How can I allow anonymous visitors to submit content?
https://drupal.stackexchange.com/questions/164199
-
29-09-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am working on a website that displays a list of historical events. Most of the events have been added by a small group of users that manage the site. However, I would also like to add the ability for anonymous visitors to suggest events to be added to the site.
I could make the node/add form available to anonymous visitors however this isn't ideal for several reasons:
- the standard submission form is quite complex and I would like to simplify this for anonymous visitors e.g. some fields aren't relevant I want to hide these.
- anonymous visitors should be able to submit partial information about the events and for an editor to add more details later.
- anonymous submissions need to be moderated before being published.
- I would like to guard against spam submissions.
How would you suggest I do this?
Is it possible to have two forms to add a new event, a more complex one for site users and a simpler one for anonymous visitors?
Solution
Create another content type, say "Event Suggestion", which contains only those fields you want anonymous users to submit suggestions for. Do not include the fields you consider as not relevant (and which you want to 'hide' for such anonymous users).
When creating such extra content type, for its fields just use the same fields as for the content type that you already have, say "Event". So the fields for this new content type (Event Suggestion) will be a subset of the fields that you already have for the content type already being used by your "small group of users" (= Event).
Related to permissions: allow anonymous users to create an Event suggestion, but do not allow Event to be created by anonymous users.
For spam reduction/prevention, use modules such as Honeypot, Mollom, Captcha, reCaptcha, etc.
Use the Rules module to finetune your workflow related to nodes of type Event suggestions being created (saved). To just mention a few options (the list is virtually unlimited):
- Unpublish such nodes (so that spam submissions that are not caught by spam prevention modules, never get shown without reviewing them first).
- Send an eMail msg to your small group of users who manage your site (something like "a new Event suggestion is waiting your approval".
- Set some kind of "confirmation message" when an Event suggestion is beiing submitted (like "Thank you for your Event suggestion, it will be reviewed soon ...").
When your small group of users who manage your site then review such Event suggestion, they should use the Node Convert module to convert an Event Suggestion into an Event. Using the Rules module you could then automatically "publish" such event also. After such node got converted, your small group of users who manage your site could then complete what you described as "add more details later on".
Other modules like Flag and/or Content Access might further enhance the various features / functionality you might be looking for. E.g. as an alternative to working wirth "unpublished" content, you could work with content that is published, but can only be accessed by authorized users.
Bottom line: Rules and Node Convert could get you pretty close, possibly further enhanced with Flag and Content Access.
Note: Adding the View unpublished module seems like an interesting improvement also, i.e. to grant access for specific user roles (such as editors or reviewers) to view unpublished nodes of a specific type.
OTHER TIPS
Simple Interface for Anonymous User
Create custom form submit of what will call node_save() with values from form fields. Custom form will be simple and will have only limited fields to be shown to anonymous user.
Content Moderation by Editor.
In order to have moderation on content you can install workbench_moderation module. With help of this module you can setup different moderation states on any content type, also it will give dashboard to users with permissions so if in your case you have Editor as role to publish nodes created by anonymous user, you can setup draft as the intermediate moderation state before it gets published, now when anonymous user submits the custom form, a node is created programmatically and is in draft state, Editor role will have permission to access Draft dashboard which will be coming out of workbench_moderation module and will list all nodes in draft state, all you need is to give permission to editor role to move nodes from draft to publish.
Spam Protection
In order to avoid spam you can have captcha on your custom form, install recaptcha module. Your custom form will have field like
$form['captcha'] = array(
'#type' => 'captcha',
'#captcha_type' => 'recaptcha/reCAPTCHA',
);
Reference - How do I add reCaptcha to a custom form?
I see two simple options:
1) create a completely different content type for the submission, and use something like Node Block
This module allows you to specify content type(s) as being a block. This allows the content managers of the site to edit the block text and title without having to access the block administration page. Users only need edit access to that node in order to edit it.
to display the submission over an edit form of the final content, so the moderators can simply copy and paste from the top of the screen to the bottom, and then make changes as they like
OR
2) Use Field Permissions
The Field Permissions module allows site administrators to set field-level permissions to edit, view and create fields on any entity.
Features
Enable field permissions on any entity, not just nodes. Role-based field permissions allowing different viewing patterned based on what access the user has. Author-level permissions allow viewing and editing of fields based on who the entity owner is. Permissions for each field are not enabled by default. Instead, administrators can enable these permissions explicitly for the fields where this feature is needed.
and restrict the view and edit of the fields you don't want anonymous users to access.
Either way you could then create a flag system: a boolean value only moderators can see and change (again using Field Permissions) which tells the system if the submission has been accepted or not (for either content type)
With the Flag system you can use Views
You need Views if
You like the default front page view, but you find you want to sort it differently. You like the default taxonomy/term view, but you find you want to sort it differently; for example, alphabetically. You use /tracker, but you want to restrict it to posts of a certain type. You like the idea of the 'article' module, but it doesn't display articles the way you like. You want a way to display a block with the 5 most recent posts of some particular type. You want to provide 'unread forum posts'. You want a monthly archive similar to the typical Movable Type/Wordpress archives that displays a link to the in the form of "Month, YYYY (X)" where X is the number of posts that month, and displays them in a block. The links lead to a simple list of posts for that month.
To display a list of pending submissions to moderators, based on the flag value
For the Anonymous content creation, you will want to look at some form of spam control, be it captcha, or form edit timing - but there are lots of resources available for determining what's best for your situation elsewhere.
For Drupal 8, we developed subtonode (https://github.com/owenmorrill/subtonode) to push a webform submission to a node of a specific content type (ours was "bulletin").
Permissions are such that we can't let submitters edit their submissions at this time. Once the node is created with subtonode, anonymous users have no backend/edit access to it.
You can use anonymous_posting module https://www.drupal.org/project/anonymous_posting
