Userpanel CP

[Klappstuhl28]

hi phalancs,

I guess user specific content won't ever work without a registration!

I think what _sarah means is that there will be a registration but not
by the user thereselves. You send them their new account-details and
when fritze h. log in with his dates he will be directed to his content.

I searched fo a solution also but without any idea how to deal.

Anyway, thanks so far for you userpanel

[culda_a]

have instal in my site the userpanel and is working ok but I try to install in a new site and I done everything the same ...also I have copy over the files from my site to be sure that I did not forghet anything and.... Surprise

The user panel apear I can set is but after I press save or create it shows me that is saved but all the filds are empty only the title is remaining (in the backend) in frontend in the site it show me only 2 filds and the go buton no text like Login password ... and I have set them .

If I try to edit the content userpanel it shows me tht insite is only the title the other filds are empty.

Any clue what is wrong????

[chatnick]

hallo leute,

ja die FE login geschichte scheint ja ganz spannend zu sein. habe dass V2 modul auch installiert. vorübergehend wird es ausreichen aber es ist nicht abgestimmt mit den PHPWCMS grund funktionen. ich habe verschiedene seiten die ich nur für bestimmt user zugänglich machen will. es ist aber so,, wenn der user eingeloggt ist und die seitenrechte für eine bestimmte seite vergeben wurden wird. dies ignoriert wen der user den direkten link kennt.. oder habe ich hier was übersehen ??

[wireless]

Here is what I am currently using to register users.
I am sure it needs a little cleaning up however.

The first page is called: register.php

Code: Select all

<?php require_once('Connections/registerconfig.php'); ?>
<?php
function sendMail($to, $hash) {
  $message = "Thanks for registering at my site.  In order to enable your login you will have to validate your email address by clicking on the following link:\n\n";
  $message .= "http://www.yourwebsite.com/path to/validate.php?hash=$hash\n\n";
  $message .= "All that this will do is confirm to our system that you have received this email and that the email address that you entered is therefore valid";
  mail($to,"Please confirm your email address",$message);
}

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {

$hash = md5(uniqid("reg_",true).$_POST['usr_email']);  
$insertSQL = sprintf("INSERT INTO phpwcms_user (usr_login, usr_pass, usr_email, usr_name, user_hash) VALUES (%s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['usr_login'], "text"),
                       GetSQLValueString(MD5($_POST['usr_pass']), "text"),
                       GetSQLValueString($_POST['usr_email'], "text"),
                       GetSQLValueString($_POST['usr_name'], "text"),
					GetSQLValueString($hash,"text"));

  mysql_select_db($database_name, $name);
  $Result1 = mysql_query($insertSQL, $name) or die(mysql_error());
  sendMail($_POST['usr_email'],$hash);
  $insertGoTo = "thanks.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_validateForm() { //v4.0
  var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
  for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
    if (val) { nm=val.name; if ((val=val.value)!="") {
      if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
        if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
      } else if (test!='R') { num = parseFloat(val);
        if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
        if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
          min=test.substring(8,p); max=test.substring(p+1);
          if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
    } } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
  } if (errors) alert('The following error(s) occurred:\n'+errors);
  document.MM_returnValue = (errors == '');
}
//-->
</script>
</head>

<body>
<form action="<?php echo $editFormAction; ?>" method="POST" name="form1" onSubmit="MM_validateForm('usr_login','','R','usr_email','','RisEmail','usr_pass','','R');return document.MM_returnValue">
  <table border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td>Login Name</td>
      <td><input name="usr_login" type="text" id="usr_login"></td>
    </tr>
    <tr>
      <td>Email Address </td>
      <td><input name="usr_email" type="text" id="usr_email"></td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input name="usr_pass" type="password" id="usr_pass"></td>
    </tr>
    <tr>
      <td>Real Name </td>
      <td><input name="usr_name" type="text" id="usr_name"></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Register"></td>
    </tr>
  </table>
  <input type="hidden" name="MM_insert" value="form1">
</form>
</body>
</html>

Next page I call: validate.php

Code: Select all

<?php require_once('Connections/registerconfig.php'); ?>
<?php 
session_start();
 
 $colname_rstUser = "1";

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "tinyint":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
if ($_POST['valcode']==$_SESSION['valcode']) {
  $updateSQL = sprintf("UPDATE phpwcms_user SET usr_aktiv=1, user_level=1 WHERE user_hash=%s",
                       GetSQLValueString($_POST['user_hash'], "text"));


  mysql_select_db($database_name, $name);
  $Result1 = mysql_query($updateSQL, $name) or die(mysql_error());

  $updateGoTo = "index.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
} else { 
header(sprintf("Location: validate.php?hash=%s",$_POST['user_hash']));
 }
}
 


if (isset($_GET['hash'])) {
  $colname_rstUser = (get_magic_quotes_gpc()) ? $_GET['hash'] : addslashes($_GET['hash']);
}
mysql_select_db($database_db name, $name);
$query_rstUser = sprintf("SELECT usr_login, user_level FROM phpwcms_user WHERE user_hash = '%s'", $colname_rstUser);
$rstUser = mysql_query($query_rstUser, $name) or die(mysql_error());
$row_rstUser = mysql_fetch_assoc($rstUser);
$totalRows_rstUser = mysql_num_rows($rstUser);
 $_SESSION['valcode'] = sprintf("%04d",mt_rand(1,9999));
?>



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Validation Set</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<?php if ($totalRows_rstUser == 0) { // Show if recordset empty ?>
 
<p>The has you</p>
<?php } // Show if recordset empty ?>
<p>&nbsp;</p>

<?php if ($totalRows_rstUser > 0) { // Show if recordset not empty ?>

<?php if ($row_rstUser['user_level']==0) { // Select between validated or not ?>

<p>Welcome <?php echo $row_rstUser['usr_login']; ?>, To continue validating your account please enter the number 
shown below into the box provided and click on Next to continue: </p>
<form name="form1" method="POST" action="<?php echo $editFormAction; ?>">

  <img src="valimage.php" width="45" height="20"> 

  <input name="valcode" type="text" id="valcode">

<input name="user_hash" type="hidden" id="user_hash" value="<?php echo $_GET['hash']; ?>"> 


  <input type="submit" name="Submit" value="Next">
  <input type="hidden" name="MM_update" value="form1">
</form>






<?php } else { ?> 

<p>Your account has already been validated. If you have forgotten your password, 
please click here to have your password reset and emailed to you.</p>

<?php } // Select between validated or not ?> 

<?php } // Show if recordset not empty ?>


<p>&nbsp;  </p>
</body>
</html>
<?php
mysql_free_result($rstUser);
?>

Next page I call: valimage.php

Code: Select all

<?php session_start();
$im = imagecreate(45,20);
$im = imagecreate(45,20); 

$blue = imagecolorallocate($im, 0, 0, 255); 
$grey = imagecolorallocate($im, 153, 153, 153); 
$dblue = imagecolorallocate($im, 0, 0, 153);

$x = 5; $w = imagefontwidth(5);
$range = 20 - imagefontheight(5);
for ($i=4; $i<=39; $i=$i+5) {
 imageline($im, $i, 0, $i, 19, $dblue);
} 
for ($i=4; $i<=14; $i=$i+5) {
 imageline($im, 0, $i, 44, $i, $dblue);
}
for ($i=0;$i<strlen($_SESSION['valcode']);$i++) {
imagestring($im, 5, $x, mt_rand(0,$range), $_SESSION['valcode'][$i], $grey);
 $x += $w;
}
header("Content-type: image/png");
imagepng($im); 
imagedestroy($im); 
?>

and finaly: thanks.php

Code: Select all

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.style2 {
	font-size: 10px;
	font-weight: bold;
}
-->
</style>
</head>

<body>
<p>Thank you for Registering for Your Site Here.</p>
<p>Please check your email for a message from us to validate your e-mail address.</p>
<p>Support Team<br>
Your Site.com   </p>
</body>
</html>

I Place the above images in the root of my phpwcms install directory.

The final file is: registerconfig.php

Code: Select all

<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_name = "localhost";
$database_name = "db name";
$username_name = "db username";
$password_name = "db password";
$dbname = mysql_pconnect($hostname_name, $username_name, $password_name) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

You will ofcourse have to add a few things to your phpwcms_user table in order to work.

I am sure it needs work due to all the hard coding of database "name" through out the pages but hey, dreamweaver did all the work

Thanks to all

[phalancs]

@Klappstuhl28: Ok, the redirection target is always the same, BUT you can limit access for every user. So basically you could have a members site and substructures visible for a certain user only.

@wireless: thanx for sharing

@chatnick: Nein, User haben keinen Zugriff auf versteckte Seiten, auch nicht, wenn sie den link kennen.

Das ist aber streng genommen auch nicht die aufgabe des userpanels. es ist keine core code erweiterung, sondern ein userpanel . Dennoch habe ich ja in der install.txt eine erweiterung bzgl. der content reglementierung erwähnt.......

[ff123]

Hi volkman:

there were some difficulties within the mentioned piece of code, so i corrected them (admin tag was always shown & name of the gif picture was wrong for my version).

Code: Select all

knip

Use this code to show this red box only if an admin is logged in.
Replace a similar looking block in line 184 in the index.php.

Thx to volkman for this hint.

Hi,

Do I have to replace this piece of code?:

if(VISIBLE_MODE == 1 || VISIBLE_MODE == 2) {
$content['page_end'] = '<div id="VisualMODE" style="position:absolute;left:5px;bottom:5px;padding:5px;z-index:1;background-color:#FF3300;color:#FFFFFF;border:1px solid #000000;">';
$content['page_end'] .= VISIBLE_MODE == 1 ? 'user: ' : 'admin: ';
$content['page_end'] .= html_specialchars($_SESSION['wcs_user']);
$content['page_end'] .= "</div>\n</body>\n</html>";
} else {
$content['page_end'] = "</body>\n</html>";
}

It's on line 170, line 184 shows different code.

Regards, groeten,
Vuurvos

[phalancs]

i guess yes

[ff123]

Hi,

I am editing in the backend and then watching the result in the frontend. When I switch back to the backend then and change something, then I am automatically logged out and redirected to the frontend.

It seems I only have this problem with FIREFOX, OPERA and IE7. In IE6 it works fine.

See also post:
http://www.phpwcms.de/forum/viewtopic.php?t=11375

Regards, groeten,
Vuurvos

[phalancs]

hmm interesting. I do not user Forefox etc. and i haven't yet seen this behavior.

Anyways i do not think that it is a general proglem, otherwise there would have already been much more information about it until now. Hmm, maybe some of the installed enhancements do not work together properly. Anyways, basically this really sounds like a userpanel issue.

Hmm, any infos on that, someone?

[StudioZ]

checking.... just a sec...

OK. I can confirm.
I have this unpredictable issue since Oliver's latest Frontend
Edit button feature for the index.php file. This is not major for now.
You still can save lots of time with this new possibility.
I have this issue on a site where Phalancs'
Frontend Content Part is: NOT installed.

Conclusion:
This is NOT an issue related to Phalancs' Frontend Content Part

Cheers,

[grantdutoit]

@wireless

how do you put the files you posted here: http://www.phpwcms.de/forum/viewtopic.p ... &start=225 together?

i created a folder called Connections and put all the files into it. it did not work. i then made a new page in the site structure and created an article. I redirected it to register.php. it took me to register.php but once i completed the form it gave me this url: http://mydomainname.co.za/diya/register.php? and the screen is blank.

Then i tried to put the code into the article as HTML. It brings up the register page and that is great. When i complete the form and send it, I get the following: http://mydomainname.co.za/diya/%3C?php% ... on;%20?%3E

Can you explain why i get this or even better tell me how to do this step by step? or provide me with login details where i can see how it is done. eitherway, look forward tro hearing from you.

Many thanks,
Grant

[frosin]

Hi there!

This seams to be exactly what I'm looking for... I'm pretty new to the phpwcms, but find it very useful now that I'm planing on making a site for a tenant-owner's association. As I found the Forum part of phpwcms it made it even more simple for me

But there is one problem (and I think this hack fixes that) and that is that the users (the tenants) cant really login somewhere to use the forum. Ofcourse, I only want the tenants to be able to use it...

But there is one problem, I cant get access to your site to download your hack... I've tried the user:phpwcms and also tried to register, but it doesnt work. All I get is "Daten prüfen!".

How do I do?

[phalancs]

hi!

Well, yes the forum thing is a major issue, bút it has nothing to do with the pnale. It is a problem of the phpwcms-internal user management. It is not the purpose of the panel to provide an interface between logging and forum, It is just about enabling frontend login with the given backend user functionality. And forum-user functions still do not work.

P.S.: for the site this logon does not work anywore, create a new one. see page enym.com for details.

[jread2]

I've seen this problem posted a couple times, but haven't seen the answer yet. I have everything installed and can generate the login panel. However, I cannot log in. When I enter login information and submit, it merely reloads the page. If I log into the backend in another window, the panel indicates that I am logged in and will let me log out. Any idea what the issue is? Someone mentioned caching, but I'm not sure I understand what they were referring to.

[rushclub]

the new version 1.2.7 has the contentpart-selector instead of the user-selector under any structure-level, so the login cp isn´t working anymore. is there any solution on this topic?

rush