Jump to content
anttila

Is it possible to check if the password is correct without PW?

Recommended Posts

We have many booking calendars made with ProcessWire (own databases) and I want to do a web app (SQL) which allows user to log in. First, the user chooses the right calendar and then (s)he have to log in. The user can be from any of those calendars and the app is not running on ProcessWire (it can if necessary). So if there any way to make sure that the user has rights to the calendar (s)he tries to log in and if the password is correct.

Is there any better way to do this? I could also use PIN codes or something, but those need to be encrypted too.

  • Multiple ProcessWires
  • A lot of users per ProcessWire
  • Everyone can log in to the web app (when using right calendar)

Share this post


Link to post
Share on other sites
1 hour ago, bernhard said:

Do you know about bootstrapping pw? https://processwire.com/api/include/

Are you saying that I can just find a right ProcessWire and include its index.php to my web app, and I have full access to its pages and users? I can't but wonder and love the chances of this platform. Thanks! This is so awesome work.

  • Like 7

Share this post


Link to post
Share on other sites

Is it possible to use this kind of technique for multisite (different databases and site folders, same core and index.php).

How I can tell ProcessWire which site is the right one after required index.php (it probably uses our demo site as default). There is no point to do own install for all the sites because those are almost identical, but I need to test if the user has the correct password so I need to use right ProcessWire's database / config.php / site folder. My app knows which website and database is the right one, so can I pass it to ProcessWire somehow or do I have to use right config.php for that?

Share this post


Link to post
Share on other sites
11 hours ago, wbmnfktr said:

Maybe this is interesting as well:

Multi-site: https://processwire.com/api/modules/multi-site-support/

Multi-instance: https://processwire.com/blog/posts/multi-instance-pw3/

Depending on your needs, existing sites and setups this could become handy.

I know how to use multisite system, I have it already working. What I need to know is can I somehow use that index.php to confirm that the username and the password are ok (all sites have different users). There are multiple databases under one index.php, so how to tell PW which one is right when using external PHP code.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By VeiJari
      Hello forum, this is my first security related post, so I'm a bit of a newbie.
      I understand that when I have direct front-input from user I should sanitize the input, but how about when I use a secret key for showing a API for a third-party supplier? Should I sanitize the input->get() key?
      I've tested this issue and I tried ?key=<?php echo $page->field; ?> And without adding any sanitization it comes back: /?key=<?php%20echo%20$page->field;%20?>
      So can I rely on this, or should I still use $sanitizer just in case?
       
      Thanks for the help!
    • By DooM
      Hello guys,
      I'm trying to figure out how to sync fields and templates between staging and production environments.
      I've found Migrations module by Lostkobrakai, but with use of it all the fields and templates must be created by API, which is kind of uncomfortable.
      I also tried ProcessDatabaseBackups module which can export only certain tables, but I don't think it's the best practice to do that.
      How do you guys solve this problem? It's very annoying to setup everything three times (dev, staging, production).
      Thanks a lot :)
    • By iipa
      Hi everybody!
      I have been reading about Multisite, but it kinda bugs me that every topic talks about having both admin and database same for multiple sites.
      I have a project where customer tests it by adding content to the site, while I still need to do some changes here and there in code, maybe some in database. If something crashes for a while, customer can't keep testing, which is a bit problematic.
      Is there any way that I could have two separate versions of one site ("production" and development) that share the same database, but are otherwise independent? Just the thought of having to migrate database every time I want to show client something new gives me anxiety 😁
    • By Falk
      Hi!
      After temporarily using Module Image Extra, which I completely removed, I had some troubles with my imagefield (unused table columns).
      So I just imported a previous version of this column via PHPmyAdmin, which worked pretty well.
      Anyways, in Processwire Backend all image tags are gone, although they are OK in the database.
      Other image related things work (thumbnail, title etc are OK).
      Is there any way to recreate all the images or something? Or may this be an cache-related issue?
       
      Thanks in advance 😃
       
    • By Mats
      Hi!
      On a clients multilanguage site, upgrading to latest PW version, started to generate the following exceptions:
      SQLSTATE[42S22]: Column not found: 1054 Unknown column 'pages.has_parent' in 'where clause' (in /wire/core/WireDatabasePDO.php line 480) SQLSTATE[42S22]: Column not found: 1054 Unknown column 'pages.has_parent' in 'where clause' (in /wire/core/WireDatabasePDO.php line 480) And this message by the newly created page:
      Name already in use! A sibling page (id=15877) is already using name "my-page-name" for language: English
      Searching the forums the only thing i've found seems related to multi language: 
       
       
×
×
  • Create New...