Rog's User List System

How to get more out of Akiva's WebBoard version 4.x, 5.x, and 6.x with Rog's User List System (version 1.0)

This guide tells you how to get the best results from my "user list system," which is intended to serve at least two categories of WebBoard applications.

You're a system administrator who rents virtual boards, or you work for an organization, and you have (possibly "internal") customers who are going to pay (or engage) you to add users, delete users, or initialize (or refine) the membership of (possibly closed) boards, private conferences, and/or conference e-mail lists.

You run an organization, or a small college, and you wish to maintain a series of private conferences, and/or conference e-mail lists, and/or board memberships.

WebBoard's default operating mode isn't suitable for any of these applications, absent a fair amount of custom programming ... and database access would almost certainly be required. Both of these requirements represent substantial obstacles to many users. Except for one tiny (less than 1K) configuration file written to the board's HTML subfolder, this system requires no direct WebBoard database access, and runs entirely on the client side.

For a preview of how the system works, please see the demonstration pages in the User's Guide at: http://www.rs-freeware.org/ul/ul_ugid.htm#demos.

This code is freeware. You use it at your own risk. No warrany of fitness for use or any other form of guarantee inheres.

You may use it and/or the source code in whole or in part for any otherwise legal purpose that you deem fit; however you may not claim legal ownership of same for legal purposes against anyone who's obtained it from an "independent source" (such as this web page).

1: Is this the right system for your needs?

2: About the User's Guide

3: Limitations and Warnings

4: Training and alternatives

5: Install (1): Complete Install Zips

6: Install (2): Standard Install

7: Install (3): Rebuilding the source files, and/or making modifications

8: Bug reports, comments, and change requests, etc.

9: Other freeware products

10: Version history information

11: Acknowledgements

1: Is this the right system for your needs?

I offer two similar systems: this is the User List (UL) system.

There's also a larger sibling, known as the Access Control (AC) system.

In general terms, this system has a less elaborate series of "user facing" files (i.e. those that the user has direct contact with), and no support for Paid Subscriber Boards.

But only you know your purpose, so here are a few observations that should make it easy for you to decide:

Are you running a "Paid Subscriber Board"?
If so, you should be using the Access Control system instead: http://www.rs-freeware.org/ac/
Are you a system administrator, or WebBoard administrator, or anyone else who must create/delete users and/or move users in and out of board user lists, private conference membership lists, and/or conference e-mail subscriber lists?
In other words, are you mainly concerned with moving users into or out of the WebBoard database, or any of the other special "enclaves" that WebBoard provides (i.e. board membership lists, private conference membership lists, and conference e-mail lists? And after the users are properly moved, does someone else have the responsibility for using those boards and/or conferences for whatever ultimate purpose they're intended?
If so, then you probably don't care much about the "user facing" pages: your goal is just to put users in the right places.
If you're answering "yes" to these questions, then this is right system for you.
Are you associated with a small organization, or small educational institution, that can only afford to rent "one WebBoard" (i.e. a single "virtual board") instead of owning your own server?
If so, you should be using the Access Control System, and running it in Subscriber Board" mode: http://www.rs-freeware.org/ac/
Are you associated with a large organization, or a large educational institution, that owns its own server(s), and which has very strong concerns about privacy?
If so, you should be using the Access Control system, since it contains powerful security measures that prevent unauthorized access to user profile information, user e-mail addresses, etc.: http://www.rs-freeware.org/ac/
Consider a scenario: you work for the Dean of Students at Ohio State University. All 50 100/200-level English courses are represented in the same "WebBoard" (i.e. the same virtual board). A fraternity party is on the horizon. So, an enterprising fraternity member (who happens to be a Computer Science sophomore), realizes that there are 10,000 students enrolled in these courses, of which 4,000 are female. So he uses the "Search Users" capability to download all the names and e-mail addresses of female students who are enrolled in in these courses, in order to "spam" them with unwanted invitations to the fraternity party. This system doesn't let you to stop that sort of mischief, whereas the larger sibling (AC) system does: http://www.rs-freeware.org/ac
Are you associated with an organization that wishes to help build its membership by providing several levels of "guest" access to prospective members?
Once again, you should be using the Access Control system, because it has has many "buttons and levers" that help you determine how much guests may access. For more information, you may wish to consult the User's Guide: http://www.rs-freeware.org/ac/ac_ugid.htm#guests.
Are you concerned about efficiency, both on the server as well as the client side?
Once again, the Access Control system has more advanced capabilities: on the server side, the configuration file can be loaded from the server at most one time for each user who accesses a given board, whereas the smaller sibling (UL) system loads this file when users edit their profiles. That might not matter unless your server was already overburdened, and you have very large numbers of users.
This (UL) system also burdens the topics (left frame) page with about 1.5K of JavaScript that has to be delivered from the server every time that page is refreshed.
Finally, this system does more cookie access, which means that the user's hard drive is going to get read and written more often.
If none of the previous bullet points have caught your attention, but you've modified a great many of the "user facing" WebBoard pages, then you may prefer the smaller sibling.
This system has about 40 modified WebBoard pages, whereas the larger sibling (User List) system has about 60.
There are only about 20 "administrative" pages, common to both systems, that that move users in and out of boards, private conferences, or conference e-mail lists (i.e. these are not "user facing" pages: the remaining pages are).
What that means is that there are about 20 modified "user facing" pages in this system: if you aren't that concerned about security, you may prefer this system.

If you're still not sure which system is best for your needs, you might want to compare the configuration options that appear (for board mangers and WebBoard administrators) on the Manage Conferences Page. The Access Control system's options are at: http://www.rs-freeware.org/ac/ac_democ.htm. This system's options are are at: http://www.rs-freeware.org/ul/ul_democ.htm.

You can also compare the "security" discussions: the Access Control system's security considerations are at: http://www.rs-freeware.org/ac/ac_ugid.htm#howsecure; whereas this systems's analogous information is at: http://www.rs-freeware.org/ul/ul_ugid.htm#howsecure.

If you need further assistance, please contact me.

Return to table of contents

2: About the User's Guide

If you prefer to learn about the system from seeing the demonstration pages, please view this section of the User's Guide: http://www.rs-freeware.org/ul/ul_ugid.htm#demos.

Most of what you need to know about running the system is contained in the User's Guide, and this link will tell you precisely what to read (depending on your needs): http://www.rs-freeware.org/ul/ul_ugid.htm#whattoread .

Return to table of contents

3: Limitations and Warnings

Here are some important limits of the system:

WebBoard 6's ASP interface and WebBoard 6's "modern layout" aren't supported. However 6.x is otherwise supported, as is 4.x and 5.x.

For assistance with either of these unsupported cases, please see Section 8 for my contact info.

There is no effective way to get this system to do its job properly for "end users," on boards that use basic authentication, *however*, that need not be a problem if you're only interested in using this system to "populate" board user lists, conference e-mail lists, or to generate conferences.

The "end user" aspects of this system rely on the ability to "boot" unauthorized users, by resetting their cookies (i.e. on cookie authentication boards).

If you must use basic authentication, you'll have to use closed boards, and install the system's files in order to create one or more "staging" boards where users can be manipulated.

This is because a user can't be "logged out" of a basic authentication board until all their browser windows are closed. If you attempt to use this on a basic authentication board, unauthorized users will be repeatedly thrown back to the loginagain.html page, but never completely removed. (For some situations, that may be enough.)

But to repeat: if your only reason for wanting this system is to "populate" board user lists, conference e-mail lists, or to generate conferences, then you needn't worry about the "end user" aspects. You should still use this system, even if all your boards use Basic Authentication. In the Install section, I divide the installation files down into two parts.

Users who run the administrative/management functions must be using Inernet Explorer (IE), version 5.0 or higher. "End users" must be using IE4 or higher, or Netscape (NS) 6.0 or higher.

I've done some testing with NS 4.x, and it seems to work for "end users," but I don't gaurantee to fix bugs for NS versions below 6.0. There's no version of NS that can compete with IE5+: NS "end users" should be encouraged to switch to IE.

It's very important that there be indexes (preferably unique indexes) for these three tables: Board_User, Security, and User_Lists.

If you don't know how to check for the presence or absence of these indexes, or you need help creating them, please contact me.

Users who perform management/administrative functions must have a "decent" computer, a monitor with at least 800x600 resolution (1024x768 is strongly recommended), and at least a 28.8 telephone modem connection (DSL, cable, or intranet is recommended). Of course, this system can be run directly from the WebBoard server itself, but this isn't recommended for production servers.

You can perform the management/administrative functions required by this system over a 28.8 telephone modem, with a 200Mz Pentium with 64MB, provided there are fewer than about 1,000 users to be manipulated.

For applications involving 2-5,000 users, I suggest management/administrative functions be performed on a machine that's at least 500MZ, with at least 96MB, and a telephone modem that runs at 56KB or higher (again: cable/DSL or intranet connections are preferred).

To perform management/administrative functions for the largest applications (those involving more than 5,000 users), a telephone modem probably won't do, and I strongly recommend using a processor running at 1.0GZ or higher, with 128MB of memory.

If you absolutely must preform management/administrative functions on a production WebBoard server, you can, but I discourage this: it's always possible that an IE bug will cause the system to "freeze," although this isn't particularly likely with modern server OSs.

"End users" can work on whatever machine they wish, so long as they're browsing with IE4+ or NS6+.

This system will work with news groups, however you'll have to either used closed boards, or use private conferences exclusively.

Closed boards are still compatible with this system as long as you're a WebBoard administrator, although the consequence is that you'll have to do extra work. (See the User's Guide for a more detailed explanation: http://www.rs-freeware.org/ul/ul_ugid.htm#whyopen).

Return to table of contents

4: Training and alternatives

I'll be happy to answer questions if you wish to contact me; see section 8.

If you need training, I can provide it at the rate of $35/hour: you may only need an hour or two. I can also assist with the install, for a flat fee of $75, provided that you haven't customized more than one or two WebBoard pages. You'll find my references at: http://www.rs-freeware.org/rog.

There are also alternatives: Akiva's superb technical support staff (Derek Nicol, for one) tell me that the WebBoard Premium Edition is an excellent product. If you wish to obtain an evaluation copy, you can write to Derek at: dnicol@akiva.com.

Return to table of contents

5: Install (1): Complete Install Zips

If you want this documentation, as well as all the included zip files, WebBoard 4 and 5 users should download ul4.zip instead. WebBoard 6 users should download ul6.zip.

Once you download the complete install zip file, you'll still have to follow the rest of the install instructions.

Return to table of contents

6: Install (2): Standard Install

For WebBoard 4 and 5 users, the standard install file is: ul_rel4.zip.

WebBoard 5 users must use these four files (without the "5" in their names), instead of the corresponding files for WebBoard 4: confadd5.html, confedit5.html, sysadmin5.html, and useredit5.html. (In other words, if you're running WebBoard 5, you'll have to rename these files. As you may know, the upgrade to WebBoard 6 is free.)

For WebBoard 6, use: ul_rel6.zip.

Don't forget to unzip the help subfolder files onto your board(s)' help subfolders.

If you've customized any of the WebBoard pages that are in my install, you'll have to either propagate your customizations to my pages, or propagate my alterations to your customized pages.

I'm going to break the file list down into two parts. Here are the files that "end users" don't see, which are required in order to move users in and out of the WebBoard database, the user list for boards, the membership of private conferences and/or the subscriber list for conferences with associated e-mail lists:

File name	Purpose:
help/ac_ac.html	This is the main Manage User Access page that does most of the access management work (managers and WebBoard administrators get to this via the Manage Conferences page).
help/ac_acul.html	This is the User List page, that comes up automatically when managing user access.
help/ac_buex.html	This module initiates client-side background processes for the Manage User Access page.
help/ac_wrtf.html	Incorporates the tag script ac_wrtf.js (see immediately below), and reports any errors found by the latter.
ac_wrtf.js	Tag script that writes or appends to a *.txt file on the board's help subfolder, using various cookies, and which is contained within the above file. This is used to write the system configuration file.
confadd.html	Modified to absorb model conference characteristics, plus the fields associated with the current conference-being-added, when conferences being added.
confadded.html	Modified to participate in the batch process, when conferences are being added: this page reports the successful adding of a conf.
confedit.html	Modified to block moderators from editing conference definitions, if this configuration option is chosen, also to absorb "model" conference characteristics, when conferences are being added.
confmanage.html	WebBoard's "Manage Conferences" page has been modified to WebBoard administrators and board managers view/modify the the system configuration options, and bring up the Manage User Access page. (For conference moderators, this page is unchanged from WebBoard's default). This page also "feeds" the list of conference names and IDs to the Manage User Access page.
confmove.html	WebBoard's "Move Conferences" page has been modified to include an additional listing of conferences-by-conference name, to support moving conferences for large volume academic and organizational applications into "decentralized staging boards" (see the User's Guide for more details).
manager.html	This is the Manager page: I've removed the option to "add users" with the "Wizard," because the login name, first name, and last name restrictions aren't enforced on it. These restrictions are described in the User's Guide.
offline.html	This page comes up when the system administrator pauses the WebBoard server. It sets a special cookie value which is used by the client-side batch process control discipline.
select_boardusers.html	This is WebBoard's page that lets a WebBoard administrator select the users for a closed board. However, this page will also load on open boards, and I've modified the sysadmin.html menu to remove the WebBoard tags that conceal the link to it. Modifications allow exporting of users ID#, and/or names and logins via a manual method, as well as through the client-side batch process control discipline. The page's form may also be submitted automatically via the client-side batch process control discipline.
select_forum.html	This page lets users be selected for membership in a private conference. It's been modified to prohibit conference moderators from using it, if the configuration options have been set to disallow that. Other modifications are similar to those described above, for select_boardusers.html.
select_listusers.html	This page lets users be selected for conferences with associated email lists. Modifications are similar to those for select_forum.html, above.
select_mlist.html	This page lets a manager or administrator choose which email list to modify: it's been changed to allow extraction of the conferences #s with associated email lists, via the client-side batch process control mechanism, and is loaded by the Mange User Access page, during that page's initialization process.
select_moderators.html	This page lets a manager or administrator select conference moderators. Modifications are similar to those for select_forum.html, above.
sysadmin.html	This is the administrator page: modified to remove the <closed_board> tags, so the user list can be maintained for open boards. This allows a WebBoard administrator to grab the user ID# list, in order to move the board membership into a private conference, if necessary.
sysadmin5.html	Same as above, but for WebBoard 5, only. (This file doesn't exist in the WebBoard 6 release).
useradd.html	This is the "add users" (without wizard) page on the manager and administrator menus. The system's additional restrictions on login and first/last names are enforced. (These restrictions are described in the User's Guide.) Also, this page will support invocation via the client-side batch process control discipline.
userdelete.html	This page is used to delete users, and has been modified to support invocation via the client-side batch process control discipline.
userlisting.html	This is the page that comes up in the left frame for a wide variety of situations in which users must be located for purposes such as adding them to a board's user list, to the membership of private conferences, or to the subscriber list for a conference with an associated email list. One type of change allows a list of WebBoard user ID#s to be pasted in. Also, this page has been modified to support the client-side batch process discipline, so a user ID# can be located, after a user has been successfully added. This page is the only client-side mechanism in WebBoard that allows a WebBoard administrator to locate a user who isn't on the current board (i.e. who isn't in the board_user table).

Here are the "user facing" files: you don't need them if you're a system administrator or a WebBoard administrator who wishes to move to move users in and out of the WebBoard database, the user list for boards, the membership of private conferences and/or the subscriber list for conferences with associated e-mail lists:

File name	Purpose:
help/ac_nojs.html	This page comes up when a user has turned off JavaScript: a user who turns off JS can normally not enter the board; however some clever unauthorized users may turn it on temporarily in order to log in (or come in from other boards), and then turn it off again as quickly as possible, in order to stop the system from throwing them back to the login page. This page is brought up via <noscript> and <meta http-equiv="refresh" ...> tags in most pages, in order to prevent unauthorized users from bypassing the normal checks and/or defeating the "booting" mechanism which resets the WebBoard WB-User and WB-Pass cookies.
addrbook.html	This is WebBoard's "address book" page, which contains the interface for searching users. Modified to block unauthorized access to this page: if so, it sends users with JavaScript turned off to help/ac_nojs.html, and sends users with no access back to the login page.
asknew.html	This is WebBoard's "log in as a new user?" page. Modified to see whether the WB-User cookie is a space: if so, this user has been booted by the system, an alert with the board manager's email address is broadcast, and then the user is sent back to the login page.
bookmail.html	This is WebBoard 6's page that lets users send email to other users who are in their address book. (This page doesn't exist in WebBoard 4 or 5, and is irrelevant in WebBoard 6 unless the WebBoard administrator makes this option available to users when creating or editing the board). Modified to block unauthorized access to this page: if so, it sends users with JavaScript turned off to help/ac_nojs.html, and sends users with no access back to the login page.
login.html	The login page has been modified to block out users who've turned JavaScript off, and to avoid showing the Guests GIF, as well as (for closed boards or boards on which users can't register themselves) the New User GIF.
newuser.html	This is the new user registration page for boards that don't use email address verification. This page will broadcast an alert and won't run if new user registration has been turned off in the configuration options. Also, the system's restrictions on illegal characters in the login name, first name, and last name are enforced. (These restrictions are described in the User's Guide.)
newuser-e.html	This is the new user registration page for boards that use email address verification. Similar changes to those above, for newuser.html.
topics.html	This is the topics (left frame) page. It sets the AC_UserStat cookie to the user's status (0 for guests, 1 for ordinary users, 2 for moderators, 3 for board managers, and 4 for WebBoard administrators). If the user is a guest, or if there are no conferences available for ordinary users, then it will clear the WB-User cookie, and send the user back to the login page; otherwise it will augment the AC_BdIDs cookie with the board ID# of the current board, to indicate that access is allowed.
user-profile.html	This is the user profile page for boards that use real names: any guests who are clever enough to make it this far will be prevented (on the server side) from seeing users' e-mail addresses.
user-profile-l.html	This is the user profile page for boards that use login names: changes are similar to those for user-profile.html above.
useredit.html	This is the profile editing page. First, users who aren't managers or WebBoard administrators can't change their logins, first names, or last names, if this has been prohibited in the configuration options. The system's restrictions on logins, first names, and last names are enforced (see the User's Guide), no matter which user is submitting the page. Special guests aren't allowed to submit this form at all. As always, unauthorized users are sent back to the login page, and users with JavaScript turned off not only can't use the page, but are sent to help/ac_nojs.html.
useredit5.html	Same as above, but for WebBoard 5 (this file doesn't exist in the WebBoard 6 install).
usersearch.html	This is the user search page. Changes are similar to addrbook.html, above.

Return to table of contents

7: Install (3): Rebuilding the source files, and/or making modifications

If you want to modify the system, you'll need to download the source code. For WebBoard 4 and 5 users, this is in: ul_src4.zip. WebBoard 6 users use ul_src6.zip.

Note that these zip files are contained within the "complete" install download, as described in section 5.

You'll need to unzip these files into a new folder on your hard drive.

After you do so, you'll have to install my "JavaScript MakeFile" system onto that same folder: http://www.rs-freeware.org/jsm.

Within the JavaScript MakeFile system, I offer specific instructions for WebBoard users, at: http://http://www.rs-freeware.org/jsm/jsmdoc.htm?WebBoard_Regenerate.

In a nutshell: after installing the "JavaScript MakeFile" system, you'll have to modify the "make" file: ac.mak.

This is the line that you'll have to change:


DEST=f:\\w\\html\\ul

DEST should have the folder name of your main WebBoard HTML folder; probably: c:\\webboard\\html, if you're running it from the server.

Note that double backslashes are required to separate folder names.

For more information about folder names, please see my DOS primer.

This system shares files with the AC (Access Control) system): if you wish to modify this system's files, you'll need to read the instructions in ul.mak for more details..

Return to table of contents

8: Bug reports, comments, and change requests, etc.

You can e-mail me at rog@NOSPAM_rs-freeware.org if you encounter problems, or think that you've found a bug.

I can also be reached by telephone in the U.S. from about 9 AM U.S. central time to 5 PM U.S. central time at: 765-742-6705. If you don't get an answer, you can use my numeric pager at: 765-417-0664 ... I'll try to call you back, if you're in the U.S, Canada, or Mexico.

Please supply me with as much information as you can about your server, your version of WebBoard, any browser or Operating System that was involved, including the WebBoard Server's Operating System (9x, NT, 2K, XP?). Also, please provide any configuration files, or customized WebBoard files that you were using. Keep in mind that I might actually have to have the opportunity to try what you were doing, in order to diagnose the problem.

BTW, I don't gaurantee to answer all e-mail or fix all bugs, etc. Please remember that this is freeware, and that my time and resources are limited.

That said, I've put a lot of work into designing, coding, testing, and documenting this product, and I'm probably going to be fairly interested in any comments anyone has, fixing any bugs, and/or extending the scope to applications that strike me as being potentially valuable to a large number of users.

Naturally, if you're willing to hire me to make changes for your special-purpose application, I'm certainly willing to consider your offer. My standard rate is $75/hr., but I may charge less if the work is to be done for a small business (less than 25 employees), or a nonprofit organization (in the latter case, I might even do it on a gratis basis :-) I may also consider charging you nothing if you're suggesting an improvement that I feel is of value to a large number of other users.

You can find out more about me, including references, and a list of clients/projects at: http://www.rs-freeware.org/rog.

Return to table of contents

9: Other freeware products

WebBoard users will find lots of WebBoard freeware at: http://www.rs-freeware.org/freeware.htm.

Anyone who writes JavaScript (regardless of whether this is written on the client or server side), deals with SQL, or who happens to be interested in obtaining the full power available from DOS may wish to check out http://www.rs-freeware.org/free2.htm

Return to table of contents

10: Version history information

This is version 1.0, released on June 1, 2003.

This documentation was generated by Rog's FAQHack: a DOS/Windows-based freeware program that handles simple macro preprocessing with special support for FAQs and other structured HTML documents.

Return to table of contents

11: Acknowledgements

Thanks to Clesson Duke, for encouraging me to write this sytem.

Return to table of contents