adrian

Page Protector

Recommended Posts

Just make sure you run Modules > Refresh

Ah, okay, I've missed that. Thanks for the clarification - and sorry for my silly "bad idea" statement...

Share this post


Link to post
Share on other sites

The module (somehow) stopped working.

I installed it and (like always) it worked like a charm. I used the somewhat older version but after restarting my localhost it stopped working. 

I deleted it, installed the newer version, and even tried to use a different login template. Nothing seems to work. Is this a frequent error that's easy to solve? And might it be in conflict with the MVC-ish Approach I am using? (https://processwire.com/talk/topic/4892-an-almost-mvc-approach-to-using-templates/).

I deleted the cache, the sessions and I even set the specific role "superuser" to the page. Yet I can just visit the Home page without having to login.

It might be a real rookie/newbie mistake I'm dealing with, would be sweet if anyone knows how to solve it.

Share this post


Link to post
Share on other sites

@jrtderonde - I have never had a problem with it not working, so you'll need to help debug this. I find it weird that it worked until you restarted. 

Can you post a screenshot of the module config settings page and if you are using the login template approach, could you please post the code from that template. 

Share this post


Link to post
Share on other sites

Thanks for your reply. My settings are here: http://imgur.com/xjfRhvM.

The code I am using for the login template are below:

<?php

    // Variables
    $css = Wire("config")->urls->templates .  "assets/css/styles.css";
    $favicon = Wire("config")->urls->templates . "assets/img/favicons/favicon.ico";

?>
<!DOCTYPE html>
    <head>
        <title>Login</title>
        <meta charset='utf-8' />
        <link rel='stylesheet' href='$css' type='text/css' />
        <link rel='shortcut icon' href='$favicon'>
    </head>
    <body class='login'>
        <div class='full-size'>
            <div class='container'>
                <div class='protected-mode-container'>
                    <div class='top'>
                        <h1>Inloggen</h1>
                    </div>
                    <form class='protectedModeForm' action='./' method='post'>
                            <p>Lorem ipsum dolor sit amet, con sectetuer adipiscing elit. Aenean commodo eupio ligula eget dolor.</p>
                            <input type='text' class='input' name='username' placeholder='Naam' value='' />
                            <input type='password' class='input' name='pass' placeholder='Wachtwoord' value='' />
                            <button type='submit' class='button' name='login'>Login</button>
                    </form>
                </div>
            </div>
        </div>
    </body>
</html>

It's just really weird that even if I destroy all sessions, it won't let me visit this login page.

Hope we can work this out, thanks for your time  O0


Don't mind the non-echoed variables (stylesheets).

Share this post


Link to post
Share on other sites

I can't see if you have anything selected for the login template in your settings - your screenshot is cut off. Is it definitely pointing to the login template php file? If it is, then we need to make sure the module is being loaded - can you add some debug statements to the module - I would start by making sure the "ProtectedCheck" method is being called: https://github.com/adrianbj/PageProtector/blob/master/PageProtector.module#L212

It would be great if you could get to see if it is called and then work your way through to make sure that this line: https://github.com/adrianbj/PageProtector/blob/master/PageProtector.module#L280 is being triggered. 

I would go with:

wire('log')->save('debug', 'test');

or something similar to make sure each point in the code is being called. 

BTW - there is no need to manually create the login form on the login template page - just echo $loginForm and the module will take of that for you (but that shouldn't stop it from working). 

On another note - I see that you have the homepage protected - there is no need to protect any child pages separately unless you have specific roles assigned, but that doesn't seem to be the case - but again that shouldn't stop this from working.

  • Like 1

Share this post


Link to post
Share on other sites

Thanks for your reply, I will look into this after the weekend. Thanks for the debugging tips, hopefully I will find out the problem myself :)

Share this post


Link to post
Share on other sites

@adrian, thanks for your input! I managed to debug and I got the module to work except for one little thingy.

I checked "protect entire site" - yet when I destroy the user's session and direct them to the homepage. I found that when I redirect the user, the login template isn't popping up. Obviously this could be because the script redirects to the homepage. Is there a way to redirect the user to the login template?

Thanks for your time, it helped me an awefull lot!

Share this post


Link to post
Share on other sites
@adrian, thanks for your input! I managed to debug and I got the module to work except for one little thingy.

Glad to hear - if you have a minute, it would be great if you could explain what was wrong so others might learn. 

I checked "protect entire site" - yet when I destroy the user's session and direct them to the homepage. I found that when I redirect the user, the login template isn't popping up. 

Are you saying that despite the homepage being protected, guest visitors are having full access to the homepage?

Obviously this could be because the script redirects to the homepage. Is there a way to redirect the user to the login template?

Is this your script that is redirecting to the homepage, or the PP module? Remember that the login form is injected into the currently viewed page - it is not a separate page. 

Share this post


Link to post
Share on other sites

Glad to hear - if you have a minute, it would be great if you could explain what was wrong so others might learn. 

Are you saying that despite the homepage being protected, guest visitors are having full access to the homepage?

Is this your script that is redirecting to the homepage, or the PP module? Remember that the login form is injected into the currently viewed page - it is not a separate page. 

I fixed it by creating an actual login page (including template) to redirect to.

Share this post


Link to post
Share on other sites

There were two problems in my case. First problem was a conflict between a module I use called AIOM (All-In-One Minifier). The AIOM module caused an error just before the Page Protector module was triggered. When I enabled the debug logging I found out about this bug as there was no exception thrown. 

The second error was the way I structured the templates; I used one template file called main.php which automatically includes a controller and a view based on the template name. As there was no real template loaded, it created a blank error page.

Although the chance is rare that someone will ever stumble upon the same errors as I did, I hope this might help someone out - someday.

Share this post


Link to post
Share on other sites

In case any new users end up here, just make sure you've logged out all users of the admin area before you're convinced the module doesn't work. 

Had my 15 minutes of *FacePalm* today.

 

  • Like 1

Share this post


Link to post
Share on other sites
2 minutes ago, FrancisChung said:

In case any new users end up here, just make sure you've logged out all users of the admin area before you're convinced the module doesn't work. 

Had my 15 minutes of *FacePalm* today.

 

Or use the User Switcher in Tracy so you can test easily :)

https://processwire.com/blog/posts/introducing-tracy-debugger/#user-switcher

 

  • Like 1

Share this post


Link to post
Share on other sites

I was installing Page Protector on 1 of my websites, and I selected the options Protect Hidden / Unpublished Pages and also their children options and I got the following error.

I had to rollback the Database and just leave all the options as default and it seems to work then.

I'm using PW 2.7.x on that site.

 

I think on my other site, I was just using the default options so I didn't have this problem previously.

 

Error: Exception: Method Page::hasStatus does not exist or is not callable in this context (in /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/wire/core/Wire.php line 350)

#0 [internal function]: Wire->___callUnknown('hasStatus', Array)
#1 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/wire/core/Wire.php(387): call_user_func_array(Array, Array)
#2 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/wire/core/Wire.php(325): Wire->runHooks('callUnknown', Array)
#3 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/wire/core/Wire.php(329): Wire->__call('callUnknown', Array)
#4 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/wire/core/Wire.php(329): Page->callUnknown('hasStatus', Array)
#5 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/site/modules/PageProtector/PageProtector.module(179): Wire->__call('hasStatus', Array)
#6 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/site/modules/PageProtector/PageProtector.module(179): Page->hasStatus(2048)
#7 /is/htdocs/wp12420480_J71V5E124H/www/sprach-dev/wire/core/Wire.php(409): Pag
This error message was shown because you are logged in as a Superuser. Error has been logged.

 

Share this post


Link to post
Share on other sites

Hi @FrancisChung - I can't seem to reproduce this and I have been using those settings for over a year on one site.

Is there a certain action that triggers the error or is it simply trying to view the page on the frontend? 

Could you possibly try on a fresh/different PW install?

If you have Tracy installed, could you try:

bd($p->id.':'.$p->status);

on line 165 - after $p is defined on 164.

It seems like $event->object is not returning a page object for some reason in your scenario, but I don't know why.

Share this post


Link to post
Share on other sites
On 9/15/2016 at 10:45 PM, adrian said:

Hi @FrancisChung - I can't seem to reproduce this and I have been using those settings for over a year on one site.

Is there a certain action that triggers the error or is it simply trying to view the page on the frontend? 

Could you possibly try on a fresh/different PW install?

If you have Tracy installed, could you try:


bd($p->id.':'.$p->status);

on line 165 - after $p is defined on 164.

It seems like $event->object is not returning a page object for some reason in your scenario, but I don't know why.

Hi @Adrian,  I'm planning to upgrade our base PW when I get a chance so I will try out again then.
The  "Protect Hidden / Unpublished Pages and also their children options" are redundant options for the site, come to think of it.

I'll also try using Tracy as it's something on the planner to have a detailed look at it.

Share this post


Link to post
Share on other sites

I use this on a site. It used to work fine. Now when I login on the frontend, I get this error with debug on:

Fatal error: Exception: Please wait at least 35 seconds before attempting another login. (in /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/modules/Session/SessionLoginThrottle/SessionLoginThrottle.module line 97) #0 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/modules/Session/SessionLoginThrottle/SessionLoginThrottle.module(65): ProcessWire\SessionLoginThrottle->allowLogin('kunde') #1 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/WireHooks.php(619): ProcessWire\SessionLoginThrottle->sessionAllowLogin(Object(ProcessWire\HookEvent)) #2 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/Wire.php(373): ProcessWire\WireHooks->runHooks(Object(ProcessWire\Session), 'allowLogin', Array) #3 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/Session.php(712): ProcessWire\Wire->__call('allowLogin', Array) #4 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/Session.php(712): ProcessWire\Session->allowLogin( in /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/index.php on line 64

Error: Exception: Please wait at least 35 seconds before attempting another login. (in /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/modules/Session/SessionLoginThrottle/SessionLoginThrottle.module line 97)

#0 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/modules/Session/SessionLoginThrottle/SessionLoginThrottle.module(65): ProcessWire\SessionLoginThrottle->allowLogin('kunde')
#1 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/WireHooks.php(619): ProcessWire\SessionLoginThrottle->sessionAllowLogin(Object(ProcessWire\HookEvent))
#2 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/Wire.php(373): ProcessWire\WireHooks->runHooks(Object(ProcessWire\Session), 'allowLogin', Array)
#3 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/Session.php(712): ProcessWire\Wire->__call('allowLogin', Array)
#4 /kunden/348019_70794/rp-hosting/14027/64026/fabriciusstrasse/wire/core/Session.php(712): ProcessWire\Session->allowLogin(

This error message was shown because: site is in debug mode. ($config->debug = true; => /site/config.php). Error has been logged.

 

Share this post


Link to post
Share on other sites

Does this error happen repeatably on the frontend, but not via the normal admin login?

Share this post


Link to post
Share on other sites
11 minutes ago, adrian said:

Does this error happen repeatably on the frontend, but not via the normal admin login?

jep. its only when I try to login on the frontend

Share this post


Link to post
Share on other sites

Silly question, but are you using the same username on frontend and admin logins?

What happens if you wait 35 seconds - can you then login successfully?

Any sign of weirdness in your session_login_throttle database table? Perhaps you could empty that table?

Share this post


Link to post
Share on other sites
7 minutes ago, adrian said:

Silly question, but are you using the same username on frontend and admin logins?

What happens if you wait 35 seconds - can you then login successfully?

Any sign of weirdness in your session_login_throttle database table? Perhaps you could empty that table?

Thx for your quick reply!
For the frontend I created a new user with just the guest role assigned.
I can't test the Login right now, I had to disable the page protection, because the website is live and the customer is a little nervous right now :)
I will test it later in the evening. 

Iam still a newbi. Where can I find the session_login_throttle database table and how can I empty it? 

Share this post


Link to post
Share on other sites

Ok, well let me know when you can test again later. I am guessing the error was appropriate at the time, and not related to this module.

Don't worry about the session_login_throttle database table at this stage.

  • Like 1

Share this post


Link to post
Share on other sites

could this be a problem with to many people logging in at the same time?
The customer had send a newsletter with the frontend Login, so there could be multiple people accessing the login at the same time.
Also the error happened everytime the customer or I  tried to login.

Share this post


Link to post
Share on other sites

If everyone has the same login username, then absolutely - that is what the session login throttle is designed to do. I think your quickest solution will be to disable the SessionLoginThrottle module.

Just wanted to get that option to you quickly - I'll post some better solutions in a minute.

  • Like 1

Share this post


Link to post
Share on other sites

Actually now that I think about it - I actually wonder if there is a bug in the throttle module because I thought it should only record failed login attempts, not successful ones - just investigating now.

I can trigger the ban by successfully logging in out quickly several times.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By BitPoet
      I'm really in love with FormBuilder, but the one thing missing to match all my end users' expectations were repeatable field groups. Think repeaters, in ProcessWire terms. Our primary application of PW is our corporate intranet, so "lines" of fields are quite common in the forms I build. We have all kinds of request forms where the information for a varying number of colleagues needs to be entered (from meal order to flight booking request) and where it is simply impractical to send a form for each, and I don't want to clutter my forms with multiple instances of fields that may only get used ten percent of the time.
      That's why I started to build FormBuilderMultiplier (link to GitHub).
      What it does:
      Adds an option to make a regular Fieldgroup repeatable Lets you limit the number of instances of a Fieldgroup on the form Adds an "Add row" button the form that adds another instance of the Fieldgroup's fields Adds a counter suffix at the end of every affected field's label Stores the entered values just like regular fields Makes the entered values available in preview and email notifications Supports most text based fields, textareas and selects (really, I haven't had enough time to test all the available choices yet) What it doesn't do (yet):
      Support saving to ProcessWire pages (i.e. real Repeaters) I haven't tested all the validation stuff, Date/Time inputs etc. yet, but since I'm utterly swamped with other stuff at work, I didn't want to wait until I have it polished. Any feedback is welcome. There might also be some issues with different output frameworks that I haven't encountered yet. The forms I work with mostly use UIKit.
      Status:
      Still alpha, so test well before using it in the field.
      Known issues:
      When rows are added, the form's iframe needs to be resized, which isn't completely clean yet.
      How it works:
      The Fieldgroup settings are added through regular hooks, as is the logic that adds the necessary field copies for processing the form and displaying previews.
      "Multiplied" field instances are suffixed with _NUM, where NUM is an incremental integer starting from 1. So if you have add two fields named "surname" and "givenname" to a fieldgroup and check the "multiply" checkbox, the form will initially have "surname_1" and "givenname_1" field (I'm still considering changing that to make the risk to shoot oneself into the foot by having a regular "surname_1" field somewhere else in the form less likely).
      When a "row" is added, the first row is cloned through JS and the counter in the fields' IDs, names and "for" attributes as well as the counter in the label are incremented before appending the copies to the Fieldset container in the form.
      To keep backend and frontend in sync, a hidden field named [name of the fieldset]__multiplier_rows is added to the form. Both the backend and the frontend script use this to store and retrieve the number of "rows".
      ToDo:
      Naturally, add the option to store the data in real repeaters when saving to pages. Do a lot of testing (and likely fixing). Make a few things (like the "Add row" button label etc.) configurable in field(set) context. Add a smooth API to retrieve the multiplied values as WireArrays. The mandatory moving screenshot:

    • By MoritzLost
      Hello there,
      I'm working on a tiny textformatter module that searches the text for titles of other pages on your site and creates hyperlinks to them. I'm not sure if something like this exists already, but I haven't found anything in the module directory, so I wrote my own solution 🙂
      It's not properly tested yet and is still missing some functionality I would like to implement, so at the moment it should be considered in BETA. Features include limiting the pages that will get searched by template, and adding a custom CSS class to the generated hyperlinks. As I'm writing this I noticed that it will probably include unpublished and hidden pages at the moment, so yeah ... it's still in development alright 😅
      You can download the module from Github:
      https://github.com/MoritzLost/TextformatterPageTitleLinks
      There's some more information in the readme as well.
      Anyway, let me know what you think! I'm happy about any feedback, possible improvements or ideas on how to improve the module. Cheers.
    • By adrian
      This module provides a way to rapidly generate Page fields and the required templates and pages for use as a drop down select (or any other Page field type).
      This module will let you create a full page field setup in literally a few seconds 
      To use, run Page Field Select Creator from the Setup Menu
      Enter a Field Title, eg: Room Types Select Options - These will become the child pages that will populate the page field select options. There are two different options.
       
      Option 1. TITLE FIELD ONLY - enter one option per line, eg:
       
      Single
      Double
      Suite
       
       
      Option 2. MULTIPLE FIELDS - the first line is used for the field names and the first field must be 'Title'. Subsequent lines are the values for the fields, eg:
       
      Title, Number of Beds, Number of People, Kitchen Facilities
      Single, 1, 1, Fridge Only
      Double, 2, 2, Fridge Only
      Suite, 3, 6, Full Kitchen
        Choose the parent where the page tree of options will be created, eg a hidden "Options" parent page Select a "Deference in API as" option depending on your needs Choose the input field type Check whether "Allow new pages to be created from field?" should be enabled. As an example, if you entered "Room Types" as the field title, you would end up with all of the following automatically created:
      a fully configured page field called: room_types MULTIPLE FIELDS OPTION - 3 additional fields - number_of_beds, number_of_people, kitchen a parent template called: room_types a child template called: room_types_items (with either just a title field, or with the 3 additional fields as well) a parent page called: Room Types a series of child pages named and titled based on the per line entries in the Select Options textarea The templates are configured such that the "room_types_items" child template can only have the main "room_types" template as a parent, and vice versa.

      Then all you have to do is add the newly created page field to any template you want and you're ready to go!
       
      You can grab it from:
       
      Modules directory: http://modules.processwire.com/modules/process-page-field-select-creator/
      Github: https://github.com/adrianbj/ProcessPageFieldSelectCreator
       

    • By bernhard
      WHY?
      This module was built to fill the gap between simple $pages->find() operations and complex SQL queries.
      The problem with $pages->find() is that it loads all pages into memory and that can be a problem when querying multiple thousands of pages. Even $pages->findMany() loads all pages into memory and therefore is a lot slower than regular SQL.
      The problem with SQL on the other hand is, that the queries are quite complex to build. All fields are separate tables, some repeatable fields use multiple rows for their content that belong to only one single page, you always need to check for the page status (which is not necessary on regular find() operations and therefore nobody is used to that).
      In short: It is far too much work to efficiently and easily get an array of data based on PW pages and fields and I need that a lot for my RockGrid module to build all kinds of tabular data.

      Basic Usage

       
      Docs & Download
      https://modules.processwire.com/modules/rock-finder/
      https://github.com/BernhardBaumrock/RockFinder
       
      Changelog
      180817, v1.0.6, support for joining multiple finders 180810, v1.0.5, basic support for options fields 180528, v1.0.4, add custom select statement option 180516, change sql query method, bump version to 1.0.0 180515, multilang bugfix 180513, beta release <180513, preview/discussion took place here: https://processwire.com/talk/topic/18983-rocksqlfinder-highly-efficient-and-flexible-sql-finder-module/
    • By BitPoet
      MediaLibrary
      Update: MediaLibrary can now be found in the official module list.
      Out of necessity, I've started to implement a simple media library module.
      The basic mechanism is that it adds a MediaLibrary template with file and image fields. Pages of this type can be added anywhere in the page tree.
      The link and image pickers in CKEditor are extended to allow quick selection of library pages from dropdowns. In the link picker this happens in the MediaLibrary tab, where you can also see a preview of the selected image. In the image picker, simply select a library from the dropdown at the top, everything else is handled by standard functionality.
      I've put the code onto github. This module is compatible with ProcessWire 3.
      Steps to usage:
      Download the module's zip from github (switch to the pw3 branche beforehand if you want to test on PW 3.x) and unpack it into site/modules Click "Modules" -> "Refresh" in the admin Click "Install" for MediaLibrary For testing, create a page with the MediaLibrary template under home (give it an expressive title like 'Global Media') and add some images and files Edit a differnt page with a CKEditor field and add a link and an image to see the MediaLibrary features in action (see the screencap for details) Optionally, go into the module settings for MediaLibrary Note: this module is far from being as elaborate as Kongondo's Media Manager (and doesn't plan to be). If you need a feature-rich solution for integrated media management, give it a look.
      Feel free to change the settings for MediaFiles and MediaImages fields, just keep the type as multiple.
      There are some not-so-pretty hacks for creating and inserting the correct markup, which could probably be changed to use standard input fields, though I'm a bit at a loss right now how to get it to work. I've also still got to take a look at error handling before I can call it fit for production. All feedback and pointers are appreciated (that's also why I post this in the development section).

      Edit 09.03.2016 / version 0.0.4: there's now also a "Media" admin page with a shortcut to quickly add a new library.

      Edit 01.05.2016:
      Version 0.0.8:
      - The module now supports nested media libraries (all descendants of eligible media libraries are also selectable in link/image picker).
      - There's a MediaLibrary::getPageMediaLibraries method you can hook after to modify the array of available libraries.
      - You can switch between (default) select dropdowns or radio boxes in the module configuration of MediaLIbrary to choose libraries.
      Edit 10.10.2018:
      Version 0.1.3:
      - Dropped compatibility for ProcessWire legacy versions by adding namespaces
      - Allow deletion of libraries from the Media overview admin page
      - Added an option to hide media libraries from the page tree (optionally also for superusers)