tpr

Thanks - I couldn't get the $ppid variable either (similarly to $loginForm). Anyway, I think it's not that important, I can get the protected parent manually too and get content from it (even multilanguage). It took some time I understood the module's workings but finally it's up and running the way I wanted, thanks for the help!

In case you would like to try another module:

Thanks, that wasn't clear to me reading the module description/notes fields. Perhaps I was thinking in a "redirect mode" instead of wireRenderFile so I thought all other fields will come from the protected parent and not from the actual child page. Maybe it's only me but perhaps a warning text could be added to the description field to not to place other dynamic content to this template file? Btw, if I would like to add multi-language content before the $loginForm do I need to use $myLoginPage->body or is there another way? (this was the purpose of using $page->body in my login template, having a dynamic text coming from the admin).

Child page protection is kinda working OK but there's an issue if you select a login template and use fields that are also available on the child pages, eg. $page->body, which is quite common. Sensitive data may be rendered (eg. with $page->body), because the actual (child) page fields are passed to the login template file. One needs to check $page->loginForm (or $loginform, $page->protected/protected()) and display the form or other page content. In such cases a redirect to protected parent (the login page) would be safer. Btw you uploaded the "ProtectedMode" module here, is that intentional?

I'm not sure how the custom grid feature will be implemented, we have to wait to see it in action. The sidebar is something I would really miss.

There was a blog post that the new admin theme will have some kind of sidebar if I remember right. Is this idea rejected?

Adding a field manually should work, thanks. As I wrote, memory selectors would make pagination to fail, but with the extra field it will be OK. I only need to add it to the protected parent and use has_parent. I'll check the child issue without latte too. I need the redirect because if one tries to access a child page by knowing its url, I would like redirect him to the protected parent. This page has different template with the login form.

Thanks! Search results I can easily exclude the protected pages now but I guess there's no way I could exclude them in the initial $pages->find() query, where search results are populated. This leads to improper number of results if I exclude pages when outputting the results list, or if I filter them in memory beforehands then pagination will broke. This is no surprise because $page->protected is not a page field so I cannot use "protected=''" in the selector. I've tried using addHookProperty but $pages->find() doesn't respect that ($page->protected worked fine though). Anyway, I can live with it - but please correct me if I'm missing something. Child pages In case of child page protection I found that if I set no template in the module settings, then the protected child page loads with the loginForm, which is the expected behaviour. This unfortunately doesn't fit my current needs because I would prefer only one login page for members, so that's why I do a redirect: if ($page->id !== $memberLoginPage->id && $page->protected() && !($user->isSuperUser() || $user->hasRole('member'))) { $session->redirect($memberLoginPage->url); $this->halt(); } Would it be possible to have an option under "Protect child pages" like "Redirect to protected parent on direct access"?

Try using $Events->reverse() in your foreach loop.

Yes, it depends. Perhaps only its title should be findable though I guess this adds another level of complexity. Does the module add a page property eg isProtected to let devs handle this? Sorry I can't look into the code atm. What's more important imo is to exclude child pages from search, if they are also protected. Perhaps the abovementioned isProtected property could help here too.

Sure, they could only have a peek In this particular project it's not relevant if users could find the Members Area or not, but in general yes, it should be findable.

Ok, I'll check what could cause child pages being accessible, probably a few days later. If it's not too complicated I would welcome an option to exclude protected pages from being found. If I lock a room for a reason I don't want anyone to sneak in through the window

Great, thanks! Everything's working fine at first look. $p->loginForm = $loginForm; // added to allow support for latte It's not exclusive to Latte as you can use it anywhere in regular PHP templates. Today I noticed an issue with protecting child pages. Links to child pages under a protected page was accessible to everyone, even though I've checked to protect child pages (at Page level). I've added session redirects to solve it temporarily but I'm curious if this happens for others too. Also the site search could find content from protected child pages. Is the module taking care of this or should developers handle such cases?

To the recently added staging bar. In AOS for example it partly covers the sidebar so items loose hover state when you move the mouse over the bar.

@adrian How about adding "required" html5 attributes to username/pass input fields? Plus updated the above screenshot to a non-stock login form

Thanks guys - should I add a github issue?

Around line 672 when checking template files you could add the $config->templateExtension too, eg. if (!$item->isDir() && in_array(pathinfo($item, PATHINFO_EXTENSION), array(wire('config')->templateExtension, 'php', 'inc'))) { This allows selecting twig/latte/etc files from the module settings. However I'm still trying to figure out why $loginForm is not available for me (using Latte). Surely it's something in my code, but any chance to add $loginform to page, etc. $this->wire('page')->loginForm = $loginForm (before line 291)? This would allow using the form anywhere in the selected template. I'm using this now and it's working fine.

Admin styling: adding "pointer-events: none" could be useful I think.

Thanks, but even the format supplied the date is not null: echo wire('sanitizer')->date('2017/02/31', 'Y/m/d'); // 2017/03/03 echo wire('sanitizer')->date('2017-02-31', 'Y-m-d'); // 2017/03/03

I just noticed these outputs: echo wire('sanitizer')->date('2017/02/27'); // 1488153600 echo wire('sanitizer')->date('2017/02/31'); // 1488499200 - FAIL echo wire('sanitizer')->date('2017/02/32'); // NULL Shouldn't the sanitizer return NULL on the second line? If it were looking for a valid date format only then the third line should return a timestamp too.

Have to find a project where I can use PageTables

FYI I commited the fix (no version change). Only AdminOnSteroids.css needs to be replaced.

Good catch - it's the double span issue inside the A element. I think it's safe to apply line-through on the inner span too, will update soon.

This is sooo art direction. Please make it optional

You could just use Tracy Debugger's Console Panel to create templates. I often use it for creating fields and assign to templates.