Jump to content

Page Protector


Recommended Posts

22 hours ago, adrian said:

@BFD Calendar - I don't really think this module is the best option for your needs in this case - sounds like you should just handle each condition in your code.

Can the access roles be used in an 'if - else' condition as well then? I like your module because it's a simple login and protection, we have 2000 students and I don't want any of them getting near the admin interface. Maybe not for our 'materials' shop, but for some online courses and tests I'll probably continue using it.

Link to comment
Share on other sites

4 hours ago, BFD Calendar said:

Can the access roles be used in an 'if - else' condition as well then?

Something like this will get you the list of roles for the current page.



  • Like 1
Link to comment
Share on other sites

  • 3 months later...

Ok, I get it now, but it is pretty confusingly worded - either that, or I am just a bit slow 🙂

Anyway, it's easy enough to add, but do you think the icon should be displayed for all users, or just superusers? Also, which icon - the issue is that the key and lock icons are already used in the page tree for other indicators.

The other question I have is whether to use the ProcessPageListRender::getPageLabel hook and add the icon as a "PageListStatusIcon" like the lock, exclamation icons are added by the core (at the end of the title in grey), or using the Page::getIcon hook which adds to the front of the page title and the icon is pink.

I think the "PageListStatusIcon" option is more correct and looks nicer, but it means that it will be broken on sites that use that ProcessPageListRender::getPageLabel hook to modify the page titles - something I do on a few sites.

Of course the other option would be if this wasn't included as part of the module, but rather those who want it can add it themselves with one of those hooks like this:

        $this->wire()->addHookAfter('ProcessPageListRender::getPageLabel', function($event) {
            $p = $event->arguments[0];
            if($p->protected) {
                $event->return = $p->title . "<i class='PageListStatusIcon fa fa-fw fa-key'></i>";



        $this->wire()->addHookAfter('Page::getIcon', function(HookEvent $event) {
            $page = $event->object;
            if($page->protected) {
                $event->return = 'key';


  • Like 2
Link to comment
Share on other sites

  • 2 months later...

Hi @adrian . I love how easy PageProtector is to use, but, there's still one question that eludes me - how would I get the PageProtector to respect Two-Factor Authentication for a user? Right now it just logs them in if the user and password is correct.

See this link for the code snippet. https://github.com/adrianbj/PageProtector/blob/master/PageProtector.module.php#L289-L294

I looked in ProcessLogin and found this code snippet that shows how the TFA is called in the normal login process. https://github.com/processwire/processwire/blob/master/wire/modules/Process/ProcessLogin/ProcessLogin.module#L339-L349

Would I need to put similar code into the normal PageProtector's protectedCheck function? If not, how would you recommend setting up a site that uses both Two-Factor Authentication and Page Protector?

Link to comment
Share on other sites

Hi @shadowkyogre - looks like you would need that logic, but you'd also need to add the TFA field to the login form. Unfortunately I don't have time to look into this at the moment, but if you can get it working and provide a PR, I'd be grateful.

Link to comment
Share on other sites

  • 4 months later...

It seems that the "allowed_roles" option does not work for the $page->protect() method. Neither does it show any effect when I try it, nor I could find the string "allowed_roles" in the module's source code. What I've found in source code was an option called "roles", but that doesn't work either ...

Link to comment
Share on other sites

35 minutes ago, FlorianA said:

It seems that the "allowed_roles" option does not work for the $page->protect() method. Neither does it show any effect when I try it, nor I could find the string "allowed_roles" in the module's source code. What I've found in source code was an option called "roles", but that doesn't work either ...

Sorry about that - looks like I messed up the property name. I just tested though with "roles" and it's working here, eg:

$options = array(
    "page_protected" => true,
    "children_protected" => true,
    "roles" => array("editor"),
    "message_override" => "My custom login message",
    "prohibited_message" => "My custom prohibited access message"


I'll fix the documentation in a minute, but you you please try the above to confirm it's working for you.

Link to comment
Share on other sites

On 7/3/2021 at 6:02 PM, adrian said:

I'll fix the documentation in a minute, but you you please try the above to confirm it's working for you.

Yes, it works with "roles", thanks. I must have done something wrong with my previous test ...

  • Like 1
Link to comment
Share on other sites

  • 1 month later...

First of all thank you so much for your help yesterday, @adrian – I didn't realize you wrote this module!
Everything works now, and I even managed to embed the login form within my site. 🙂

One thing I'd like to ask is if there's an (ideally beginner-friendly) method or workaround to log in with either only a username or only a password.
Right now it seems like both fields are always required.

On 5/2/2018 at 10:36 PM, tpr said:

A feature request for the future: allow login only with a password.

Screenshot 2021-08-29 at 16.15.15.png

  • Like 1
Link to comment
Share on other sites

  • 1 month later...

Just found this module, match to project needs, thanks a lot.

Questions on frontend :
1. Is it possible to show allowed roles / username for each page protected ?
2. Or displaying allowed pages for roles / username.
3. What is $page->prohibited use for ?

Link to comment
Share on other sites


1) You can parse out what you need like this:



2) Same as above really, although it will be a little less efficient.

3) It returns true / false if a page is prohibited for the current user.

  • Like 1
Link to comment
Share on other sites

  • 3 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Similar Content

    • By monollonom
      (once again I was surprised to see a work of mine pop up in the newsletter, this time without even listing the module on PW modules website 😅. Thx @teppo !)
      Github: https://github.com/romaincazier/FieldtypeQRCode
      Modules directory: https://processwire.com/modules/fieldtype-qrcode/
      A simple fieldtype generating a QR Code from the public URL of the page, and more.
      Using the PHP library QR Code Generator by Kazuhiko Arase.

      In the field’s Details tab you can change between .gif or .svg formats. If you select .svg you will have the option to directly output the markup instead of a base64 image. SVG is the default.
      You can also change what is used to generate the QR code and even have several sources. The accepted sources (separated by a comma) are: httpUrl, editUrl, or the name of any text/URL/file/image field.
      If LanguageSupport is installed the compatible sources (httpUrl, text field, ...) will return as many QR codes as there are languages. Note however that when outputting on the front-end, only the languages visible to the user will be generated.
      Unformatted value
      When using $page->getUnformatted("qrcode_field") it returns an array with the following structure:
      [ [ "label" => string, // label used in the admin "qr" => string, // the qrcode image "source" => string, // the source, as defined in the configuration "text" => string // and the text used to generate the qrcode ], ... ] Formatted value
      The formatted value is an <img>/<svg> (or several right next to each other). There is no other markup.
      Should you need the same markup as in the admin you could use:
      $field = $fields->get("qrcode_field"); $field->type->markupValue($page, $field, $page->getUnformatted("qrcode_field")); But it’s a bit cumbersome, plus you need to import the FieldtypeQRCode's css/js. Best is to make your own markup using the unformatted value.
      Static QR code generator
      You can call FieldtypeQRCode::generateQRCode to generate any QR code you want. Its arguments are:
      string $text bool $svg Generate the QR code as svg instead of gif ? (default=true) bool $markup If svg, output its markup instead of a base64 ? (default=false) Hooks
      Please have a look at the source code for more details about the hookable functions.
      $wire->addHookAfter("FieldtypeQRCode::getQRText", function($event) { $page = $event->arguments("page"); $event->return = $page->title; // or could be: $event->return = "Your custom text"; }) $wire->addHookAfter("FieldtypeQRCode::generateQRCodes", function($event) { $qrcodes = $event->return; // keep everything except the QR codes generated from editUrl foreach($qrcodes as $key => &$qrcode) { if($qrcode["source"] === "editUrl") { unset($qrcodes[$key]); } } unset($qrcode); $event->return = $qrcodes; })
    • By Sebi
      AppApiFile adds the /file endpoint to the AppApi routes definition. Makes it possible to query files via the api. 
      This module relies on the base module AppApi, which must be installed before AppApiFile can do its work.
      You can access all files that are uploaded at any ProcessWire page. Call api/file/route/in/pagetree?file=test.jpg to access a page via its route in the page tree. Alternatively you can call api/file/4242?file=test.jpg (e.g.,) to access a page by its id. The module will make sure that the page is accessible by the active user.
      The GET-param "file" defines the basename of the file which you want to get.
      The following GET-params (optional) can be used to manipulate an image:
      width height maxwidth maxheight cropX cropY Use GET-Param format=base64 to receive the file in base64 format.
    • By MarkE
      This fieldtype and inputfield bundle was built for storing measurement values within a field, rendering them in a variety of formats and converting them to other units or otherwise modifying them via the API.
      The API consists of a number of predefined functions, some of which include...
      render() for rendering the measurement object, valueAs() for converting the value to another unit value, convertTo() for converting the whole measurement object to different units, and add() and subtract() for for modifying the stored value by the value (converted as required) in another measurement. In the admin the inputfield includes a checkbox (which can be optionally disabled) for converting values on page save. For an example if a value was typed in as centimeters, the unit was changed to metres, and the page saved with this checkbox selected, said value would be automatically converted so that e.g. 170 cm becomes 1.7 m.

      A simple length field using Fieldtype Measurement and Inputfield Measurement.
      Combination units (e.g. feet and inches) are also supported.
      Please note that this module is 'proof of concept' at the moment - there are limited units available and quite a lot of code tidying to do. More units will be added shortly.
      See the GitHub at https://github.com/MetaTunes/FieldtypeMeasurement for full details and updates.
    • By tcnet
      File Manager for ProcessWire is a module to manager files and folders from the CMS backend. It supports creating, deleting, renaming, packing, unpacking, uploading, downloading and editing of files and folders. The integrated code editor ACE supports highlighting of all common programming languages.

      This module is probably the most powerful module. You might destroy your processwire installation if you don't exactly know what you doing. Be careful and use it at your own risk!
      ACE code editor
      This module uses ACE code editor available from: https://github.com/ajaxorg/ace

      This module uses the JavaScript dragscroll available from: http://github.com/asvd/dragscroll. Dragscroll adds the ability to drag the table horizontally with the mouse pointer.
      PHP File Manager
      This module uses a modified version of PHP File Manager available from: https://github.com/alexantr/filemanager
    • By tcnet
      This module implements the website live chat service from tawk.to. Actually the module doesn't have to do much. It just need to inserted a few lines of JavaScript just before the closing body tag </body> on each side. However, the module offers additional options to display the widget only on certain pages.
      Create an account
      Visit https://www.tawk.to and create an account. It's free! At some point you will reach a page where you can copy the required JavaScript-code.

      Open the module settings and paste the JavaScript-code into the field as shown below. Click "Submit" and that's all.

      Open the module settings
      The settings for this module are located int the menu Modules=>Configure=>LiveChatTawkTo.

  • Create New...