Front end access to a page

[quickjeff]

Hi Guys, 

I have a membership site that I am building.  The site is simply composed of user profiles, basically like craigslist personal ads. 

I need to give the member access to a their profile ad/page for editing of fields located on their ad/page.  This access will be given to paid members, once the page has been added by me.  

The user should have access via a user name and password.

They will only be able to edit their ad/pages fields I have with their information.

Question 1:

Is this possible on ProcessWire?

Question 2:

Any guidance to where I can start? (Modules, API etc.)

Question 3:

I have a check box field on the profile ads/pages which I control that allows me to deactivate the page if it is un checked, I also want this to block their access. Can this be done?

Any help on this would be great! As always, everyone has been great with helping me find solutions to my questions. 

Thanks!

[kongondo]

Qn1: Not out of the box, but yes...using the PW API and some PHP.

Qn2: Normally a good place to start is by searching the forums using Google. This question has been asked so many times b4: http://bit.ly/Nk0NsS

Qn3: Yes; with some coding, not out of the box...

For editing, you probably don't wan to give the users access to admin, so you can use the Module Fredi for front-end editing..

[celfred]

Hi there,

@quickjeff : Sorry for my message that may seem off-topic for you, but I think kongondo answered your questions already and pointed you in the right direction (as always with kongondo!)

@kongondo : I'm jumping on your answer pointing to using Fredi. I guess you have to give a page-edit permission to members (at least on the fields you want the user to be able to modify) and what then if the member hard-code the url to get to the admin panel (for example by adding /processwire/ _by default_ to the homepage). He'll have access to the back-end and see everything (without being able to modify things, of course). Is there a way to use Fredi and block the access anyway? Or is this something that I care about and that I really shouldn't because it's a "false" issue?

Thanks

[kongondo]

@celfred..

I'm not sure I follow. As far as I can see, Fredi does not reveal the link to Admin...I'm probably misunderstanding...

Another possibility is to present the user with a form with fields that match their page's fields. On submit, their changes would be captured (AND SANITIZED!) in the POST variable using $input->post and $sanitizer. This will probably be easier than using Fredi...but, this depends on the fields. I don't think all PW fields can and/or a suitable to be used/mirrored in the frontend. 

You'll get better answers by Googling

[celfred]

@kongondo

Thanks for this follow-up. Fredi doesn't reveal the link to Admin. You're right. I'm just imagining a case when a user would try to go through anyway. If it is default PW installation, he could try and type '/processwire/' in the URL and if Fredi is used, then the user has page-edit role, so he can see the whole website tree (he can't modify it). But he can see, for example, names of other members, totla number of members and so on... Which, in my opinion, he shouldn't.

Anyway, I don't want to 'polllute' quickjeff's post If this discussion has sense, maybe it should continue in my previous post or in Fredi's module discussion. And I guess Ryan answered this as well :

The admin is intended for administrators or site editors, so it's not a place to send general users to. It sounds like you might be having these users modify a profile page? This is stuff you can easily code using the PW API on the front-end, and that's the recommended way to do it.

[quickjeff]

@kongondo

Thanks for the update on this!  I have installed fredi, added the fields I want the user to be able to edit, so far so good!  

Here is my next move, I need to create a login link somewhere on the profile page for the member to login, then they are able to access only that page, no other page.  How would I go about doing this? I also wan to disable their access if I have disabled the page, which I already have a check box setup to disable a page.

Any guidance on my next steps to accomplish this?

The template name I used is

profile. 

The field I used for a checkbox to make a page disabled is

type_disabled.

Thanks.

[quickjeff]

Seems like I figured it out.  Took a little work but after reading through the forums and the help of kongondo as well as the 2 modules, I think I have it!

[uliverse]

@quickjeff: I would be interested to know if and how you were able to implement paid memberships.

[quickjeff]

@uliverse, 

Haven't setup the auto paid memberships yet.  Currently have its a manual process.  :-(

[uliverse]

OK. Thanks!