Leaderboard

I'm not sure about your term "delete field"? Are you sure you want to delete the "field" and not just empty the value or remove the entry from a repeater list? Because if you are talking about a repeaters fields and you delete one of the fields it has, it will be gone for all entries. If I understand correctly you only want to "remove" an entry in the list (repeater)? Reading here http://processwire.c...ypes/repeaters/ there's no "delete", but there's a remove method to remove and certain entry in a repeater. Also repeaters are "pages" and behave like a pagearray and you can use find(selector) and get(selector) to find entries. So the code would be like this: $name = $pages->get($id)->title; $found = $pages->find('created_users_id='.$user->id.',guests.guest_name='.$name); foreach ($found as $f) { foreach ($f->guests as $g) { if ($g->guest_name == $name) { $f->guests->remove($g); // remove the entry from the repeater $f->save(); // without saving page, nothing will happen } } } Or this maybe $name = $pages->get($id)->title; $found = $pages->find('created_users_id='.$user->id.',guests.guest_name='.$name); foreach ($found as $f) { $entries = $f->guests->find("guest_name=$name"); // do a find on repeater, like with pages foreach ($entries as $entry) { $f->guests->remove($entry); // remove the entry from the repeater $f->save(); // without saving page, nothing will happen } } Or if you are sure there's only 1 page and 1 entry at any time to be found anyway $name = $pages->get($id)->title; $found = $pages->get("created_users_id=$user->id,guests.guest_name=$name"); // get the 1 page if($found) $entry = $found->guests->get("guest_name=$name"); if($entry) { $found->guests->remove($entry); $found->save(); } All written in browser, so not tested.

To check if there's really results you can check num_rows if ($results->num_rows) { // outpute the results } else { // no results }

I'm planning to add a tags option to fields/templates, per a thread with Renobird the other day. This will provide a basic categorization that one can use, that doesn't get in the way for the people that don't need it. Once you start using tags, the fields/templates will be grouped together when the admin list. The fields/templates will still all exist in the same namespace, but this will provide a visual grouping on the admin side for those that want it.

Its $users like $pages. Forget var dump:-) Also the cheatsheet is your friend ;-) http://processwire.com/api/cheatsheet/

You can do it if using Inputfields from the API, but not from Setup > Fields > some_checkbox_field. Though I'm not sure what you mean about a double negative. ProcessWire is designed to be friendly to schema changes. We assume that you are probably not defining everything you need ahead of time. As a result, it's preferable to use a checked checkbox field to alter a default behavior, not to enforce one. Lets say you have hundreds of pages using some template, and you decide to add a new checkbox field called enable_nav that you use to determine whether or not to show navigation on a page. You could say that you wanted that checkbox to be checked by default... great, but that only applies to pages created from this point forward. All your existing pages didn't have the field before, and are not checked. So now you have a new problem. Now consider the the alternative, which would be to make your checkbox do the opposite. Instead of calling it enable_nav, you call it disable_nav. Add it to your template, and your existing pages are kept in the proper default state. New pages created from this point forward will check a box to bypass a default state rather than enable one. Using this strategy scales well, enforces consistency and don't break existing systems when you add a new field.

First of all, you'll get more descriptive error messages by turning debug mode on in /site/config.php. It's very useful while developing, but you shouldn't keep it on after a site has been made public -- in error situations like this it'll output way more information than you really want visitors to see. Problem here seems to be that you're using PDO commands while what you should be using are mysqli ones with $db->query(), since it actually utilizes mysqli under the hood. More information about this can be found here: http://dev.mysql.com....choosing.html. Another (minor) problem is that you're using event as a constant at that last row (that $rows[0][event] should be $rows[0]['event'].) With following changes your code should work properly. Note that I've also added extra check to the end of the script to make sure that some events are actually found. Originally you were only checking if a mysqli_result object was returned.. which doesn't necessarily mean that any data was found $day = date('d'); $month = date('m'); $table = "timetable"; $rows= array(); $results= $db->query("SELECT event,time,location FROM $table WHERE day = '$day' AND month = '$month' ORDER BY month ASC"); if ($results) { // loop through the result set and inspect one row at a time while ($row = $results->fetch_array()) { array_push($rows, $row); } } if (count($rows)) { $event = $rows[0]['event']; } else { // no data found. you might want to add some kind of error message here. } ...

Closing php and opening php again many times, cluthers the readibility. Think the code below is much more human readable: <?php $output = ''; $class = 'item'; foreach ($galleries as $gallery) { $status = ''; if ($gallery === $galleries->first()) $status .= ' active'; $class .= $status; $output .= "<div class='{$class}'> <a href='{$gallery->url}'> <img src='{$gallery->images->first()->url}' alt='' /> <h6>{$gallery->title}</h6> </a> </div>"; } echo $output; ?> (ps did not test it)

I've completed the plugin, you can see the demo here and download it here. What's new compared to v1.3.4 mobile & tablet support (iPhone, iPod, iPad, Android, BlackBerry) CSS3 optimizations iframe fix dropped IE6-7 support for shadows & opacity. Usage Check out the API at official site. There is a new option showIframeLoading (true/false; default:true) that shows loading indicator (spinner) while loading iframes. You can use plugin as standalone, these optimizations are not tied to ProcessWire CMS (but are implemented for it). Meta Don't forget to put: <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" /> in the HEAD of the document to make it work on mobiles & tablets.

Here are some more recent 2.3 additions that are currently in the dev branch. This list is far from complete, but covers the more interesting ones: Admin Theme The default admin theme now handles long titles better. If you are editing a page with a really long title, it will dynamically reduce the size of the headline in the admin theme so that it can fit. After a certain point, if it still won't fit, then it will wrap it. If you try to make a headline as long as a paragraph, then you are on your own though. Inputfields Added the 'side-by-side' (inline) option to Checkboxes and Radios Inputfields. This lets you have them all display on one line, floated, rather than placed in columns. To do this, specify "1" for the optionColumns setting. Added ability for PageEditImageSelect to select images from within repeater fields on a page. Update InputfieldDatetime to support i18n jQuery UI translation files with the datepicker. TinyMCE: Add config option to ProcessPageEditImageSelect enabling you to turn off the population of width/height attributes in TinyMCE inserted images. This is desirable for responsive images. To configure this go to Modules > Process > Page Image Select. Sanitizer Added new $sanitizer->entities($str); method, which is the same thing as htmlentities($str, ENT_QUOTES, 'UTF-8'); Added $sanitizer->emailHeader($str); method that does what it says (sanitizes an email header). $sanitizer->url(); will now optionally accept query strings. Comments Fieldtype Add new 'redirect after post' option which makes the Comments form perform a redirect after a comment is submitted. This prevents the possibility of duplicate submissions and enables the user to see their posted comment immediately (when applicable). To enable, see the 'details' tab of your comments field. You can now search the contents of comments fields from $pages->find() selectors in the same way you search text fields. Example: $pages->find("comments*=some text"); Added new 'website' field option to comments fields. To enable, check the box in your comments field 'details' tab. Added Gravatar support to comments fields. To enable, select the Gravatar rating in your comments field 'details' tab. Added option to not send notifications to admin when comment is detected as spam. Some of us were getting dozens of emails a day from spam bots making the rounds through our sites, so this prevents that from annoying us. Added new gravatar() method to Comment class that returns the Gravatar image URL (this is a convenience for those implementing their own comment output). File and Image Fieldtypes Add new 'tags' option to FieldtypeFile. This gives you the option of specifying a 'tags' field with each file/image. From the API, you can then retrieve a files/images by tag using $page->files_field->getTag('some-tag') to retrieve first match or $page->files_field->findTag('some-tag') to retrieve all matching files. Previously you could only retrieve files/images by filename or index. You can also use "[field_name].tags=[tag_name]" in $pages->find() type selectors. To enable tags for any files/images field, see the checkbox on the field details tab. (Note that this also affects InputfieldFile, Pagefile, Pagefiles, FieldtypeImage, InputfieldImage, Pageimage, Pageimages). Add support for secured pagefiles. Now unpublished or non-public pages may have their files (in /site/assets/files/...) protected from direct URL access. For existing installations, you need to add $config->pagefileSecure = true; to your /site/config.php in order to enable this capability. See also $config->pagefileUrlPrefix and $config->fileContentTypes in /wire/config.php, if interested. Files become secured when the page is not accessible to the 'guest' role. Functions/Methods Add new methods to WireArray class: replace(), findRandom() and findRandomTimed(); Name of the last one may change to findRandomInterval before 2.3 is final. Add new wireRmdir() function, to go along with the existing wireMkdir(). The wireRmdir() function works the same as PHP's rmdir() except that you can specify a second boolean argument to make it recursive. This essentially results in a directory prune function that not just removes the directory, but everything in it, recursively. Be careful with this! Add new wireSendFile($filename); function that works as a file passthrough script. This is used by the new secured file functions, but also available for your use should you want it. Add new wireRelativeTimeStr("timestamp or date string"); function that provides a relative time string like "1 minute ago" or "10 hours ago" or "5 minutes from now" type string.

well, don't worry if your php is minimal, with PW you can get pretty far with just knowing how to: 1) set variables: $variable = whatever; 2) echo: echo "any text, but usually html like <div> stuff in my div </div>"; echo $page->body; 3) using foreach: foreach ($pagearray as $oneofthepages) { echo "<div>{$oneofthepages->body}</div>"; } just those with the api will do great things for you, my friend

This is perfectly fine. I think that's what most people do. Though those fields, pages and templates are the bare minimum foundation for nearly any site I build, so it's rare that they get deleted here. I guess you could say that the default profile is the blank profile for some of us.

What is the error? Possibly u need to turn off output formatting for the user before manipulating. $u->of(false).

I'm assuming that logo is an image field. Edit your 'logo' image field settings. On the details tab, what is the max number of images set at? For something like a logo, I"m going to assume you've set that at 1, since you typically wouldn't have more than 1 logo. If that is the case, the code to output it would be: <img src='<?=$page->logo->url?>' alt='Logo' /> If your max number of images is set at 0 (no max) or something more than 1, then you'd have to determine which image you want to pluck from the logo field. Lets say you want to grab the first image out of it: <img src='<?=$page->logo->first()->url?> alt='Logo' /> Or lets say you want to show them all: <?php foreach($page->logo as $file) echo "<img src='$file->url' alt='' />"; ?>

if logo is an image field, then by default it is an array of images. In the field settings (details), you can change the max number of images from 0 (unlimited) to 1, and this will make your 'logo' field into a single image instead of an array. For the array, you'd have to grab the first image by: $logo = $page->logo->first(); or you can get a resized version with: $logothumb = $page->logo->first()->width(100); or $logothumb = $page->logo->first()->height(100); -> 100 being the pixel size Then, to output that logo, you can do something like: echo "<img src='{$logothumb->url}' />"; If you set your image field to max 1 image, then you can skip the first() step and just use: $logothumb = $page->logo->width(100); and maybe even just do it all at once with: echo "<img src='{$page->logo->url}' />"; or <img src="<?php echo $page->logo->url ?>" /> see more info here: http://processwire.com/api/fieldtypes/images/

Hi I am pretty new to processwire and it is really growing on me, even though I am not a programmer. One of the things I really appreciate is the freedom and simplicity of the administration structure. However, I think there are a couple of things that could help navigation, and one of those is categorization of templates and fields. This is not intended to be categories for the layout of the site or categorization of data, but simply an optional way of keeping things sorted in the backend if the site gets a bit on the large size. In affect, it would just add another way of sorting fields and templates. For instance, you may want to group fields together that are associated with a repeater, or you may want to group fields together that you tend to use as all-purpose fields like "title" and "image" Anything you wanted really. For many sites, this might be a little bit of overkill, but if a site has a huge number of fields or templates, then this could be useful. Not a major request, just a "nice to have" sort of thing. Joss

The file size shown for Sample.pptx is pretty large. You may need to bump up PHP's memory_limit. Can you tell what the memory limit is currently? One way to see it is to upload a PHP file to your server that has this: <?php phpinfo(); Then view the URL in your browser and locate the PHP ini settings. You should see a line that refers to memory limit. You want this to be 128 or higher. I have mine set at 256.

Taking the first example from the CrossSlide site, you could do it like this: <script type='text/javascript'> $(document).ready(function() { $('#placeholder').crossSlide({ sleep: 2, fade: 1 }, [ <?php $o = ''; foreach($page->images as $img) $o .= "{ src: '$img->url' },"; echo rtrim($o, ","); ?> ]); }); </script> I'm stuffing it into the variable $o before echoing it just so that I can trim off the trailing comma, which prevents a JS error in some browsers.

Nope. But i pefer to use the fields and templates as a start so never ever do it. :-P

File uploads through public forms is where things can get dangerous if not handled really carefully. Adding email to the mix makes it even more so. When a client brings up this need, I always see if the need can be solved in some other fashion, like asking the user to email the file, or specify a URL, etc. I consider public file uploads kind of a last resort if nothing else will work, so generally avoid them when possible. Recognize that you will get viruses and exploit scripts sent to you through your public upload form (even if limiting it to images). Given that, it's important to make sure those files could never end up in a spot on the server where the user could access them by direct URL. It's also important to make sure that the client is prepared to deal with this sort of stuff. In terms of actual implementation, I think this may be outside the scope of what we can safely cover in full, but there are a lot of articles that include details of how to do this (search google for "file upload php email attachments"), such as this one at Sitepoint. Another option is to use Form Builder, which has page creation and safe file upload capabilities built-in. It doesn't email files, but it does email secured links to them (which is a more complex, but potentailly safer way to go vs. emailing the actual file).

It really depends on the server. This is a question for your hosting provider. In terms of ProcessWire, these particular permissions apply only to files in /site/assets/. The default permissions are going to work anywhere, but are not safe in shared environments that aren't completely jailed from one another. I don't know anything about your hosting environment, so can't suggest without more information. But one thing you can do is to test different permissions to find what will work. If 0700 for dirs and 0600 for files will work, that might be a good place to stay. But unless your server is using suexec, that won't work. If that doesn't work, see if 0755 for dirs and 0644 for files will work. This is a starting point, but you want to find the most secure solution for your server environment. The best way to check if something works is to create a page with a files field on it and upload a file. If the file upload does not work, then you've likely not found the right permissions. Once you have found the right permissions, make sure to go back and apply it to directories/files that already exist in /site/assets/, including the /site/assets/ directory itself. This is starting to sound like a good idea for a new module... The most common ProcessWire hosting environment is a dedicated one (server or VPS.) If that is also your environment, then you won't have to worry so much about locking down the permissions. But if you are using a low budget/shared hosting environment, then tweaking the permissions is definitely a good idea. Either way, your hosting provider will be the best to recommend what is right with their servers.

There are a growing number of JQuery HTML5 editors out there that are worth looking at. Aloha has already been mentioned and the Developer is really up for getting it into other systems and can be pretty helpful. Redactor is nice, but it is not free. wysihtml5 is a straight forward choice and there is a version for Bootstrap that would be interesting if the admin was using Boostrap. Mercury is an amazing editor, but would need a bit of thought as visually it works as a top browser bar. It works on rails, but can be used without at well. There are a lot of others out there. I think it depends what you want, really. If you are using textarea fields and only want very basic formatting, then these JQuery editors are very good indeed. But, if you want all singing and dancing, which is fine for a personal site, then CK and TinyMCE are still the ones. Offering a selection would certainly be useful! joss

Hiya Pete, Think we're definitely on the same wavelength, I'm trying to sort out my own "standard" site profile so I can turnaround cheap sites, which at this moment in my new career is all I'm really likely to get. I think most of the fun in using PW is coding things yourself but definitely something more complicated like an estate agency website. If it's well made, I'd definitely pay for it if it gave me a head start in creating a project. The price you mentioned sounds very reasonable. The good thing about this is that it would be built in PW and therefore if I had to tinker with it, I ought to understand a little about what's going on! Think a lot of the community will say that what they don't want is it becoming saturated with hundreds of inferior profiles. The ones that I'd be very interested in are for things like events, bookings, shop, estate agency/ car website.

I like this topic I had a similar grumble recently where I swore never to use Wordpress again and it was for slightly different reasons, but the end result was that it took me 2 minutes to install a certain module but then literally 2 days to work out what was conflicting and then make horrendously different stylesheets work together. I've done a lot f websites in that price range mentioned earlier. If it's a simple brochure-style site with homepage, services, gallery, testimonials and contact page then it's easy enough to build in PW to that budget and in that timescale. Once you've built a gallery and testimonials system (both just a bunch of sub-pages, so the work is displaying them in the template file so they look pretty) you've then got code to use elsewhere with minimal tweaks. The problem does come with larger requirements. I would be hard-pressed to get all the fields and search functionality of an estate agent (real estate) website set up so quickly so that could well come down to building it te first time and creating a profile afterwards for future sites but I would certainly need to take more time over it and charge the client more. It would definitely be worth it though! As mentioned in another thread the only problem I have then if it's something relatively complicated like that is that I'd be inclined to keep the code for myself or at least charge a small fee for the profile as otherwise you run into a slight problem of anyone with basic knowledge can easily install a full-blown estate agent website and you can end up with those relatively tech-savvy clients just playing companies off against each other for the cheapest implementation - a game I don't want to play. I'm probably just thinking the worst because I have a slight headache and that makes me grumpy - there certainly aren't thousands of people in the UK yet that know about ProcessWire so we'd hardly be stepping on each others toes, plus when I start thinking about this I think about that free Shop module and it makes me feel bad Putting my business hat back on, if I built an amazing site profile for estate agents and sold it for £20 (random figure), would people buy it? I think as ProcessWire has evolved there are the beginnings of a profitable ecosystem for module/profile authors where something is complex enough to warrant a fee that is reasonable and web developers don mind paying for to save many hours of work, but as with all these things it falls down the minute someone develops a similar module/profile and gives it away for free Sorry, I went off on a wild tangent there...

I don't know the drawbacks of this, but I just managed to do make the dynamic stylesheet proposed on css tricks work has a pw template. So, this is how to do it (someone stop me if this is a bad bad thing to do): 1. Create a template file css.php and put all your css code inside. On the top of the file put this code <?php header("Content-type: text/css"); ?>. 2. Create a "css" PW template with that file. 3. Create a "css" page and give it the "css" template. 4. Link to the stylesheet like this <link rel="stylesheet" href="<?php echo $pages->get('/css/')->url; ?>">. 5. use the PW API on your stylesheet Extra: 6. put some fields on the "css" template and use them on your css Examples: the color picker field for colors; an image field with your style pictures (background, logo, etc). edit: onjegolders was faster! edit2: not the same answer. Mine is more interesting

Do you want to build a form to edit data on a page or is it on another page? Is it possibly a PW user? So it's not the "page" you're looking at, like in the admin backend edit screen? In this case you could load the edit screen of PW with /processwire/page/edit/?id=$page->id and add a &modal=1. If you load that edit link using fancybox iframe feature you get something like adminbar module. So if you enter /processwire/page/edit/?id=1&modal=1 you'll get the edit form without the layout around. Of course this is only for trusted users, as you could remove the param and edit other things like publish, hidden etc. But it's a nice alternative to edit pages data without leaving the frontend page. But if you are wanting a community user to edit his "profile data", which isn't necessary on the page he's viewing or only part and you will code a form to edit the data he can, you simply make a file with the view profile and for edit profile. In your page template for the profile you then simply include one or the other depending on the url segment. Or make the two views they're own physical page. Kinda obvious it would look like this with segments and include. if(count($input->urlSegments) == 0){ include("view_profile.php"); } else if($input->urlSegment1 == 'edit'){ include("edit_profile.php"); } In a edit template to edit profile user data, I for example do something like this: if($user->isLoggedin() && $user->hasRole('beratung-user')) { // logged in $form = $modules->get("InputfieldForm"); $form->action = "./"; $form->method = "post"; $form->attr("id+name",'profil-form'); $field = $modules->get("InputfieldText"); $field->label = "Last Name"; $field->attr('id+name','last_name'); $field->required = 1; $field->value = $user->last_name; $form->append($field); $field = $modules->get("InputfieldText"); $field->label = "First Name"; $field->attr('id+name','first_name'); $field->required = 1; $field->value = $user->first_name; $form->append($field); $field = $modules->get("InputfieldEmail"); $field->label = "E-Mail"; $field->attr('id+name','email'); $field->required = 1; $field->value = $user->email; $form->append($field); $field = $modules->get("InputfieldText"); $field->label = "Username"; $field->attr('id+name','name'); $field->required = 1; $field->value = $user->name; $form->append($field); $field = $modules->get("InputfieldPassword"); $field->label = "Password"; $field->attr("id+name","pass"); $form->append($field); $submit = $modules->get("InputfieldSubmit"); $submit->attr("value","Save"); $submit->attr("id+name","submit"); $form->append($submit); // process form if($input->post->submit) { $form->processInput($input->post); if(!$form->getErrors()){ $user->of(false); // outputformatting off $user->name = $sanitizer->username($input->post->name); $user->first_name = $sanitizer->text($input->post->first_name); $user->last_name = $sanitizer->text($input->post->last_name); if($input->post->pass; != ''){ $user->pass = $input->post->pass;; } $user->email = $sanitizer->email($input->post->email); $user->save(); $user->of(true); // outputformatting on $session->message("Profile saved"); $session->redirect("./"); // redirect to get rid of double post when refreshing } else { // error message are already added by form->processInput() call } } $out .= $form->render(); } else { $out .= "<p>You don't have permission to view this page.</p>"; } ?> <section class="clearfix"> <h1>Edit your Profile</h1> <?php if(count($notices)) include($config->paths->templates . "inc/notices.inc"); ?> <?php echo $out; ?> </section>

See here how you can create the variables with pw data to use in javascript http://processwire.com/talk/topic/803-tinymce-insert-image-modal-window/#entry20546

Yes, method should be post. Since you will be submitting to the same page, all the code will go on the same template. You might want to do this as the action: <form id="orderForm" action="<?php echo $page->url ?>"> Now we have to test for the submission of the form. This test can be used also inside the form to output errors. I will use the radio button for this, since it will have a value for sure if ($input->post->premium) { // form was submited. Here is where we will collect all the information }else{ // you don't have to use the else, but here is the place to output something for when the form wasn't submited } // form should go outside the if statement To collect the information we will have to know where to send it to. I don't know if you decided on those things but, are you going to create a page for each transaction? Or a page for each client? Here I will assume you will want to save a page for each transaction. For this you will have already prepared, a template "transactions" with all those fields (customer_name, email, quantity, addons, premium), and I will assume that you will have all the transaction as children of the page "/order/". if ($input->post->premium) { // create a new transaction page $tr = new Page(); $tr->template = $templates->get("transaction"); $tr->parent = $pages->get("/order/"); // fill the fields with the collected and sanitized info. See here about sanitation in pw [url="http://processwire.com/api/variables/sanitizer/"]http://processwire.com/api/variables/sanitizer/[/url] $name = $sanitizer->text($input->post->customer_name); $email = $sanitizer->email($input->post->email); $quantity = (int) $input->post->quantity; // (int) makes sure that the input is a number $add_ons = $sanitizer->text($input->post->addons); $premium = $sanitizer->text($input->post->premium); $tr>of(false); // this was wrong on my fist post. must be false $tr->customer_name = $name; $tr->customer_email = $email; $tr->quantity = $quantity; $tr->add_ons = $add_ons; $tr->premium = $premium; //save the page $tr->save(); // send the email to you $subject = "new buy"; $message = "{$name} bought {$quantity}. His email is {$email}"; mail('youremail@example.com', $subject, $message); // here you can redirect to a confirmation page, or to the same page for another buy } // code for the form This was only the basic. You should also perform some validation in the php code, and check if everything is ok before creating the page. The most common way is to use a errors array.

The Form builder is great for building forms easily and quickly, but for a one time form it's not that difficult to make a customized one that plays along pw fields with great flexibility. It's really just a matter of building the form as you want in html, and selectively save the submited information in each field with the pw API: $page->of(false) $page->product_id = (int) $input->post->id; $page->quantity = (int) $input->post->quantity; $page->client_address = $sanitizer->text($input->post->address); ... $page->save() The price update you can do with jQuery. I prepared something very simple to show how http://codepen.io/anon/pen/apBmI The thing that can be more difficult is the payment, but all depends on what system or systems you will choose. If you choose paypal for instance, it can be as simple as having a submit with the address that they supply to you, and receive a confirmation of payment done. It's not my intention to make it look very easy (it's not), but it's not as difficult as it might seem. edit: corrected from $page->of(true) to $page->of(false), thanks to onjegolders.

Thank you both, this is very helpful. I appreciate your help and LOVE ProcessWire!

Absolutely! Here is a simple, but functional example for both login and logout templates. You would want to replace the markup with your own markup or includes. Likewise you'd want to change the redirects to redirect to whatever page you want them to go to after completing a login. /site/templates/login.php: <?php if($user->isLoggedin()) { // user is already logged in, so they don't need to be here $session->redirect("/somewhere/"); } // check for login before outputting markup if($input->post->user && $input->post->pass) { $user = $sanitizer->username($input->post->user); $pass = $input->post->pass; if($session->login($user, $pass)) { // login successful $session->redirect("/somewhere/"); } } ?> <html> <head> <title>Login</title> </head> <body> <form action='./' method='post'> <?php if($input->post->user) echo "<h2 class='error'>Login failed</h2>"; ?> <p><label>User <input type='text' name='user' /></label></p> <p><label>Password <input type='password' name='pass' /></label></p> <p><input type='submit' name='submit' value='Login' /></p> </form> </body> </html> /site/templates/logout.php: <?php $session->logout(); ?> <html> <head> <title>Logout</title> </head> <body> <h1>You have logged out</h1> </body> </html>