Jump to content
adrian

Page Protector

Recommended Posts

Hi @adrian, this seems to work now!

But I didn't need the include '_main.php'; -line. When having that, I got the _main.php content rendered twice. 

 

 

Share this post


Link to post
Share on other sites
1 minute ago, lpa said:

Hi @adrian, this seems to work now!

But I didn't need the include '_main.php'; -line. When having that, I got the _main.php content rendered twice. 

Great that it's working for you now.

Your _main.php must be included automatically somewhere - probably in config.php. That's why you'd get it twice.

Mine needs to be included manually with the way I have things set up in my sandbox install.

Share this post


Link to post
Share on other sites

@lpa - I have just committed another update - turns out my initial fix broke the standard form approach. The new version works with both.

Because of the breaking changes, I have committed it to the dev branch (https://github.com/adrianbj/PageProtector/tree/dev) for now. I would really appreciate it if others using this module could please try this new version. The only change you should need to make is if you are using the custom Login Template option - you will need to change $loginForm to $page->loginForm

I'll push this dev version to master once there's been a little time for others to test it.

 

  • Like 2

Share this post


Link to post
Share on other sites
12 hours ago, adrian said:

I'll push this dev version to master once there's been a little time for others to test it.

I do not use loginForm so I cannot really test it but after updating I had no issues at all.

  • Like 1

Share this post


Link to post
Share on other sites

Anyone following this thread have any issues with the dev version before I merge to master?

I'll merge later today if I don't hear anything.

Thanks!

  • Like 1

Share this post


Link to post
Share on other sites

OK, v2 has been merged to master.

Be warned about the breaking changes!

  • Like 1

Share this post


Link to post
Share on other sites

Hello,

I have setup a login template but cant seem to stop the head and foot loading, I've disabled auto prepend/append in the template but the they still load any ideas?

Cheers

Jon

Share this post


Link to post
Share on other sites

@Jon on mobile right now, but just wondering if the chosen template file is actually connected to a PW template. It doesn't need to be and maybe that is the issue but I'll have to check when I'm back at my desk in the morning. 

Share this post


Link to post
Share on other sites

@Jon - just took a look and can't seem to reproduce.

What version of the module are you running?

Can you please details of the code in the template file, and your auto prepend/append settings please?

Share this post


Link to post
Share on other sites

@adrian - Iam using version 2.0.1 and PW 3.0.15

the code in the template is just the login form for testing.

echo $page->loginForm;

 My prepend/append setup within the config is

$config->prependTemplateFile = 'head.inc';
$config->appendTemplateFile = 'foot.inc';

I also check the disable prepend/append within the template setup.

Jon

Share this post


Link to post
Share on other sites

Hi @Jon - thanks for the details, but I guess I am not sure what you are expecting to have happen.

If you don't want the head.inc and foot.inc to be loaded, why not just use the standard (no login template) way of adding the login form. That's how it's designed to work. maybe if you could provide a mockup of how you expect it to look I might be able to get a better idea?

Share this post


Link to post
Share on other sites

I have pages like this:

Page1
  - page1.1
  - page1.2

Page1 has been given access to roles: musician, assistant. Page1.2 has been given access to role musician only. 

When logged out, both pages ask to be logged in. When logged in as the user with only assistant role, I still can see the page1.2. I can't figure out why the roles based restrictions don't work at the moment. How should I debug this?

Second question: can I hide the page1.2 from the user with assistant role in my navigation somehow? What should I do in my navigation script to hide the pages that the used doesn't have view access to?

Third question: I need to customize the login-form by including some content from PW, but now when the customized login-form is not a PW form, I can't run any functions from the PW templates. How should I customize the login-form content when I need something more than just the form?

Edited by lpa

Share this post


Link to post
Share on other sites

@adrian Thanks for your reply, I just wanted to customise the login page a bit to match my site a bit more. I have managed to do this with the standard template now. One thing I cant seem change is the default Login Message Ive set this in the module settings but the changes arent reflected in the frontend?

Cheers

Jon 

Share this post


Link to post
Share on other sites
2 hours ago, Jon said:

One thing I cant seem change is the default Login Message Ive set this in the module settings but the changes arent reflected in the frontend?

I expect you are changing the main default in the module settings. This populates the value on the Settings tab of the page that is being protected, but if a page has already been protected, you will need to change the value for that page. It allows for different messages for different pages. Does that make sense?

 

  • Thanks 1

Share this post


Link to post
Share on other sites

@lpa 

1) I'll look at the hierarchy you described in a minute

2) You can check if a page is protected by checking $page->protected eg:

if(!$page->protected) {
	//show in navigation
}

3) I have just made the message function hookable, so you will be able to put this is your ready.php file:

$this->addHookAfter("PageProtector::getMessage", function($event) {
    $event->return = 'My custom message';
});

I'll commit this once I look at your first issue.

  • Like 1

Share this post


Link to post
Share on other sites

@lpa - I am not seeing the issues you are regarding access to the child. My thought is that you might have checking the "protect children" checkbox for Page 1. If you are separately protecting child pages, I think you don't want that checked. Can you try that and see if it works as expected?

I have committed the change that makes that hook available. Please let me know how you go with that also.

Share this post


Link to post
Share on other sites

@adrian Thanks for that works prefect :)

1 hour ago, adrian said:

I expect you are changing the main default in the module settings. This populates the value on the Settings tab of the page that is being protected, but if a page has already been protected, you will need to change the value for that page. It allows for different messages for different pages. Does that make sense?

 

 

  • Like 1

Share this post


Link to post
Share on other sites

1. No, the protection is not taking in account the role at all. Even if I change just one page without child protection to be protected, I can access that page after login with a user account that does not have the required role!

2. Yes, $page->protected works, but it does not make any difference on who is accessign the page. Should it give different results based on the users roles? I would like to make it to not show the navigation item if the page is protected for that particular user. 

3. What is actually the message the hook returns? I would like something like this:

// Give me a random picture to the login page
$image = getRandomPict($homepage);
$content = "
<div class='row'>
	$page->loginForm
	<div class='large-12 columns'>
	$image
	</div>
</div>
";
$event->return = $content;

 

Share this post


Link to post
Share on other sites

@lpa - just heading to bed here, but 

1) I am not seeing any problems like that here - any chance this site is live and you could give me a login to check things out?

2) I'll need to confirm the role stuff in the morning - you might be onto something though - I might need protected vs prohibited?

3) The part I made hookable is just the message before the username/password fields. I think if you want custom classes around the login form you should just put them in your template file you as want - no need for a hook for that. Does that make sense?

Share this post


Link to post
Share on other sites

@lpa - for now I am going to attach the new version here. This adds support for the new "prohibited" property so now you can check if a page is protected and then also check if it's prohibited for the current user.

I refactored a few things so don't want to commit the changes just yet.

Can you please test this for your needs. I would also like to help you with Issue 1, but will might need some access to test that. As for Issue 3, did you try my suggestion?

PageProtector.zip

Share this post


Link to post
Share on other sites

1. I'll send you a private message on this. 

2. Thanks, the $page->prohibited works just as I wanted based on  a quick test. 

3. At the moment I have a login.php file that is included on every page in _init.php. That page has my own logic without PageProtector. There, if I need the login form, I can format it just like I want and even use the getRandomPict()-function which is in _func.php. But if I use the PageProtector I use the $page->loginForm, as show above, where I can't use my getRandomPict()-function, because it is not a PW template. I get errors like: "Call to undefined function getRandomPict()". I don't want to add the image to every template.

Share this post


Link to post
Share on other sites

@adrian has a great support on his modules! All the problems solved with his help a long time ago! Thank you very much! 

And this module is great for cases where the PW template based access rights scheme is not so flexible.

  • Like 2

Share this post


Link to post
Share on other sites
3 minutes ago, lpa said:

@adrian has a great support on his modules! All the problems solved with his help a long time ago! Thank you very much! 

And this module is great for cases where the PW template based access rights scheme is not so flexible.

Thanks for your help @lpa in fixing those issues.

FYI for everyone else - all the changes that were included in that zip posted above are now in the master repo on github.

  • Like 2

Share this post


Link to post
Share on other sites

A feature request for the future: allow login only with a password. As a workaround I used a simple str_replace and added hardcoded "value=USERNAME" attribute to the username input, plus a good old display: none to it. This way it doesn't show up but contains the username pre-filled.

The same could be perhaps achieved if there was a per-page setting where we could enter one username. Then the module could add a hidden input with an encrypted username (instead of a text type username input). But maybe you have a better idea.

I needed this because the client needed a password protected page without asking for a username. Fortunately the protection doesn't need to be bulletproof so my workaround is fine for now, but in the future it would be nice having this built-in.

  • Like 1

Share this post


Link to post
Share on other sites

I get an 500 error after the third failed login attempt:

Please wait at least 10 seconds before attempting another login. (in /wire/modules/Session/SessionLoginThrottle/SessionLoginThrottle.module line 97)

SessionLoginThrotte settings are the default ones, 5 sec and 60 sec, no IP throttle. I'll disable the SLT module for now but I'm curious whether this happens for others too. 

Using PW 3.0.100 and PageProtector 2.0.4, but just checked on another site running on 3.0.52 / 0.2.1 and it happens there too.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By d'Hinnisdaël
      Happy new year, everybody 🥬
      I've been sitting on this Dashboard module I made for a client and finally came around to cleaning it up and releasing it to the wider public. This is how it looks.
      ProcessWire Dashboard

      If anyone is interested in trying this out, please go ahead! I'd love to get some feedback on it. If this proves useful and survives some real-world testing, I'll add this to the module directory.
      Download
      You can find the latest release on Github.
      Documentation
      Check out the documentation to get started. This is where you'll find information about included panel types and configuration options.
      Custom Panels
      My goal was to make it really simple to create custom panels. The easiest way to do that is to use the panel type template and have it render a file in your templates folder. This might be enough for 80% of all use cases. For anything more complex (FormBuilder submissions? Comments? Live chat?), you can add new panel types by creating modules that extend the DashboardPanel base class. Check out the documentation on custom panels or take a look at the HelloWorld panel to get started. I'm happy to merge any user-created modules into the main repo if they might be useful to more than a few people.
       Disclaimer
      This is a pre-release version. Please treat it as such — don't install it on production sites. Just making sure 🍇
      Roadmap
      These are the things I'm looking to implement myself at some point. The wishlist is a lot longer, but those are the 80/20 items that I probably won't regret spending time on.
      Improve documentation & add examples ⚙️ Panel types Google Analytics ⚙️ Add new page  🔥 Drafts 🔥 At a glance / Page counter 404s  Layout options Render multiple tabs per panel panel groups with heading and spacing between ✅ panel wrappers as grid item (e.g. stacked notices) ✅ Admin themes support AdminThemeReno and AdminThemeDefault ✅ Shortcuts panel add a table layout with icon, title & summary ✅ Chart panel add default styles for common chart types ✅ load chart data from JS file (currently passed as PHP array) Collection panel support image columns ✅ add buttons: view all & add new ✅
    • By Pip
      Hi everyone!
      I'm trying out the Login/Register module for my site. Noted that the module assigns the newly registered user to login-register role. 
      Once you modify the login-register role's permissions, particularly adding page-edit, the new member role will be set to guest. 
      Thing is I'd like to grant my new users the power to create their own pages. Any advice? 
      Thanks. 
    • By Gadgetto
      SnipWire - Snipcart integration for ProcessWire
      Snipcart is a powerful 3rd party, developer-first HTML/JavaScript shopping cart platform. SnipWire is the missing link between Snipcart and the content management framework ProcessWire.
      With SnipWire, you can quickly turn any ProcessWire site into a Snipcart online shop. The SnipWire plugin helps you to get your store up and running in no time. Detailed knowledge of the Snipcart system is not required.
      SnipWire is free and open source licensed under Mozilla Public License 2.0! A lot of work and effort has gone into development. It would be nice if you could donate an amount to support further development:

      Status update links (inside this thread) for SnipWire development
      2020-07-03 -- SnipWire 0.8.7 (beta) released! Fixes some small bugs and adds an indicator for TEST mode 2020-04-06 -- SnipWire 0.8.6 (beta) released! Adds support for Snipcart subscriptions and also fixes some problems 2020-03-21 -- SnipWire 0.8.5 (beta) released! Improves SnipWires webhooks interface and provides some other fixes and additions 2020-03-03 -- SnipWire 0.8.4 (beta) released! Improves compatibility for Windows based Systems. 2020-03-01 -- SnipWire 0.8.3 (beta) released! The installation and uninstallation process has been heavily revised. 2020-02-08 -- SnipWire 0.8.2 (beta) released! Added a feature to change the cart and catalogue currency by GET, POST or SESSION param 2020-02-03 -- SnipWire 0.8.1 (beta) released! All custom classes moved into their own namespaces. 2020-02-01 -- SnipWire is now available via ProcessWire's module directory! 2020-01-30 -- SnipWire 0.8.0 (beta) first public release! (module just submitted to the PW modules directory) 2020-01-28 -- added Custom Order Fields feature (first SnipWire release version is near!) 2020-01-21 -- Snipcart v3 - when will the new cart system be implemented? 2020-01-19 -- integrated taxes provider finished (+ very flexible shipping taxes handling) 2020-01-14 -- new date range picker, discount editor, order notifiactions, order statuses, and more ... 2019-11-15 -- orders filter, order details, download + resend invoices, refunds 2019-10-18 -- list filters, REST API improvements, new docs platform, and more ... 2019-08-08 -- dashboard interface, currency selector, managing Orders, Customers and Products, Added a WireTabs, refinded caching behavior 2019-06-15 -- taxes provider, shop templates update, multiCURL implementation, and more ... 2019-06-02 -- FieldtypeSnipWireTaxSelector 2019-05-25 -- SnipWire will be free and open source Plugin Key Features
      Fast and simple store setup Full integration of the Snipcart dashboard into the ProcessWire backend (no need to leave the ProcessWire admin area) Browse and manage orders, customers, discounts, abandoned carts, and more Multi currency support Custom order and cart fields Process refunds and send customer notifications from within the ProcessWire backend Process Abandoned Carts + sending messages to customers from within the ProcessWire backend Complete Snipcart webhooks integration (all events are hookable via ProcessWire hooks) Integrated taxes provider (which is more flexible then Snipcart own provider) Useful Links
      SnipWire in PW modules directory SnipWire Docs (please note that the documentation is a work in progress) SnipWire @GitHub (feature requests and suggestions for improvement are welcome - I also accept pull requests) Snipcart Website  

       
      ---- INITIAL POST FROM 2019-05-25 ----
       
    • By Sten
      Hello
      Till now I hacked something with the twig template but it works no more with new PW versions so I look forward to create a module. I am working on a site in multiple languages : French, English, Italian, German, Spanish, Portuguese, Hebrew, Russian. The new posts are entered in any language with a field for language. Till now, I got twig files to get the translations with constants defined for each part of the pages.
      So I'd like to create a module to include theses files added according to the url /fr/en/...
      Have you some observations to do before I begin about the direction to take ?
      Thank you
    • By ukyo
      Mystique Module for ProcessWire CMS/CMF
      Github repo : https://github.com/trk/Mystique
      Mystique module allow you to create dynamic fields and store dynamic fields data on database by using a config file.
      Requirements
      ProcessWire 3.0 or newer PHP 7.0 or newer FieldtypeMystique InputfieldMystique Installation
      Install the module from the modules directory:
      Via Composer:
      composer require trk/mystique Via git clone:
      cd your-processwire-project-folder/ cd site/modules/ git clone https://github.com/trk/Mystique.git Module in live reaction with your Mystique config file
      This mean if you remove a field from your config file, field will be removed from edit screen. As you see on youtube video.
      Using Mystique with your module or use different configs path, autoload need to be true for modules
      Default configs path is site/templates/configs/, and your config file name need to start with Mystique. and need to end with .php extension.
      Adding custom path not supporting anymore !
      // Add your custom path inside your module class`init` function, didn't tested outside public function init() { $path = __DIR__ . DIRECTORY_SEPARATOR . 'configs' . DIRECTORY_SEPARATOR; Mystique::add($path); } Mystique module will search site/modules/**/configs/Mystique.*.php and site/templates/Mystique.*.php paths for Mystique config files.
      All config files need to return a PHP ARRAY like examples.
      Usage almost same with ProcessWire Inputfield Api, only difference is set and showIf usage like on example.
      <?php namespace ProcessWire; /** * Resource : testing-mystique */ return [ 'title' => __('Testing Mystique'), 'fields' => [ 'text_field' => [ 'label' => __('You can use short named types'), 'description' => __('In file showIf working like example'), 'notes' => __('Also you can use $input->set() method'), 'type' => 'text', 'showIf' => [ 'another_text' => "=''" ], 'set' => [ 'showCount' => InputfieldText::showCountChars, 'maxlength' => 255 ], 'attr' => [ 'attr-foo' => 'bar', 'attr-bar' => 'foo' ] ], 'another_text' => [ 'label' => __('Another text field (default type is text)') ] ] ]; Example:
      site/templates/configs/Mystique.seo-fields.php <?php namespace ProcessWire; /** * Resource : seo-fields */ return [ 'title' => __('Seo fields'), 'fields' => [ 'window_title' => [ 'label' => __('Window title'), 'type' => Mystique::TEXT, // or InputfieldText 'useLanguages' => true, 'attr' => [ 'placeholder' => __('Enter a window title') ] ], 'navigation_title' => [ 'label' => __('Navigation title'), 'type' => Mystique::TEXT, // or InputfieldText 'useLanguages' => true, 'showIf' => [ 'window_title' => "!=''" ], 'attr' => [ 'placeholder' => __('Enter a navigation title') ] ], 'description' => [ 'label' => __('Description for search engines'), 'type' => Mystique::TEXTAREA, 'useLanguages' => true ], 'page_tpye' => [ 'label' => __('Type'), 'type' => Mystique::SELECT, 'options' => [ 'basic' => __('Basic page'), 'gallery' => __('Gallery'), 'blog' => __('Blog') ] ], 'show_on_nav' => [ 'label' => __('Display this page on navigation'), 'type' => Mystique::CHECKBOX ] ] ]; Searching data on Mystique field is limited. Because, Mystique saving data to database in json format. When you make search for Mystique field, operator not important. Operator will be changed with %= operator.
      Search example
      $navigationPages = pages()->find('my_mystique_field.show_on_nav=1'); $navigationPages = pages()->find('my_mystique_field.page_tpye=gallery');
×
×
  • Create New...