Jump to content

Register users and add page same as username


Vineet Sawant

Recommended Posts

Hello all,

I'm putting first bricks of the social network that I've decided to make using ProcessWire.

But before I start I wish to (again) make it clear that I'm not a programmer, I'm more of a designer. I wanted to create this social network for over a year but the developers kept messing it up or charging too much so I decided to make it myself.

So, I've decided to go step by step with this. It'll be like mini facebook. Every user will have his profile page as a unique page.

Eg. http://example.com/vineet.sawant

He/she would have several things to do like posting a 140 chars long status, posting a long post, share images & links etc. 

For that I've thought of PW's page structure as follows:

Home - 

- Users(hidden page)

- - vineet.sawant

- - - - bio-page

- - - - status

- - - - posts

- - - - images

But for the first step, all I want to do is sign up user & dynamically create a page for him/her same as his/her username.

I've already tried FrontendUserProfilesPW module but it gives some error.

I wish to do this using default users api.

Can anyone guide me on how can I do this? Also most importantly, how do I create page dynamically and add specific template to it?

Thanks.

  • Like 1
Link to comment
Share on other sites

Hello vineonardo :)

I'm on a similar project as yours, and I'm not a skilled programmer too, I'm a front-end developer and I had same question you got right now.

I'd suggest you to have a look at this 2 topics (here and here), which were enough for me to setup a user registration form with PW API.

Finally, here is a post I made where you can find my code and other userful insights.

I'm going to follow this topic, if you got other questions ;)

Have fun!

  • Like 1
Link to comment
Share on other sites

Hi Vin, I'm guessing you'll want to handle this in the front-end using the API. There are quite a few posts out there with this same scenario.

In a nutshell you'll want to receive your form data and sanitize it, then create a new page and a new user with this data.

<?php 

// was form submitted
if ($input->post->my_submit_button) {

	// check for errors with form
	// if no errors, add a page and a user

	// first add the page
	$p = new Page();
	$p->of(false); // sets output formatting to false in order to change field values.
	$p->parent = $pages->get("/members");
	$p->template = "member";
	$p->title = $sanitizer->text($input->post->name); // sanitized your value from form and sets to title
	$p->other_field = $sanitizer->text($input->post->other_field);
	$p->save(); // save the new page
	

	// now add the user
	$u = new User();
    $u->of(false);
    $u->name = $sanitizer->username($input->post->username);
    $u->email = $sanitizer->email($input->post->email);
    $u->pass = $sanitizer->text($input->post->pass); 
    $u->save();
    $u->of(true);

}

?>

<form action="./" method="post">
	<!-- form stuff here -->
</form>
  • Thanks 1
Link to comment
Share on other sites

By default, output will be formatted according filters you may have defined with the field.  If you are modifying the values of a page's custom fields, you will need to call $page->setOutputFormatting(false) before doing so. This turns off output formatting, which ensures that saved values don't already have runtime formatters applied to them. ProcessWire will throw an error if you attempt to save formatted fields.

http://processwire.com/api/variables/page/

Link to comment
Share on other sites

Do we have to sanitize the password before storing?

There's no need to sanitize the password, as long as you've selected a "password" field in your template to store the input text associated. Processwire will handle that for you.

  • Like 1
Link to comment
Share on other sites

Is "sets output formatting to false" necessary since it's a new page/user?

It's not necessary, as anytime you create something new the output formatting state is off. Of course, there's no harm in a $user->of(false); call either, but it's not technically necessary.

Another way you can create a new user:

$u = $users->add('ryan'); 
Do we have to sanitize the password before storing?

The password is actually one thing (and probably the only thing) that you really shouldn't sanitize, because you don't want to change the password they entered. What you should do instead is validate it, making sure that it's a string with some length and at least [n] characters (whatever your requirements are). By validate vs. sanitize, I mean don't sanitize (clean) what they entered, but give them an error and make them enter something new if it doesn't validate. 

  • Like 3
Link to comment
Share on other sites

  • 3 weeks later...

Hi Vin, I'm guessing you'll want to handle this in the front-end using the API. There are quite a few posts out there with this same scenario.

In a nutshell you'll want to receive your form data and sanitize it, then create a new page and a new user with this data.

<?php 

// was form submitted
if ($input->post->my_submit_button) {

	// check for errors with form
	// if no errors, add a page and a user

	// first add the page
	$p = new Page();
	$p->of(false); // sets output formatting to false in order to change field values.
	$p->parent = $pages->get("/members");
	$p->template = "member";
	$p->title = $sanitizer->text($input->post->name); // sanitized your value from form and sets to title
	$p->other_field = $sanitizer->text($input->post->other_field);
	$p->save(); // save the new page
	

	// now add the user
	$u = new User();
    $u->of(false);
    $u->name = $sanitizer->username($input->post->username);
    $u->email = $sanitizer->email($input->post->email);
    $u->pass = $sanitizer->text($input->post->pass); 
    $u->save();
    $u->of(true);

}

?>

<form action="./" method="post">
	<!-- form stuff here -->
</form>

Hey,

I was studying your code, but I'm not understanding how the page is going to be linked to the user?

I mean to know if there's a way I can connect a special page to a user if the user signup is being managed by FrontUserProfile module?

Link to comment
Share on other sites

Hi Vineet,

All that will happen with this code is when navigating to members/joe-bloggs, that page will only be viewable if the current logged-in user's name matches the page name. 

Something like:

if ($page->name == $user->name) {

  // show page

} else {

 // 404

}

Which is why the page name and the user name that are created need to match.

Link to comment
Share on other sites

  • 1 month later...

@Ryan, just a question regarding Passwords:

What happens, if I'm entering a Password like "1234" (just fpr testing without any validation, but a $sanitizer->text(...) ) and create the user like @onjegolders mentioned?

My problem is: The user and its corresponding pages are created, but the user isn't able to log in. So there's absolutely no feedback what was going wrong or am I missing something? 

Regards,

Thomas

Link to comment
Share on other sites

Setting the password or any value directly through API won't give you any validations. This is a functionality the inputfield is usually doing and processed in a certain way (input).  If used on non interactive level the API doesn't restrict you from doing things you can't do or aren't allowed in the admin. So you ultimately you have to take care of those thing when using the API directly.

So while this works:

$u = new User();
$u->name = "test";
$u->of(false);
$u->pass = "1234";
$u->save();
 
"1234" isn't a valid password if PW's password inputfield would validate it, but it's correctly saved and works. Just not recommended to code public sign up form like this.
 
So you have to take care and add some checks to make sure its min-max length is ok and also that there's some at least 1 number and letter. 
 
If you're doing it manually and want to use the validation of the password field in PW you could use InputfieldPassword.
// "_pass" = the confirm password / actually two inputs
$p = new WireInputData(array("pass" => "1234", "_pass" => "1234")); 

$inputfield_pass = $modules->get("InputfieldPassword"); // load the inputfield module
$inputfield_pass->attr("name","pass"); // set the name
$inputfield_pass->processInput($p); // process and validate the field

// if any errors found
if($inputfield_pass->getErrors()){
    print_r($inputfield_pass->getErrors(true));
}
// or if coming from a form (POST) with the field names already "pass" and "_pass"
$inputfield_pass = $modules->get("InputfieldPassword");
$inputfield_pass->attr("name","pass");
$inputfield_pass->processInput($input->post); // process and validate the field

// if any errors found
if($inputfield_pass->getErrors()){
    ...
}

After all if you're setting a Password directly manually with the API you don't need validation, you are directly responsible to make the password strong.

  • Like 6
Link to comment
Share on other sites

 [...]

After all if you're setting a Password directly manually with the API you don't need validation, you are directly responsible to make the password strong.

Hhm, yep. I want to note that the PW-installation routine doesn't check that. I always use(d) password without numbers :-)

Link to comment
Share on other sites

  • 1 month later...

Setting the password or any value directly through API won't give you any validations. This is a functionality the inputfield is usually doing and processed in a certain way (input).  If used on non interactive level the API doesn't restrict you from doing things you can't do or aren't allowed in the admin. So you ultimately you have to take care of those thing when using the API directly.

So while this works:

$u = new User();
$u->name = "test";
$u->of(false);
$u->pass = "1234";
$u->save();
 
"1234" isn't a valid password if PW's password inputfield would validate it, but it's correctly saved and works. Just not recommended to code public sign up form like this.

Hi all, sorry to come back to this topic, but......

@Soma: I have no succes in using the code mentioned above. $u->pass = "1234"; is not working for me.

The user isn't able to log in, when I created him like this. But using $u->pass = "1.SomeThing"; works. So there might be some checking while creating the user, but I don't get any feedback at all what went wrong.

Any ideas?

Regards, Thomas

Link to comment
Share on other sites

Soma said, there's no checking at all when using $u->pass("1234");

But using it without any checks leads to a "no login for you"....

Using $inputfield_pass = $modules->get("InputfieldPassword");

works exactly as he wrote, that's correct. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...