Jump to content

Search the Community

Showing results for tags 'login'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. I would like to redirect users from a specific role group to a specific URL upon login. Any thought on how to accomplish this?
  2. Hi everyone I've hit an error i can't seem to find a solution for. I build this website (www.petervigh.com) last year with processwire, and this week this error started showing up when my client tried to login: Catchable fatal error: session_regenerate_id(): Failed to create(read) session ID: memcached (path: nfs01.cl2000.ams1.nl.leaseweb.net:11211) in /srv/psa03/petervigh.com/httpdocs/wire/core/Session.php on line 728 Recoverable Fatal Error: session_regenerate_id(): Failed to create(read) session ID: memcached (path: nfs01.cl2000.ams1.nl.leaseweb.net:11211) (line 728 of /srv/psa03/petervigh.com/httpdocs/wire/core/Session.php) The site has been up and running for many months and i have done no maintenance or updates on it since it went live and has been working flawless so far. I've had no luck with googling this error, and I've no idea how to go about this. This is my first time posting on this wonderful forum that has proven a very valuable source of troubleshooting since i started working with processwire a year ago. hope to receive some valuable tips and bear with me for my less than great knowledge of php in general Jonathan
  3. Hi everyone: I do not know if someone before using ProcessWire with AWS CloudFront, currently I have problems with the login, it does not work for any reason, when I check in the logs generated by ProcessWire, it only indicates This request was aborted because it appears to be forged. (in /wire/core/SessionCSRF.php line 190). I have allowed CloudFront to forward all headers, cookies and allow all methods (GET, POST, PUT). When I perform the same process from the ip server if it works or from the balancer.
  4. Hello, just installed and the link "login to admin" takes me to a blank page. the url is processwire/processwire but there is not processwire directory inside the processwire directory. What is this supposed to be pointing to?
  5. Sure this has been asked a million times but cant find a simple answer. Trying to set the page to redirect to after login in the front end - i.e. not on the admin login page. some reason this works for super users but not normal users redirecting to a page which is viewable by members not guest role users. $showLoginError = false; if($input->post->user && $input->post->pass) { $username = $sanitizer->username($input->post->user); $pass = $input->post->pass; try { $session->login($username, $pass); // redirect user $session->redirect("/events/"); } catch (\Exception $e) { $showLoginError = true; } }
  6. I have a site built with a user role 'member' that can view some extra 'member area' pages. I have a user with the role 'editor' that has been given 'user-admin' permission who can successfully generate new users. However, when they try to add / change a 'member' role password to a 'member' role they get the error: Unable to generate password hash Does anyone know how to assign the 'editor' role the permission to generate a password for other user types? Thanks!
  7. I have my own register-login-profile/account page system. I know that Ryan recently released an official module for this, but there may be an advantage to having my own custom solution. Anyway, it seems to work well. But, I have been getting annoying Russian hack attempt accounts, mostly as 'guests' that don't bother to use the activation link. Most if not all of these accounts have this in the name field: No Subscription Detected Not Recognized ...which makes them relatively easy to filter out from real name accounts. Where do these "strings" come from? I can't find them in Processwire's source. Are the hackers using some kind of tool that inserts these for some reason? Or is it a PHP thing? Does anyone recognize them? Does it mean they are using some kind of backdoor instead of the registration form? In general, what are the best practices to secure my registration form, prevent spam accounts, etc.? I'll start with adding a check to block IP addresses that try to register with 'Not Recognized' etc. in the name field I guess.
  8. Sorry folks if this is obvious to most and I missed something in the docs or here in the forum, but, I have cheerfully used code such as: if($user->isLoggedin()) { echo " loggedIn"; } else { echo " notLoggedIn"; } in PW 2.x sites. Now on a v3 site I am finding even the most basic test to see if the viewer is logged in or `isSuperuser()` is not giving an error but simply doing nothing - not evaluating. For example, the top of a typical template reads: <?php namespace ProcessWire; if($user->isLoggedin()) { echo " loggedIn"; } else { echo " notLoggedIn"; } I have `debug` turned on. Is there something obvious I have missed, perhaps a step required for v3 that's not required for v2 to allow access to $user data? Thanks for any pointers.
  9. Hi. I have a membersite that sends out emails to users with links to specific pages. When the user clicks on the link in the mail and the browser opens the site, the user is redirected to the login page. However, I would like for the user to be redirected back to the page they opened from their mail. I don't see how this can be done in Processwire. I have a template and in the Access settings, I have chosen to redirect to the login page. There is on tag that I can include with {id}, but that returns the ID of the login page. I would like to have a tag that returns the ID of the original page the user has opened. Maybe a tag called {id_original} could be a way to solve it. Is there some other way I can filter the redirect process?
  10. I hope this is the correct place to post this. I currently am building a "dashboard" that displays some stats etc, but also handles login/logout with a form. Currently, when a user uses the form on the homepage, they redirected (if the credentials are correct) to the backend of processwire. However, I was hoping to direct the user back to the dashboard and display an alert (for now until I get a library to handle this). I got it somewhat working if I dont redirect the user. However, if I refresh the page, the alert still "pops up". Does anyone know of a way to redirect to the home page, but then display an alert? My Code to login: <?php if($input->post->user && $input->post->pass) { $user = $sanitizer->username($input->post->user); $pass = $input->post->pass; if($session->login($user, $pass)) { // login successful $session->redirect($dash); } } ?>
  11. How to track user active time based on session login and logout. Basically, I want to get the report that each user login time and logout time/session inactivity time. Is there any module available or we can use any hooks to simulate the above. Thanks in advance for your support.
  12. Hi all, Im working on a photography website where users can comment and like on photos (which are pages). I solved the comment part with the comment module, but I also want a 'like' system. Which includes; - Like a photo. Like count on the photo adds up. - If user has a few favourite photos, i would like a 'Favourites' section on the user profile page, with all of the liked photos. - Apart from the likes, i would like to have a page 'Most liked photos of this week', so each week the community can see the photos with the most likes that week. I came across the Like plug-in, but i would like to have a little more tailored solution and keep it to logged-in users only and be able to see all of the liked photos of a user. Any idea how to keep track of the likes and build a 'Most liked this week' page? Help would be appreciated! Thnx.
  13. In a PW file, I successfully login a $user using $session->login(). I later redirect to a different PHP file. It's not a PW template file so I do the appropriate include("/path/to/processwire/index.php"); But then I try to get the logged in $user->name and it always gives me 'guest'. And if I set a $session value at login, in the redirected file my values are lost. I am new to PW so I am surprised. What am I missing? Thx
  14. Hi all guys! I've a BIG problem here and hope you can help me to solve it. Suddenly yesterday my PW installation stopped letting me to log in. I can access the front-end, but each time i try to log into the back-end it gives me "This request was aborted because it appears to be forged." I already have searched into the forum and tried every possible solution, without any result In order: site/config.php is readable site/assets/{cache,logs,sessions} is present and 0755 (and setting them to 0777 doesn't make any difference) tried to backup site/assets/sessions directory and make another new empty one nothing is changed with user:group permissions setting $protectCSRF, $sessionChallenge, and $sessionFingerprint to false the error disappears but the login page still remains making the sessions table empty doesn't make any difference enabled/disabled the www. redirection in .htaccess, just in case but nothing enabled $debug and no error removed cookies restarted the server Anybody has an idea?
  15. Have set up a front-end registration form and it all seems fine but rather than giving them a link to "Click here to login!", I'd like to log them in automatically. I was thinking that as the login takes place after the new user has been saved that it ought to work but it doesn"t seem to be working at the moment. Is this even achievable without a page reload? Here is my code currently: <?php include("./header.inc"); $headings = " <div id='register'> <div class='row'> <div class='twelve columns'> <h3>Register with us</h3>"; $form="<form action='./' id='registration' method='post'> <div class='row'> <div class='four columns'> <label for='username'>Username</label> <p class='help'>Please ensure your username contains no spaces</p> <input type='text' name='username' value='{$input->post->username}'> <label for='first_name'>First name</label> <input type='text' name='first_name' value='{$input->post->first_name}'> <label for='last_name'>Last name</label> <input type='text' name='last_name' value='{$input->post->last_name}'> <label for='email'>Email address</label> <input type='text' name='email' value='{$input->post->email}'> </div> <!-- /.four columns --> <div class='four columns'> <label for='company_name'>Company name</label> <input type='text' name='company_name' value='{$input->post->company_name}'> <label for='company_url'>Company URL</label> <input type='text' name='company_url' value='{$input->post->company_url}'> <label for='company_phone'>Company phone</label> <input type='text' name='company_phone' value='{$input->post->company_phone}'> </div> <!-- /.four columns --> <div class='four columns'> <label for='pass'>Password</label> <p class='help'>Please ensure your password is at least 6 characters long and contains at least one digit and one letter</p> <input type='password' name='pass' value='{$input->post->pass}'> <label for='pass_confirm'>Confirm password</label> <input type='password' name='pass_confirm' value='{$input->post->pass_confirm}'> </div> <!-- /.four columns --> </div> <!-- /.row --> <input class='button success small' type='submit' name='submit_registration' id='submit'> </form>"; $message = "Please fill in the form below if you would like to register in order to receive exclusive access to our brochures and latest information."; $usernames = array(); foreach ($users as $u) { $usernames[] = $u->name; } if($input->post->submit_registration) { if (empty($input->post->username) || empty($input->post->email) || empty($input->post->pass)) { $message = "Please fill out all fields marked with a *"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif (in_array($input->post->username, $usernames)) { $message = "Sorry, that username is already taken, please choose another."; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif (filter_var($input->post->email, FILTER_VALIDATE_EMAIL) === FALSE) { $message = "Please include a valid email address"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif (!preg_match("/[0-9]/", $input->post->pass) || strlen($input->post->pass) < 6) { $message = "Please ensure your password has at least one digit and is at least 6 characters long"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } elseif($input->post->pass !== $input->post->pass_confirm) { $message = "Please ensure that your passwords match"; echo $headings; echo "<h5 class='error'>$message</h5>"; echo $form; } else { echo $headings; $message = "Congratulations! You have successfully registered and have been logged in"; echo "<h5 class='success'>$message</h5>"; $u = new User(); $u->of(false); $u->name = $sanitizer->username($input->post->username); $u->first_name = $sanitizer->text($input->post->first_name); $u->last_name = $sanitizer->text($input->post->last_name); $u->company_name = $sanitizer->text($input->post->company_name); $u->company_url = $sanitizer->url($input->post->company_url); $u->company_phone = $sanitizer->text($input->post->company_phone); $u->email = $sanitizer->email($input->post->email); $u->pass = $sanitizer->text($input->post->pass); $u->addRole('registered'); $u->save(); $u->of(true); require_once("./scripts/PHPMailer/class.phpmailer.php"); $form_contents = array( 'username' => $sanitizer->username($page->username), 'First name' => $sanitizer->text($input->post->first_name), 'Last name' => $sanitizer->text($input->post->last_name), 'Company name' => $sanitizer->text($input->post->company_name), 'Company URL' => $sanitizer->url($input->post->company_url), 'email' => $sanitizer->email($input->post->email), 'Phone Number' => $sanitizer->text($input->post->company_phone), ); $to_name = "My company"; $to = "me@me.com"; $subject = "New registered user"; $form_message = ""; foreach ($form_contents as $key => $value) { $form_message .= "$key: $value\n"; } $from = "$form_contents[email]"; $from_name = "$form_contents[username]"; $mail = new PHPMailer(); $mail->CharSet = 'UTF-8'; $mail->FromName = "$from_name"; $mail->From = "$from"; $mail->AddAddress ($to, $to_name); $mail->Subject = "$subject"; $mail->Body = "$form_message"; $mail->Send(); $name = $u->name; $pass = $u->pass; if ($session->login($name, $pass)) { $session->redirect("../"); } } } elseif ($user->isLoggedin()) { echo $headings; echo "<h5>No need to register " . $user->get('first_name|name') . ", you are already are! <a href='{$config->urls->root}'>Click here</a> if you would like to return to the homepage.</h5>"; } else { echo $headings; echo "<h5>$message</h5>"; echo $form; } ?> </div> <!-- /.twelve columns --> </div> <!-- /.row --> </div> <!-- /#register --> <?php ?> <?php include("./footer.inc"); Thanks.
  16. Hello Community, I have read that I get no support on GitHub. For this reason I am here for the second time. The thing is that I enabled a fresh Processwire installation and under https://processwire.wpzweinull.ch/processwire no page is found. The admin login is thus not possible. How can I fix the problem? Thanks in advance, Alexander
  17. Greetings PW community - I've got a site that I inherited, but brought it down to a local dev server (Ubuntu) in order to make changes before pushing those to the live version. I have the database connection setup and content displays as expected however I can't login. Environment info: ProcessWire 3.0.33 PHP 7 MySQL Ubuntu server Admin url changed (to clients name ) Initial scenario: I can access the admin login page just fine, however when I was submitting the request I was receiving the CSRF login error ("This request was aborted because it appears to be forged"), so I went and found the login troubleshooting guide: https://processwire.com/docs/tutorials/troubleshooting-guide/page2. I took the following steps to debug: Verified that there is enough space left on HD to create the session file. Verified that the /site/assets/ subfolders exist and set permissions to 777 for testing Verified config.php is set to at least 644 (it is 777 now on my dev box for testing purposes) Disabled CSRF, session fingerprinting & session challenge in config.php I have installed an original copy of ProcessWire 3.0.33's index.php After this, I stopped getting the forged attempt error, but now it was processing the login form submission and coming back to the login page w/o any errors or success message. So I enabled some logging: Enabled debug in config.php (not receiving any on screen errors) Tailed apache error logs Through tailing the logs I found that it was having an issue with sendmail (trying to use it, but sendmail wasn't installed). So I installed sendmail and configured it. Now it takes forever (approx. 4.5 minutes) to processes, and I'm not receiving any errors in the apache logs, and no errors are reported on screen when it finally completes/timesout.
  18. quick question, can the $username in login() be email OR username, or anything else?
  19. Hello, Newbie question here. I'm rebuilding my existing website with PW, it's a game where people can guess the winners of races. I used to have a "players" table. Those are registered players, I used to identify them through their login/password, and when it matches, I give them access to the website. No rocket science. So now with PW, I'm building my sign-up form and I'm trying to create a new session when a new user sign up. I'm retrieving user/pass from the sign-up form which has been posted before but : if($session->login($user, $pass)) { // login successful $session->redirect(elsewhere); } else echo "failed"; ... fails everytime. Do I have to use something like : $u = new User(); $u->name = "bill"; $u->pass = "billpwd"; $u->addRole("guest"); $u->save(); ... before doing a session->login('bill', 'billpwd') ?? (I've just checked, it works, so I guess this is the good way to do it ?) I already have my players table so perhaps I can have the minimum in the PW's table and keep my players info in my historical table ? ... Or I can add all information I need into PW but I'd like to understand where it is stored. Last question, if there is a PW matching between "user" and "session", I need to give to the session->login function the password not hashed. I'm using the password_hash php function, any problem with that ? Thanks
  20. Hello, I cannot login to the admin panel : ProcessLogin: admin - Login failed I tried to follow this post : and add : $u = $users->get('admin'); $u->of(false); $u->pass = 'superSecretPassword'; $u->save(); but I get : Notice: Trying to get property of non-object in /var/www/html/esad-gv.from-to.www/processwire-master/wire/core/PagesEditor.php on line 246 Notice: Trying to get property of non-object in /var/www/html/esad-gv.from-to.www/processwire-master/wire/core/PagesEditor.php on line 249 Notice: Trying to get property of non-object in /var/www/html/esad-gv.from-to.www/processwire-master/wire/core/PagesEditor.php on line 258 Fatal error: Call to a member function numChildren() on null in /var/www/html/esad-gv.from-to.www/processwire-master/wire/core/PagesEditor.php on line 382 Any ideas ? Thank you
  21. Hi, I know this may be trivial question but please forgive newbie. I would like to implement a set of pages that each collect email address from the target audience and in exchange sends small pdf attachment to the customer with perhaps WireMailMailgun?
  22. Hello, In my web app I am needed an event calender separate for each registered user of the site. I used Luxicul calender. Every thing is working fine except the auto sign in into calendar when user sign in into site. I have installed the calender in site folder. and then as per there documentation. <?php $session->lcUser = $caluser; ?> //$caluser is the email of user <iframe id="lcmini" src="<?php echo $config->urls->site ;?>/luxcal/lcmini.php"></iframe> I have write this code users.php template(Into template folder ).In above code I have put user->email in to session variable. thats all I got in there documentation.After debugging I found that my session variable is not passing into the page of Iframe. so it is not sign in automatically . Any help is much appreciated. Thanks In advance Syed Furquan
  23. Did someone try to use Auth0 for social and/or passwordless login in PW? And is there somebody interested in porting their Wordpress plugin (that looks awesome) to ProcessWire? https://wordpress.org/plugins/auth0/ I have not the resources right now but I can help testing it. This is how their plugin works: Regular flow There are three different scenarios that could take place. First, a user that not exists in WordPress and it does in your Auth0 account try to log in. A user access your site's login page. (s)he completes his credentials (it could be an existing user in your Auth0 account or a new signup). Auth0 will authenticate the user The plugin gets the user profile. The plugin check if there is a user in the WordPress database with his/her Auth0 user_id. It can't find any, so it will check if there is a user with the same email. It can't find ant, so it will create a new user and log him/her in. Second, a user that exists in WordPress (this user was created before you installed the plugin) and in your Auth0 account try to log in. A user access your site's login page. (s)he completes his credentials (it could be an existing user in your Auth0 account or a new signup). Auth0 will authenticate the user The plugin gets the user profile. The plugin check if there is a user in the WordPress database with his/her Auth0 user_id. It can't find any, so it will check if there is a user with the same email. There is a user with the same email. It checks if the Auth0 user has verified the email. If the user has not verified the email, the process end here with an error message If the email was verified, it will update the user with the Auth0 user_id and log the user in. Third, a user that exists in WordPress (this user was created in the scenario one, or updated in the scenario two) and in your Auth0 account try to log in. A user access your site's login page. (s)he completes his credentials (it could be an existing user in your Auth0 account or a new signup). Auth0 will authenticate the user The plugin gets the user profile. The plugin check if there is a user in the WordPress database with his/her Auth0 user_id. It finds the user, and logs him in. Data migration When data migration is enabled, the plugin will expose two secure endpoint to let Auth0 authenticate the users. This endpoints are secured with a secret token and only available to the Auth0 IPs. You can change this in the plugin advanced settings. The login flow is the following: A user access your site's login page. He has an account in your wordpress site so (s)he proceds to login using this credentials. Auth0 can't find a user with this credentials in your account, so proceds to call your migration endpoint. The plugin find a user with the same username/email and verifies the password. Auth0 creates the user in your account and authenticate the user successfully.
  24. I've been using PW for about 2 or 3 years but have never really done anything with users (until now) apart from setting up users and roles for the background. I now have a project that requires following and am looking for some high level advice and an audit of my thinking. Client needs to set up users in the Admin and associate a private page with each user. Each user will have a different private page which we'll create. Users need to login via a form and be automatically directed to a private page Each user will only access a single private page BUT a private page may be associated with serveral users Requirements (for Client) A: Client needs to setup a user(s) in the admin. - No problems there and I'll just use the Access pages etc and create usergroups, roles and users. B: Client needs to associate a private page with a user - I'm thinking a user is just a page so I can add a field to a user admin template and let Client select the private page Requirements (for front end user) C: User needs to login via a web form - I'm pretty sure I can do this via the API and some sample code around the forums D: User should them be automatically redirected to a private page client setup in step A. Note: Each user has a different (and only 1) private page - I'm thinking that my login code has a reference to a variable ($privateURL) and once they're logged in, they get directed to that My biggest unknown is what might be best.... Should I create a PageSelect field within each private page which allows client to cherry pick which users can access this page OR Should I add a field called PrivateURL to the user templates and associate pages to users that way? Thanks for any advice.
  25. A client of mine is having an issue whereby Processwire is not remembering their logged in status. As part of the site, they are sent an email telling them there has been an update on the site. When they click the link, Processwire determines that they are not logged in and sends them to the log in page. When they log in, they get sent to the home page, rather than the link they clicked in the email. Does Processwire not create a session cookie? It seems fine for me - I can visit /processwire hours later and it remembers me. Also, if the user has purposely logged out, is there a way to remember the requested URL and redirect to it once the user has logged in?
×
×
  • Create New...