adrian

Page Protector

Recommended Posts

Hi @adrian, this seems to work now!

But I didn't need the include '_main.php'; -line. When having that, I got the _main.php content rendered twice. 

 

 

Share this post


Link to post
Share on other sites
1 minute ago, lpa said:

Hi @adrian, this seems to work now!

But I didn't need the include '_main.php'; -line. When having that, I got the _main.php content rendered twice. 

Great that it's working for you now.

Your _main.php must be included automatically somewhere - probably in config.php. That's why you'd get it twice.

Mine needs to be included manually with the way I have things set up in my sandbox install.

Share this post


Link to post
Share on other sites

@lpa - I have just committed another update - turns out my initial fix broke the standard form approach. The new version works with both.

Because of the breaking changes, I have committed it to the dev branch (https://github.com/adrianbj/PageProtector/tree/dev) for now. I would really appreciate it if others using this module could please try this new version. The only change you should need to make is if you are using the custom Login Template option - you will need to change $loginForm to $page->loginForm

I'll push this dev version to master once there's been a little time for others to test it.

 

  • Like 2

Share this post


Link to post
Share on other sites
12 hours ago, adrian said:

I'll push this dev version to master once there's been a little time for others to test it.

I do not use loginForm so I cannot really test it but after updating I had no issues at all.

  • Like 1

Share this post


Link to post
Share on other sites

Anyone following this thread have any issues with the dev version before I merge to master?

I'll merge later today if I don't hear anything.

Thanks!

  • Like 1

Share this post


Link to post
Share on other sites

OK, v2 has been merged to master.

Be warned about the breaking changes!

  • Like 1

Share this post


Link to post
Share on other sites

Hello,

I have setup a login template but cant seem to stop the head and foot loading, I've disabled auto prepend/append in the template but the they still load any ideas?

Cheers

Jon

Share this post


Link to post
Share on other sites

@Jon on mobile right now, but just wondering if the chosen template file is actually connected to a PW template. It doesn't need to be and maybe that is the issue but I'll have to check when I'm back at my desk in the morning. 

Share this post


Link to post
Share on other sites

@Jon - just took a look and can't seem to reproduce.

What version of the module are you running?

Can you please details of the code in the template file, and your auto prepend/append settings please?

Share this post


Link to post
Share on other sites

@adrian - Iam using version 2.0.1 and PW 3.0.15

the code in the template is just the login form for testing.

echo $page->loginForm;

 My prepend/append setup within the config is

$config->prependTemplateFile = 'head.inc';
$config->appendTemplateFile = 'foot.inc';

I also check the disable prepend/append within the template setup.

Jon

Share this post


Link to post
Share on other sites

Hi @Jon - thanks for the details, but I guess I am not sure what you are expecting to have happen.

If you don't want the head.inc and foot.inc to be loaded, why not just use the standard (no login template) way of adding the login form. That's how it's designed to work. maybe if you could provide a mockup of how you expect it to look I might be able to get a better idea?

Share this post


Link to post
Share on other sites

I have pages like this:

Page1
  - page1.1
  - page1.2

Page1 has been given access to roles: musician, assistant. Page1.2 has been given access to role musician only. 

When logged out, both pages ask to be logged in. When logged in as the user with only assistant role, I still can see the page1.2. I can't figure out why the roles based restrictions don't work at the moment. How should I debug this?

Second question: can I hide the page1.2 from the user with assistant role in my navigation somehow? What should I do in my navigation script to hide the pages that the used doesn't have view access to?

Third question: I need to customize the login-form by including some content from PW, but now when the customized login-form is not a PW form, I can't run any functions from the PW templates. How should I customize the login-form content when I need something more than just the form?

Edited by lpa

Share this post


Link to post
Share on other sites

@adrian Thanks for your reply, I just wanted to customise the login page a bit to match my site a bit more. I have managed to do this with the standard template now. One thing I cant seem change is the default Login Message Ive set this in the module settings but the changes arent reflected in the frontend?

Cheers

Jon 

Share this post


Link to post
Share on other sites
2 hours ago, Jon said:

One thing I cant seem change is the default Login Message Ive set this in the module settings but the changes arent reflected in the frontend?

I expect you are changing the main default in the module settings. This populates the value on the Settings tab of the page that is being protected, but if a page has already been protected, you will need to change the value for that page. It allows for different messages for different pages. Does that make sense?

 

  • Thanks 1

Share this post


Link to post
Share on other sites

@lpa 

1) I'll look at the hierarchy you described in a minute

2) You can check if a page is protected by checking $page->protected eg:

if(!$page->protected) {
	//show in navigation
}

3) I have just made the message function hookable, so you will be able to put this is your ready.php file:

$this->addHookAfter("PageProtector::getMessage", function($event) {
    $event->return = 'My custom message';
});

I'll commit this once I look at your first issue.

  • Like 1

Share this post


Link to post
Share on other sites

@lpa - I am not seeing the issues you are regarding access to the child. My thought is that you might have checking the "protect children" checkbox for Page 1. If you are separately protecting child pages, I think you don't want that checked. Can you try that and see if it works as expected?

I have committed the change that makes that hook available. Please let me know how you go with that also.

Share this post


Link to post
Share on other sites

@adrian Thanks for that works prefect :)

1 hour ago, adrian said:

I expect you are changing the main default in the module settings. This populates the value on the Settings tab of the page that is being protected, but if a page has already been protected, you will need to change the value for that page. It allows for different messages for different pages. Does that make sense?

 

 

  • Like 1

Share this post


Link to post
Share on other sites

1. No, the protection is not taking in account the role at all. Even if I change just one page without child protection to be protected, I can access that page after login with a user account that does not have the required role!

2. Yes, $page->protected works, but it does not make any difference on who is accessign the page. Should it give different results based on the users roles? I would like to make it to not show the navigation item if the page is protected for that particular user. 

3. What is actually the message the hook returns? I would like something like this:

// Give me a random picture to the login page
$image = getRandomPict($homepage);
$content = "
<div class='row'>
	$page->loginForm
	<div class='large-12 columns'>
	$image
	</div>
</div>
";
$event->return = $content;

 

Share this post


Link to post
Share on other sites

@lpa - just heading to bed here, but 

1) I am not seeing any problems like that here - any chance this site is live and you could give me a login to check things out?

2) I'll need to confirm the role stuff in the morning - you might be onto something though - I might need protected vs prohibited?

3) The part I made hookable is just the message before the username/password fields. I think if you want custom classes around the login form you should just put them in your template file you as want - no need for a hook for that. Does that make sense?

Share this post


Link to post
Share on other sites

@lpa - for now I am going to attach the new version here. This adds support for the new "prohibited" property so now you can check if a page is protected and then also check if it's prohibited for the current user.

I refactored a few things so don't want to commit the changes just yet.

Can you please test this for your needs. I would also like to help you with Issue 1, but will might need some access to test that. As for Issue 3, did you try my suggestion?

PageProtector.zip

Share this post


Link to post
Share on other sites

1. I'll send you a private message on this. 

2. Thanks, the $page->prohibited works just as I wanted based on  a quick test. 

3. At the moment I have a login.php file that is included on every page in _init.php. That page has my own logic without PageProtector. There, if I need the login form, I can format it just like I want and even use the getRandomPict()-function which is in _func.php. But if I use the PageProtector I use the $page->loginForm, as show above, where I can't use my getRandomPict()-function, because it is not a PW template. I get errors like: "Call to undefined function getRandomPict()". I don't want to add the image to every template.

Share this post


Link to post
Share on other sites

@adrian has a great support on his modules! All the problems solved with his help a long time ago! Thank you very much! 

And this module is great for cases where the PW template based access rights scheme is not so flexible.

  • Like 2

Share this post


Link to post
Share on other sites
3 minutes ago, lpa said:

@adrian has a great support on his modules! All the problems solved with his help a long time ago! Thank you very much! 

And this module is great for cases where the PW template based access rights scheme is not so flexible.

Thanks for your help @lpa in fixing those issues.

FYI for everyone else - all the changes that were included in that zip posted above are now in the master repo on github.

  • Like 2

Share this post


Link to post
Share on other sites

A feature request for the future: allow login only with a password. As a workaround I used a simple str_replace and added hardcoded "value=USERNAME" attribute to the username input, plus a good old display: none to it. This way it doesn't show up but contains the username pre-filled.

The same could be perhaps achieved if there was a per-page setting where we could enter one username. Then the module could add a hidden input with an encrypted username (instead of a text type username input). But maybe you have a better idea.

I needed this because the client needed a password protected page without asking for a username. Fortunately the protection doesn't need to be bulletproof so my workaround is fine for now, but in the future it would be nice having this built-in.

  • Like 1

Share this post


Link to post
Share on other sites

I get an 500 error after the third failed login attempt:

Please wait at least 10 seconds before attempting another login. (in /wire/modules/Session/SessionLoginThrottle/SessionLoginThrottle.module line 97)

SessionLoginThrotte settings are the default ones, 5 sec and 60 sec, no IP throttle. I'll disable the SLT module for now but I'm curious whether this happens for others too. 

Using PW 3.0.100 and PageProtector 2.0.4, but just checked on another site running on 3.0.52 / 0.2.1 and it happens there too.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By BitPoet
      I'm really in love with FormBuilder, but the one thing missing to match all my end users' expectations were repeatable field groups. Think repeaters, in ProcessWire terms. Our primary application of PW is our corporate intranet, so "lines" of fields are quite common in the forms I build. We have all kinds of request forms where the information for a varying number of colleagues needs to be entered (from meal order to flight booking request) and where it is simply impractical to send a form for each, and I don't want to clutter my forms with multiple instances of fields that may only get used ten percent of the time.
      That's why I started to build FormBuilderMultiplier (link to GitHub).
      What it does:
      Adds an option to make a regular Fieldgroup repeatable Lets you limit the number of instances of a Fieldgroup on the form Adds an "Add row" button the form that adds another instance of the Fieldgroup's fields Adds a counter suffix at the end of every affected field's label Stores the entered values just like regular fields Makes the entered values available in preview and email notifications Supports most text based fields, textareas and selects (really, I haven't had enough time to test all the available choices yet) What it doesn't do (yet):
      Support saving to ProcessWire pages (i.e. real Repeaters) I haven't tested all the validation stuff, Date/Time inputs etc. yet, but since I'm utterly swamped with other stuff at work, I didn't want to wait until I have it polished. Any feedback is welcome. There might also be some issues with different output frameworks that I haven't encountered yet. The forms I work with mostly use UIKit.
      Status:
      Still alpha, so test well before using it in the field.
      Known issues:
      When rows are added, the form's iframe needs to be resized, which isn't completely clean yet.
      How it works:
      The Fieldgroup settings are added through regular hooks, as is the logic that adds the necessary field copies for processing the form and displaying previews.
      "Multiplied" field instances are suffixed with _NUM, where NUM is an incremental integer starting from 1. So if you have add two fields named "surname" and "givenname" to a fieldgroup and check the "multiply" checkbox, the form will initially have "surname_1" and "givenname_1" field (I'm still considering changing that to make the risk to shoot oneself into the foot by having a regular "surname_1" field somewhere else in the form less likely).
      When a "row" is added, the first row is cloned through JS and the counter in the fields' IDs, names and "for" attributes as well as the counter in the label are incremented before appending the copies to the Fieldset container in the form.
      To keep backend and frontend in sync, a hidden field named [name of the fieldset]__multiplier_rows is added to the form. Both the backend and the frontend script use this to store and retrieve the number of "rows".
      ToDo:
      Naturally, add the option to store the data in real repeaters when saving to pages. Do a lot of testing (and likely fixing). Make a few things (like the "Add row" button label etc.) configurable in field(set) context. Add a smooth API to retrieve the multiplied values as WireArrays. The mandatory moving screenshot:

    • By MoritzLost
      Hello there,
      I'm working on a tiny textformatter module that searches the text for titles of other pages on your site and creates hyperlinks to them. I'm not sure if something like this exists already, but I haven't found anything in the module directory, so I wrote my own solution 🙂
      It's not properly tested yet and is still missing some functionality I would like to implement, so at the moment it should be considered in BETA. Features include limiting the pages that will get searched by template, and adding a custom CSS class to the generated hyperlinks. As I'm writing this I noticed that it will probably include unpublished and hidden pages at the moment, so yeah ... it's still in development alright 😅
      You can download the module from Github:
      https://github.com/MoritzLost/TextformatterPageTitleLinks
      There's some more information in the readme as well.
      Anyway, let me know what you think! I'm happy about any feedback, possible improvements or ideas on how to improve the module. Cheers.
    • By adrian
      This module provides a way to rapidly generate Page fields and the required templates and pages for use as a drop down select (or any other Page field type).
      This module will let you create a full page field setup in literally a few seconds 
      To use, run Page Field Select Creator from the Setup Menu
      Enter a Field Title, eg: Room Types Select Options - These will become the child pages that will populate the page field select options. There are two different options.
       
      Option 1. TITLE FIELD ONLY - enter one option per line, eg:
       
      Single
      Double
      Suite
       
       
      Option 2. MULTIPLE FIELDS - the first line is used for the field names and the first field must be 'Title'. Subsequent lines are the values for the fields, eg:
       
      Title, Number of Beds, Number of People, Kitchen Facilities
      Single, 1, 1, Fridge Only
      Double, 2, 2, Fridge Only
      Suite, 3, 6, Full Kitchen
        Choose the parent where the page tree of options will be created, eg a hidden "Options" parent page Select a "Deference in API as" option depending on your needs Choose the input field type Check whether "Allow new pages to be created from field?" should be enabled. As an example, if you entered "Room Types" as the field title, you would end up with all of the following automatically created:
      a fully configured page field called: room_types MULTIPLE FIELDS OPTION - 3 additional fields - number_of_beds, number_of_people, kitchen a parent template called: room_types a child template called: room_types_items (with either just a title field, or with the 3 additional fields as well) a parent page called: Room Types a series of child pages named and titled based on the per line entries in the Select Options textarea The templates are configured such that the "room_types_items" child template can only have the main "room_types" template as a parent, and vice versa.

      Then all you have to do is add the newly created page field to any template you want and you're ready to go!
       
      You can grab it from:
       
      Modules directory: http://modules.processwire.com/modules/process-page-field-select-creator/
      Github: https://github.com/adrianbj/ProcessPageFieldSelectCreator
       

    • By bernhard
      WHY?
      This module was built to fill the gap between simple $pages->find() operations and complex SQL queries.
      The problem with $pages->find() is that it loads all pages into memory and that can be a problem when querying multiple thousands of pages. Even $pages->findMany() loads all pages into memory and therefore is a lot slower than regular SQL.
      The problem with SQL on the other hand is, that the queries are quite complex to build. All fields are separate tables, some repeatable fields use multiple rows for their content that belong to only one single page, you always need to check for the page status (which is not necessary on regular find() operations and therefore nobody is used to that).
      In short: It is far too much work to efficiently and easily get an array of data based on PW pages and fields and I need that a lot for my RockGrid module to build all kinds of tabular data.

      Basic Usage

       
      Docs & Download
      https://modules.processwire.com/modules/rock-finder/
      https://github.com/BernhardBaumrock/RockFinder
       
      Changelog
      180817, v1.0.6, support for joining multiple finders 180810, v1.0.5, basic support for options fields 180528, v1.0.4, add custom select statement option 180516, change sql query method, bump version to 1.0.0 180515, multilang bugfix 180513, beta release <180513, preview/discussion took place here: https://processwire.com/talk/topic/18983-rocksqlfinder-highly-efficient-and-flexible-sql-finder-module/
    • By BitPoet
      MediaLibrary
      Update: MediaLibrary can now be found in the official module list.
      Out of necessity, I've started to implement a simple media library module.
      The basic mechanism is that it adds a MediaLibrary template with file and image fields. Pages of this type can be added anywhere in the page tree.
      The link and image pickers in CKEditor are extended to allow quick selection of library pages from dropdowns. In the link picker this happens in the MediaLibrary tab, where you can also see a preview of the selected image. In the image picker, simply select a library from the dropdown at the top, everything else is handled by standard functionality.
      I've put the code onto github. This module is compatible with ProcessWire 3.
      Steps to usage:
      Download the module's zip from github (switch to the pw3 branche beforehand if you want to test on PW 3.x) and unpack it into site/modules Click "Modules" -> "Refresh" in the admin Click "Install" for MediaLibrary For testing, create a page with the MediaLibrary template under home (give it an expressive title like 'Global Media') and add some images and files Edit a differnt page with a CKEditor field and add a link and an image to see the MediaLibrary features in action (see the screencap for details) Optionally, go into the module settings for MediaLibrary Note: this module is far from being as elaborate as Kongondo's Media Manager (and doesn't plan to be). If you need a feature-rich solution for integrated media management, give it a look.
      Feel free to change the settings for MediaFiles and MediaImages fields, just keep the type as multiple.
      There are some not-so-pretty hacks for creating and inserting the correct markup, which could probably be changed to use standard input fields, though I'm a bit at a loss right now how to get it to work. I've also still got to take a look at error handling before I can call it fit for production. All feedback and pointers are appreciated (that's also why I post this in the development section).

      Edit 09.03.2016 / version 0.0.4: there's now also a "Media" admin page with a shortcut to quickly add a new library.

      Edit 01.05.2016:
      Version 0.0.8:
      - The module now supports nested media libraries (all descendants of eligible media libraries are also selectable in link/image picker).
      - There's a MediaLibrary::getPageMediaLibraries method you can hook after to modify the array of available libraries.
      - You can switch between (default) select dropdowns or radio boxes in the module configuration of MediaLIbrary to choose libraries.
      Edit 10.10.2018:
      Version 0.1.3:
      - Dropped compatibility for ProcessWire legacy versions by adding namespaces
      - Allow deletion of libraries from the Media overview admin page
      - Added an option to hide media libraries from the page tree (optionally also for superusers)