unless the person decide to hide from the online list. See point 6 above.

Okay so admin can see where the user is whether or not s/he checks hide online. Is this a live function, in that admin must be viewing at the same time or is this data tracking feature?

Re: (7) when you say 'everyone' I'm assuming all users can see from the users profile if h/she is online if the user does not check hide online. However, who can see where a user actually is in the forum itself, and once again is this live or with data tracking?

Question (2) makes a lot of sense for pranks. I've been locked out of web-based email from the same. However password guessing can be an issue. Any suggestions other than having the user choose a very strong one?

Speaking of passwords, are passwords viewable to admins and mods?

I just did a test on password changes. I signed up as Geo3 and did some changing and made an error in entering old password etc. and got this message:

Either the feature is disabled, or you do not have sufficient permission.

Now when that happens what does a user have to do to log in again?

What does admin see happened and what does admin have to do?

TIA

yes, it is a "live" function.

There are two tracking feature 1) tracking exactly where a user is in the forum (viewing message / topics / profiles, etc.). See here.
2) a simple indicator of whether a person is online (v♦isiting the forum). This is available by the author column of the message page (see left)

anyone can see both "things" as long as 1) admin enables the online tracking feature 2) a user chooses not to hide his presence. If he hides his presence, both things will be hidden to everyone but admins.

As to password guessing: I think you can make a function to check how many times a "session" submits to the login page. Store a counter in a session variable. If it is more than 5, disallow the session to access the login page (response.end, e.g.). This is not the perfect solution but it could be a very effective one.

Passwords are hidden (hashed) in the db. No one can see it.

If you made an error to change the password, then nothing is changed. You simply go to the login page again to login using the original password. Admin does not know if a user made a mistake changing his password. Nothing happens to the account and the original user got logged out due to security reason.

Very good.

I have checked some of your competitors features and there seem to be many variables but perhaps it's just the way they are listed. Also I'm not a programmer and these features may only be avail to PHP based software. In addition some of these may be obvious so I apologize in advance if they are silly questions. Specifically here are some that I've come across that are of interest to me and I'm wondering if you offer them as well:

Moderation control
- mod notification of questionable posts
- warning system to track policy infringment made by users, with ultimate private message issued with reasons
- user suspension where upon a user recieves a message at login of temporary suspension

Special Forums
- secret bat caves if you will where a user requires a separate password to get in


Private Topics

- Multiple users can participate in a single private topic. Maximum number of participants is defined by the admin.

-New Private Topic indicators.

-Tracking to see who has or has not read a post within a private topic.

I see that that Rich Text Editor is obviously available but I've visited one of your clients and they do not have that in place. Perhaps they have not updated or have decided to turn that feature off?

Custom Emoticons
- again I have visited one of your clients forums and notice the emoticons are almost identical to the ones you have to my left. I imagine that one can upload any sort?

Buddy Lists
- along with notification when buddies come online

Community Calendar

Chat Room

Animated Avatars
- some users enjoy having their avatar blink and such, is this an option?

Also the 'Prune' function came up but I'm not sure what that means exactly.

 CAPTCHA

Multi-Quotes
- Replying to several posts at once, even quote posts across forums

Photo Gallery
-thumbnails

Member Management

-Allows the admin to search for members using various criteria, including: last visit time, group, IP address, last post and more.

-Ability  to remove all posts from one specific user.

TIA for your time.

Probably should have done this first. I checked out your FAQ's and found a few answers on my own. [insert blushing emoticon].  But I now can't remember what answers I found. I also enjoyed testing your forum. It's very nice software!

I see how the online user tracking works now. I'm sure I'm not alone in my concern for security and control of my forum. Lots of users are using IP masks these days. I'm not familiar with how well they work but I understand that the user can set them to change IP's every so many minutes. In any case how about this scenario for your software:

A user logs in. Is the IP recorded upon log in as a permanent record?
A user makes no posts. No IP is recorded in that way I assume unless admin is watching the user at the time.
A user logs out. Is the IP recorded again as a permanent record?

1) mod control
 - yes
 - yes
 - can suspend user by sending him to a group (created by yourself) that has no access right, and he will be notified by email

2) sp forums
- no password protected forum

3) pr topics
 - no private topics feature

4) custom emoticon
 - definitely you can change by replacing original ones and adding new ones

5) buddy list
 - we have an address book feature but no online notiification

6) calendar
 - yes

7) chat room
 - no

8) admin avatars
 - yes, you can add avatars (changing it to whatever you want)

9) pruning - deleting a lot of messages at once based on a few criteria you can specify

10) captcha
 - no in this version, but the next

11) multi quotes
 - no

12) gallery with thumbnails
 - yes

13) member management
 - you can search by IP and group, and order user list by last post
 - yes, you can delete the user and his posts will be removed as well

IP control

1) user log in - IP recorded
2) user posting - IP recorded. Other than posting, we don't record IP again
3) user log out - IP not recorded

Hi!
    Very nice!

   Thanks!