Non admin users login

[onjegolders]

I'm trying to get started on user logins. I have read quite a few topics but came up against a small problem.

On my header.inc file I have the following code:

<ul id="login">

<?php if ($user->isLoggedin()) { ?>

<li>Welcome, <?php echo $user->name; ?></li>
<li><a href="<?php $session->logout(); ?>">Logout</a></li>

<?php } else { ?>

<li><a href="<?php echo $config->urls->admin; ?>">Sign-in</a></li>
<li>Register</li>

<?php } ?>

</ul><!-- /#login -->

My only aim at the moment is that once logged-in the site will know that the current user (session?) has certain permissions so that when they click on "member-only" pages they will have access.

Currently I can get them to login via the admin backend (I may want to change this to my own custom login template) and then the page they are on shows "Welcome, username) so they are logged-in, however when I click to another page they seem to be logged-out again?

Is this default behaviour? Should I be going about this in a different way?

Thanks guys.

[ryan]

<li><a href="<?php $session->logout(); ?>">Logout</a></li>

The problem is that line above. You are calling $session->logout(); rather than providing a URL to logout. Since you are calling the logout() function, it is logging them out. What you want to do instead is link to some other page that logs them out. Something like this:

<li><a href="./?logout=1">Logout</a></li> 

Then in your template file, or header include, or anywhere before you output anything, you'd want to check for that URL:

if($input->get->logout) $session->logout(); 

[onjegolders]

Thanks Ryan, seems to be working fine now

[onjegolders]

Hiya Ryan have been trying to extend my login somewhat. I now have a login form opening in a modal box:

<ul id="login">

<?php if ($user->isLoggedin()) { ?>

<li><?php echo $user->name; ?></li>
<li><a href="./?logout=1">Logout</a></li>

<?php } else { ?>

<li><a href="<?php echo $config->urls->root; ?>login" class="login">Sign-in</a></li>
<li>Register</li>

<?php } ?>

</ul><!-- /#login -->

this part works fine. Here is my login.php and login_form.inc templates as per another of your posts:

Login.php

<?php
if($input->post->login_submit) {
	// process submitted login form
	$name = $sanitizer->username($input->post->login_name);
	$pass = $input->post->login_pass;
	if($session->login($name, $pass)) $session->redirect("./");
			else echo "<h2>Login failed, please try again.</h2>";

} else {
	// display the login form
	include("./login_form.inc");
}

Login_form.inc

<form action="./" method="post" id="login_form">

<label for="login_name">Username</label>
<input type="text" name="login_name" autofocus>

<label for="login_pass">Password</label>
<input type="password" name="login_pass">

<input type="submit" id="submit" name="login_submit" value="login">

</form>

The problem I noticed was that when I'm returned to the home page, it still shows "sign in" (indicating that the form didn't work). Would you have any ideas why it may not be working? Thank you again.

[ryan]

Are you outputting anything before the login() or redirect() functions? The login() function sets a cookie and the redirect() function sends a header, so those things need to happen before any output as started. Meaning, this stuff would need to go at the very top of your page, before any <html>.

[onjegolders]

I'm not quite sure how to avoid it to be honest.

I have login links in the top area of my page, ie: somewhere after the logo, which when clicked opens the login template. How could I arrange it so that this was at the top of my page?

Here is my header.inc to explain better perhaps:

<?php if($input->get->logout) $session->logout(); ?>

<!DOCTYPE HTML>

<html lang="en">

<head>
<meta charset="UTF-8">
<meta name="description" content="">
<meta name="description" content="">

<title>Site name | <?php if ($page->rootParent->title != $page->title) {echo $page->rootParent->title . " | ";} ?><?php echo $page->title; ?></title>

<!-- stylesheet(s) -->
<link rel="stylesheet" type="text/css" href="<?php echo $config->urls->templates?>styles/style.css" />
<link rel="stylesheet" type="text/css" href="<?php echo $config->urls->templates?>scripts/colorbox.css" />

<!-- scripts -->
<script src="<?php echo $config->urls->templates?>scripts/jquery.js" type="text/javascript"></script>
<script src="<?php echo $config->urls->templates?>scripts/cycle.js" type="text/javascript"></script>
<script src="<?php echo $config->urls->templates?>scripts/colorbox.js" type="text/javascript"></script>
<script src="<?php echo $config->urls->templates?>scripts/scripts.js" type="text/javascript"></script>

<!-- fonts -->

<!-- Typekit  -->

</head>
<body>

<div id="container">

<div id="top" class="black_gradient">

<div id="logo">
<h1><a href="<?php echo $config->urls->root; ?>">Site name</a></h1>
<h4>Tel: 01234 567 890</h4>
</div><!-- /#logo -->

<ul id="login">

<?php if ($user->isLoggedin()) { ?>

<li><?php echo $user->name; ?></li>
<li><a href="./?logout=1">Logout</a></li>

<?php } else { ?>

<li><a href="<?php echo $config->urls->root; ?>login" class="login">Sign-in</a></li>
<li>Register</li>

<?php } ?>

</ul><!-- /#login -->

<ul id='nav'><?php

// Create the top navigation list by listing the children of the homepage.
// If the section we are in is the current (identified by $page->rootParent)
// then note it with <a class='on'> so we can style it differently in our CSS.
// In this case we also want the homepage to be part of our top navigation,
// so we prepend it to the pages we cycle through:

$homepage = $pages->get("/");
$children = $homepage->children;
$children->prepend($homepage);

foreach($children as $child) {
$class = $child === $page->rootParent ? " class='active'" : '';
echo "<li><a$class href='{$child->url}'>{$child->title}</a></li>";
}

?></ul>

<div class="clear"></div>

</div><!-- /#top -->

[diogo]

What Ryan means is that it has to be in the code before anything is echoed, you can always store things in variables and echo them later in the code

[onjegolders]

What Ryan means is that it has to be in the code before anything is echoed, you can always store things in variables and echo them later in the code

Thanks Diogo, but as I'm calling the login template from a link that someone clicks in ul#login, is it even possible to link to this before any output?

[diogo]

I think that the login link will have to point to another page that does the login before any output. Or to itself, but in this case you have to put the login function on the top, inside a conditional that checks if you came from that link (with a get or a post). To do this without loading the page again, you will have to use ajax.

I don't know if there is another way...

[onjegolders]

The link does go to another template where the logic does appear before any html (see login.php above) but the link itself on header.php is obviously within the page's html.

Is this not possible, just wondering how other people manage their logins?

Thanks again Diogo for helping

[ryan]

but the link itself on header.php is obviously within the page's html.

That's not a problem. Technically it's no different than any other link.

One thing you may find useful is to do a $session->redirect() to another page immediately after a login or logout (and of course before any output). That way you are starting on a clean slate and don't have to think about the state of the $user API var.

[onjegolders]

That's not a problem. Technically it's no different than any other link.

One thing you may find useful is to do a $session->redirect() to another page immediately after a login or logout (and of course before any output). That way you are starting on a clean slate and don't have to think about the state of the $user API var.

Thanks Ryan, as you can see in the login.php, I am including a redirect:

<?php

if($input->post->login_submit) {

// process submitted login form

$name = $sanitizer->username($input->post->login_name);

$pass = $input->post->login_pass;

if($session->login($name, $pass)) $session->redirect("./");

else echo "<h2>Login failed, please try again.</h2>";

} else {

// display the login form

include("./login_form.inc");

}

[onjegolders]

I seemed to have got it sort of working by using an $out variable to avoid outputting content before the logic. I'm still having some issues with the redirects though.

With

$session->redirect('./');

I get sent straight back to my login page, I eventually tried ../ and that seemed to do the trick but not quite sure why?

Also, ideally I would like to be able to send them to the page they were on before heading to the login page, though I'm not sure if that is possible?

[diogo]

if you store every page in session, you can redirect them there

on every template:
$session->from = $page->url;

on the login.php:
$session->redirect($session->from);

[apeisa]

Or put the redirect url as a get param:

<a href="/loginpage/?goto=<?= $page->url ?>">Login</a>

[renobird]

In case anyone is interested, Here's how I built a custom PW login.

http://processwire.com/talk/topic/107-custom-login/#entry11290

I took Ryan's example and built on it from there. It handles the login/logout, and automatically redirects the user back to the original page they requested after they are logged in.

[onjegolders]

if you store every page in session, you can redirect them there

on every template:
$session->from = $page->url;

on the login.php:
$session->redirect($session->from);

Thanks Diogo, this was very useful