Frontend loging in phpwcms

Post custom hacks and enhancements for phpwcms here only. Maybe some of these things will be included in official release later.
pyhavaim
Posts: 9
Joined: Thu 5. Aug 2004, 23:35
Location: Estonia

I become a lazybones

Post by pyhavaim »

Sorry for not being for you, but it seems that now you got started it. :wink:

Also notice this that sitemap still shows private siteinfo.
Also some meny items doesn't allow those rules witch shouldn't show for unauthorized persons.

for sitemap I added those lines of code.
again modify inc_front\front.func.inc.php
lookup codeline 2108 there should be function named by build_sitemap
replace oldf function with this

Basically I added 2 lines of code, whitch does'nt show private articles.

Code: Select all

if($_SESSION["frontend_user_in"] && $GLOBALS['content']['struct'][$key]["acat_regonly"]) 
			$GLOBALS['content']['struct'][$key]["acat_regonly"] = 0;

		if ($start == $GLOBALS['content']['struct'][$key]['acat_struct'] && 
			!$GLOBALS['content']['struct'][$key]['acat_hidden'] && $key &&
			$GLOBALS['content']['struct'][$key]["acat_regonly"]==0)

Code: Select all

function build_sitemap($start=0, $counter=0) {
	// create sitemap

	$s = '';
	$c = '';
	$counter++;
	

	if($GLOBALS['sitemap']['classcount']) {
		if($GLOBALS['sitemap']['catclass']) $c = ' class="'.$GLOBALS['sitemap']['catclass'].$counter.'"';
	} else {
		if($GLOBALS['sitemap']['catclass']) $c = ' class="'.$GLOBALS['sitemap']['catclass'].'"';
	}
	
	foreach($GLOBALS['content']['struct'] as $key => $value) {
		if($_SESSION["frontend_user_in"] && $GLOBALS['content']['struct'][$key]["acat_regonly"]) 
			$GLOBALS['content']['struct'][$key]["acat_regonly"] = 0;

		if ($start == $GLOBALS['content']['struct'][$key]['acat_struct'] && 
			!$GLOBALS['content']['struct'][$key]['acat_hidden'] && $key &&
			$GLOBALS['content']['struct'][$key]["acat_regonly"]==0)
		{
			$s .= '<li'.$GLOBALS['sitemap']['cat_style'].$c.'>';
						
			if(!$GLOBALS['content']['struct'][$key]["acat_redirect"]) {
				$s .= '<a href="index.php?';
				if($GLOBALS['content']['struct'][$key]['acat_alias']) {
					$s .= $GLOBALS['content']['struct'][$key]['acat_alias'];
				} else {
					$s .= 'id='.$key.',0,0,1,0,0';
				}
			} else {
				$redirect = get_redirect_link($GLOBALS['content']['struct'][$key]["acat_redirect"], ' ', '');
				$s .= '<a href="'.$redirect['link'].'"'.$redirect['target'];
			}
			
			$s .= '">';
			$s .= html_specialchars($GLOBALS['content']['struct'][$key]['acat_name']);
			$s .= '</a>';
			if($GLOBALS['sitemap']["display"]) $s .= build_sitemap_articlelist($key, $counter);
			
			$s .= build_sitemap($key, $counter);
			
			$s .= "</li>\n";
		}
	}


	if($s) $s = "\n<ul".$c.">\n".$s.'</ul>';
	
	return $s;
}
I changed 2 lines of code in it and now it shouldn't show private area in sitemap.
cyrano
Posts: 1598
Joined: Sat 31. Jan 2004, 18:33
Location: Stuttgart
Contact:

Post by cyrano »

Hi pyhavaim,

thank you for your reply and the advanced code.

I played a little bit with structure levels and found, that also my menü (NAV_TABLE_COLUMN) will be dis-sorted at the moment.

So I think it works, I had to think about how to organise my structure now.

Is it easy to anhance the login that users setup in backend will only be able to login with their name and pw, but cannot login into the backend?

Perhaps with adding a string or a special labeling of the names?

Good work anyway, happy now for getting deeper in customizing sites.
Gruß/ regards cyrano
--------------------------------------------------------
templates -> http://www.128.weitzelmedia.de
planepix -> http://www.planepix.de
XING -> https://www.xing.com/profile/Thomas_Weitzel3
pyhavaim
Posts: 9
Joined: Thu 5. Aug 2004, 23:35
Location: Estonia

Post by pyhavaim »

Hi

Yes NAV_TABLE_COLUMN also does'nt work as it should. Basically what you have to add is this kind of code.

Here is the trick what you have to look for
usually in those cases there is code like this:

Code: Select all

foreach($struct as $key => $value) {
		if($struct[$key]["acat_struct"] == $act_cat_id && $key && !$struct[$key]["acat_hidden"]) $c++;
	}
It basically checks isn't this article category hidden, so we have to add also user logged in cheking.
Now you add line in for clause

Code: Select all

	if($_SESSION["frontend_user_in"] && $struct[$key]["acat_regonly"]) 
			$struct[$key]["acat_regonly"] = 0;	 
this peace of code cheks is user logged in and if this article category checked as registred users only.
So if user is logged in and article is restricted area, you just tell that this article category is not restricted for this user.

Now you modify this part of code

Code: Select all

if($struct[$key]["acat_struct"] == $act_cat_id && $key && !$struct[$key]["acat_hidden"]) $c++;
now as you can see in this line of code, there is only check that prevents showing hidden articles, now you add also private article check.

Code: Select all

		if($struct[$key]["acat_struct"] == $act_cat_id && $key != $act_cat_id && !$struct[$key]["acat_hidden"]&&[b]$struct[$key]["acat_regonly"]==0[/b]) {
//and so on...
Is it easy to anhance the login that users setup in backend will only be able to login with their name and pw, but cannot login into the backend?
It is simple if you only add one user , it is more complicated if you want to add user managment system, I did'nt need it so I did'nt do it.
Basically what you have do to is add new user, but set user not active.
Then modify authorize.php and remove AND usr_aktiv=1
voila :wink:
ssyfrig
Posts: 364
Joined: Tue 2. Mar 2004, 17:01
Location: Zürich / Switzerland
Contact:

Post by ssyfrig »

Hi

Witch one is the last Code for this hack? There is a lot of code example
in this thread. I hope this is not a stupid question

Thanks, Sven
rsantifort
Posts: 68
Joined: Mon 9. Feb 2004, 00:44

Put the code in a downloadable zip file

Post by rsantifort »

Indeed al lot of code is spammed through the forum. Can someone put in a reasonable zip file with the latest code in it. Maybe starting a version number helps all the users in this forum to determine what to use and download.

Thankz & Greetz!
kerthi
Posts: 23
Joined: Tue 14. Sep 2004, 18:22

Post by kerthi »

YES! That would be great!

thx kerthi
vello
Posts: 44
Joined: Wed 24. Mar 2004, 12:21
Location: Estonia
Contact:

Post by vello »

Hi,
When I log in, session is still open until I close browser.
I think we need option to log out, or defined session duration
Vello
cyrano
Posts: 1598
Joined: Sat 31. Jan 2004, 18:33
Location: Stuttgart
Contact:

Post by cyrano »

as we could know the frontend login comes with the next release, so i can wait, but when we could know it isn't, than i'll also be looking to get a solution there.

is it or is it not (close to shakespeare) ;-)
Last edited by cyrano on Thu 4. Nov 2004, 11:07, edited 1 time in total.
Gruß/ regards cyrano
--------------------------------------------------------
templates -> http://www.128.weitzelmedia.de
planepix -> http://www.planepix.de
XING -> https://www.xing.com/profile/Thomas_Weitzel3
vello
Posts: 44
Joined: Wed 24. Mar 2004, 12:21
Location: Estonia
Contact:

Post by vello »

we need Holy Ghost :wink:
(with respect to pyhavaim)
Vello
ssyfrig
Posts: 364
Joined: Tue 2. Mar 2004, 17:01
Location: Zürich / Switzerland
Contact:

Post by ssyfrig »

Hi zusammen

Könnte jemand den Hack als ZIP file zur Verfüung stellen oder hier nochmal den letzten Stand des Hack posten.

Danke & Gruss Sven
Paal
Posts: 204
Joined: Wed 6. Oct 2004, 19:54
Location: Budapest, Hungary
Contact:

Post by Paal »

Hallo Man, not working... :(

1. modify index.php:
uncomment on line 34

Code: Select all

session_start();
2. make a new php file in phpwcm root directory and name it authorize.php and add following code in

Code: Select all

<?php
if(isset($_POST['form_aktion']) && $_POST['form_aktion'] == 'login') {

   $login_passed = 0;
   $wcs_user = slweg(trim($_POST['form_loginname']));
   $wcs_pass = slweg(trim($_POST['form_password']));
   
   $sql_query =   "SELECT * FROM ".DB_PREPEND."phpwcms_user WHERE usr_login='".
               aporeplace($wcs_user)."' AND (usr_pass=PASSWORD('".
               aporeplace($wcs_pass)."') OR usr_pass='".
               aporeplace(md5($wcs_pass))."') AND usr_aktiv=1;";

   if($result = mysql_query($sql_query)) {
      if($row = mysql_fetch_array($result)) {
         $_SESSION["wcs_user"]         = $wcs_user;
         $_SESSION["wcs_pass"]         = $wcs_pass;
         $_SESSION["wcs_user_name"]       = ($row["usr_name"]) ? $row["usr_name"] : $wcs_user;
         $_SESSION["wcs_user_id"]      = $row["usr_id"];
         $_SESSION["wcs_user_aktiv"]      = $row["usr_aktiv"];
         $_SESSION["wcs_user_rechte"]   = $row["usr_rechte"];
         $_SESSION["wcs_user_email"]      = $row["usr_email"];
         $_SESSION["wcs_user_avatar"]   = $row["usr_avatar"];
         $_SESSION["wcs_user_logtime"]   = time();
         $_SESSION["wcs_user_admin"]      = $row["usr_admin"];
         $_SESSION["wcs_user_thumb"]      = 1;
         if($row["usr_lang"]) {
            $_SESSION["wcs_user_lang"]   = $row["usr_lang"];
         }                  
         $_SESSION["structure"]   = unserialize($row["usr_var_structure"]);
         $_SESSION["klapp"]      = unserialize($row["usr_var_privatefile"]);
         $_SESSION["pklapp"]      = unserialize($row["usr_var_publicfile"]);
         
         $login_passed = 1;   
         $_SESSION["frontend_user_in"]=true;   //changed this one
      }
      mysql_free_result($result);
   }   
}
?>
3. Then I made a custom form and named it frm_Login.php BUT insert require_once ("include/inc_lib/general.inc.php"); code (reference):

Code: Select all

<?php
	require_once ("include/inc_lib/general.inc.php");
?>

<table border="0" cellpadding="0" cellspacing="0">
      <form name="login_formular" method="post" action="<?php echo $_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING'] ?>" autocomplete="off">
        <tr><td width="389" class="title"><?php echo $GLOBALS["template_default"]["login_text"]; ?></td></tr>
      <?php
      if($err) {
         echo '<tr><td><img src="img/leer.gif" width="1" height="10"></td></tr>';
         echo '<tr><td class="error"><strong>'.$GLOBALS["template_default"]["login_error"].'</strong></td></tr>';
      }
     ?>
        <tr><td><img src="img/leer.gif" width="1" height="12"></td></tr>
        <tr><td class="v10"><?php echo $GLOBALS["template_default"]["login_username"] ?>:</td></tr>
        <tr><td><input name="form_loginname" type="text" id="form_loginname" class="f11b" style="width:250px;" size="30" maxlength="30" value="<?php echo html_specialchars($wcs_user); ?>"></td></tr>
        <tr><td><img src="img/leer.gif" width="1" height="3"></td></tr>
        <tr><td class="v10"><?php echo $GLOBALS["template_default"]["login_userpass"] ?>:</td></tr>
        <tr><td><input name="form_password" type="password" id="form_password" class="f11b" style="width:250px;" size="30" maxlength="20"></td></tr>
        <tr><td><img src="img/leer.gif" width="1" height="3"></td></tr>
        <tr><td><img src="img/leer.gif" width="1" height="18"></td></tr>
        <tr><td><input name="Submit" type="submit" class="button10" value="<?php echo $GLOBALS["template_default"]["login_button"] ?>"><input name="form_aktion" type="hidden" id="form_aktion" value="login"></td></tr>
      </form>
    </table>
4. also I added some lines into include\inc_conf\conf.template_default.inc.php

Code: Select all

// login form template
$template_default["login_text"]            = "Please Log in";
$template_default["login_error"]         ="Wrong password";
$template_default["login_username"]         ="Username";
$template_default["login_userpass"]         ="Password";
$template_default["login_button"]         ="Login";
5. I had to change include\inc_front\content_func.inc.php
Find out code like

Code: Select all

$content["all"] = str_replace('{CONTENT}', $content["main"], $content["all"]); 
and add there code which is cheking from site structure frontend menu status: is this visible for users logged on only.

Code: Select all

$cat=$content["cat_id"];
if($content["struct"][$cat]["acat_regonly"]==1)
{
//echo "Private area!!!";
   include_once("authorize.php");
   if(!$_SESSION["frontend_user_in"]) {
      
      //show log in form, instead of page content";
      $content["main"]="{PHP:frm_Login.php}";
   }
}
$content["all"] = str_replace('{CONTENT}', $content["main"], $content["all"]); 
6. I had to create new site structura level: "hidden" with chechked frontend menu status: "hide" and "visible for users logged on only" and status: checked "visible" and "public". (reference...)

7. and added "ext. content" with file/URL: http://localhost/fl/frm_Login.php, visible.

8. and added plain text content part in "Partner login" page:
[ID 78] User login [/ID]

The ID 78 is the ext. content (frm_Login.php) id.

When I click the login link, comes the login page without words, only form tags, but in the source:

Code: Select all

<form name="login_formular" method="post" action="http://localhost/fl/fl/frm_Login.php?" autocomplete="off">
<form name="login_formular" method="post" action="http://localhost/fl/fl/frm_Login.php?" autocomplete="off">

Why two "fl" directory? The real path is: "http://localhost/fl/frm_Login.php"


Shortly..

O, and, where I can find this MOD (reference):
Image
Image

Tnx, Paul
kelley
Posts: 33
Joined: Thu 13. May 2004, 08:02

blank admin page

Post by kelley »

Hello everyone,

I am tring to the fronend login to work and followed Paal last post step by step. But when the site comes up its blank and so is the admin once I login.

I noticed that its in the conf.template_default.inc.php. When I comment it out the site works again and I can login.

I have placed the code at both the top and bottom of the page but no luck.

conf.template_default.inc.php code

Code: Select all

// login form template 
$template_default["login_text"]            = "Please Log in"; 
$template_default["login_error"]         ="Wrong password"; 
$template_default["login_username"]         ="Username"; 
$template_default["login_userpass"]         ="Password"; 
$template_default["login_button"]         ="Login";
Is there something I am missing to get this mod to work?

Thanks for the help
pyhavaim
Posts: 9
Joined: Thu 5. Aug 2004, 23:35
Location: Estonia

Post by pyhavaim »

Hi sorry again, not beeing for you. But it has been very buzy time for me.

As mentioned before, you have to add a user, and if you don't want that he/she get access to admin part, you just have to make this user not active.

Also in site stucture, where you want to make private area, mark checkbox on frontend menu status: visible for users logged on only. Basically that's it.

Also I zipped all changed code in this filehack so be carefull in replacing those files.

PS. I don't know why this forum did'nt send me a message that threre are new posts in this topic, so basically that's why I did'nt reply for postings.
Last edited by pyhavaim on Mon 13. Dec 2004, 11:48, edited 1 time in total.
vello
Posts: 44
Joined: Wed 24. Mar 2004, 12:21
Location: Estonia
Contact:

Post by vello »

hi pyhavaim,
this download link we can't use
Vello
Post Reply