Joomla! :: View topic - [RESOURCE]Force login before access to site

Joomla! http://forum.joomla.org/

[RESOURCE]Force login before access to site - my solution http://forum.joomla.org/viewtopic.php?f=32&t=1483	Page 1 of 2

Author:	toubkal [ Wed Aug 24, 2005 10:18 pm ]
Post subject:	[RESOURCE]Force login before access to site - my solution
I am sure that this has been done before, but I was quite pleased with the result so I thought that I would show you how I created a template which forces a login before access to the site. basicaaly a couple of php conditional statements. in plain english: if user is logged in { present the normal template } else { present a minimal template which only contains the login module and additionallly if the visitor requests the lost password or registration page let them see that too } and the code: Code: <body> <!-- Check to see if visitor is logged in --> <?php if ( $my->id) {?> <!-- IS logged in so deliver normal template Your normal template HTML here --> <?php } else {?> <!-- Visitor NOT logged in so deliver the login page HTML for the minimal login page - I have made it REALLY minimal for this example --> <div> <!-- here we load a module position for the login module In the admin panel only assign the login module to this position --> <?php mosLoadModules ( 'user5', -2 ); ?> </div> <!-- here we check if the visitor needs the Registration page/forgotten password page --> <?php if ($option == 'com_registration'){ ?> <!-- YES visitor wants registration or forgotten password page so include mainbody content --> <div> <?php include ("mainbody.php"); ?> </div> <?php } ?> <!-- end of needs registration/forgotten password check --> <?php } ?> </body> I hope someone finds this useful IMPORTANT NOTE: If you are doing this for security - you should either remove all other templates from your site OR implement this modification on ALL templates. This is because the user can actually CHANGE THE TEMPLATE therefore bypassing this modification!!

Author:	vavroom [ Thu Aug 25, 2005 1:02 am ]
Post subject:	Re: Force login before access to site - my solution
Interesting solution toubkal. I know I've seen many people ask for something like that in the past at the "old" forum. I've never seen a need for it, but that's cool. I could actually see a use where you could deliever a different template/sections/categories depending on the login used to get in. With better ACL, that could turn out to be a very powerful solution

Author:	IcedGoblin [ Tue Oct 18, 2005 10:51 pm ]
Post subject:	Re: Force login before access to site - my solution
Hi toubkal, You are a genius for finding a solution to this problem, I am surprised that not many more people are looking for this solution!! I must confess however, I am a newbie, and would need a little help in implementing this correctly.... Is it my default template index.php that I need to edit, and where abouts do I need to place the php code? Your help would be greatly appreciated!

Author:	toubkal [ Tue Oct 18, 2005 11:20 pm ]
Post subject:	Re: Force login before access to site - my solution
I cannot be sure for all templates but basically if you take your current template index.php (make a backup of it) everything that is currently within your template's tags needs to go within the code I posted above, where it says: Your normal template HTML here --> Maybe it is easiest to post an example: If this was your template's index.php Code: <?php /** * template_name - Mambo 4.5.1 template * @version 4.5.1 * @copyright ( - All Rights Reserved * @license licensce info here / defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); $iso = split( '=', _ISO ); echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <?php if ( $my->id ) initEditor(); ?> <meta http-equiv="Content-Type" content="text/html; <?php echo _ISO; ?>" /> <?php mosShowHead(); ?> <?php echo "<meta name=\"author\" content=\"www.site.co.uk\" />" ?> <?php echo "<link rel=\"stylesheet\" href=\"$GLOBALS[mosConfig_live_site]/templates/$GLOBALS[cur_template]/css/template_css.css\" type=\"text/css\"/>" ; ?> <?php echo "<link rel=\"shortcut icon\" href=\"$GLOBALS[mosConfig_live_site]/images/favicon.ico\" />" ; ?> </head> <body> <div id="container"> <div id="page"> <div id="topnav"> <?php mosLoadModules ( 'user1', -1 ); ?> </div> <div id="modcol"> <?php mosLoadModules ( 'left', -2 ); ?> </div> <div id="content"> <?php mosLoadModules ( 'top', -2 ); ?> <?php include ("mainbody.php"); ?> <?php mosLoadModules ( 'footer', -2 ); ?> </div> </div> </div> </body> </html> the new version would look like: Code:* <?php /** * template_name - Mambo 4.5.1 template * @version 4.5.1 * @copyright ( - All Rights Reserved * @license licensce info here */ defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); $iso = split( '=', _ISO ); echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <?php if ( $my->id ) initEditor(); ?> <meta http-equiv="Content-Type" content="text/html; <?php echo _ISO; ?>" /> <?php mosShowHead(); ?> <?php echo "<meta name=\"author\" content=\"www.site.co.uk\" />" ?> <?php echo "<link rel=\"stylesheet\" href=\"$GLOBALS[mosConfig_live_site]/templates/$GLOBALS[cur_template]/css/template_css.css\" type=\"text/css\"/>" ; ?> <?php echo "<link rel=\"shortcut icon\" href=\"$GLOBALS[mosConfig_live_site]/images/favicon.ico\" />" ; ?> </head> <body> <!-- Check to see if visitor is logged in --> <?php if ( $my->id) {?> <!-- IS logged in so deliver normal template Your normal template HTML here --> <div id="container"> <div id="page"> <div id="topnav"> <?php mosLoadModules ( 'user1', -1 ); ?> </div> <div id="modcol"> <?php mosLoadModules ( 'left', -2 ); ?> </div> <div id="content"> <?php mosLoadModules ( 'top', -2 ); ?> <?php include ("mainbody.php"); ?> <?php mosLoadModules ( 'footer', -2 ); ?> </div> </div> </div> <?php } else {?> <!-- Visitor NOT logged in so deliver the login page HTML for the minimal login page - I have made it REALLY minimal for this example --> <div> <!-- here we load a module position for the login module In the admin panel only assign the login module to this position --> <?php mosLoadModules ( 'user5', -2 ); ?> </div> <!-- here we check if the visitor needs the Registration page/forgotten password page --> <?php if ($option == 'com_registration'){ ?> <!-- YES visitor wants registration or forgotten password page so include mainbody content --> <div> <?php include ("mainbody.php"); ?> </div> <?php } ?> <!-- end of needs registration/forgotten password check --> <?php } ?> </body> </html>

Author:	toubkal [ Wed Oct 19, 2005 7:26 am ]
Post subject:	Re: Force login before access to site - my solution
IcedGoblin I will answer your pm regarding the layout of the login page here so other can see too. You can create whatever layout you require. Think of the part after the as like a second template index just for the login form (and when required, the registration form) which uses the same css file for the styling. Here I have separated the two key parts to be placed in your layout: This is the bit to load the login module position Code: <div> <!-- here we load a module position for the login module In the admin panel only assign the login module to this position --> <?php mosLoadModules ( 'user5', -2 ); ?> </div> This is the part that delivers the lost password/registration form: Code: <!-- here we check if the visitor needs the Registration page/forgotten password page --> <?php if ($option == 'com_registration'){ ?> <!-- YES visitor wants registration or forgotten password page so include mainbody content --> <div> <?php include ("mainbody.php"); ?> </div> <?php } ?> <!-- end of needs registration/forgotten password check --> You can use css to style the login area, using the same style sheet as for the main template if you wish.

Author:	wolfcreek [ Fri Oct 28, 2005 12:00 pm ]
Post subject:	Re: Force login before access to site - my solution
Also, it needs to be pointed out that anyone using Community Builder or CBE must replace "com_registration" with "com_comprofiler" or else you won't be able to add people through your CB user manager. It's a problem if you require mail verification or profile approval. Just a point of clarification here. BTW, it's a great addition Toubkal. I utilize it on my sites and will be working it into a couple of my clients. Wolf.

Author:	warmac [ Sun Oct 30, 2005 12:58 am ]
Post subject:	Re: Force login before access to site - my solution
wolfcreek wrote: Also, it needs to be pointed out that anyone using Community Builder or CBE must replace "com_registration" with "com_comprofiler" or else you won't be able to add people through your CB user manager. It's a problem if you require mail verification or profile approval. Just a point of clarification here. BTW, it's a great addition Toubkal. I utilize it on my sites and will be working it into a couple of my clients. Wolf. what do you mean be replacing com_registration with com_comprofiler, how do we do that ? by deleting com_reg folder ? or through the admin panel somewhere

Author:	dmcole [ Sun Oct 30, 2005 1:05 am ]
Post subject:	Re: Force login before access to site - my solution
warmac wrote: what do you mean be replacing com_registration with com_comprofiler, how do we do that ? by deleting com_reg folder ? or through the admin panel somewhere Scroll back up and find this line in his code: Code: <!-- here we check if the visitor needs the Registration page/forgotten password page --> <?php if ($option == 'com_registration'){ ?> if you're using CB, that line should read ... Code: <!-- here we check if the visitor needs the Registration page/forgotten password page --> <?php if ($option == 'com_profiler'){ ?> \dmc

Author:	warmac [ Sun Oct 30, 2005 1:28 am ]
Post subject:	Re: Force login before access to site - my solution
ok I think I understand according to the above example, but when I tried to put that into my index the entire page goes blank I've never used user5 position before according to the positioning user5 is at the bottom of the page

Author:	warmac [ Sun Oct 30, 2005 2:07 am ]
Post subject:	Re: Force login before access to site - my solution
all this time trying to get the community builder to work with Joomla and I find out that the version doesn't work with Joomla but supposely the next version will. Guess I'll unstaill it for now and wait

Author:	wolfcreek [ Mon Oct 31, 2005 11:46 am ]
Post subject:	Re: Force login before access to site - my solution
warmac wrote: ok I think I understand according to the above example, but when I tried to put that into my index the entire page goes blank I've never used user5 position before according to the positioning user5 is at the bottom of the page Warmac, you can use any position you want, but you just need to make sure that it is a dedicated position with the login issue specifically in place. I haven't found any trouble utilizing the hack. warmac wrote: all this time trying to get the community builder to work with Joomla and I find out that the version doesn't work with Joomla but supposely the next version will. Guess I'll unstaill it for now and wait I'm using it...have you hacked the comprofiler.php file? You can access the hack at mambojoe.com or go to Mambome.com and find the CBE component, and try their variations. I'm anxious for next releases, but haven't got the time to wait, as I have two sites already utilizing these components on a large scale, and several other clients in the process of incorporating community aspects, too. Wolf.

Author:	keliix06 [ Mon Oct 31, 2005 3:20 pm ]
Post subject:	Re: Force login before access to site - my solution
Couldn't you make the first page in the main menu the login component then just assign a minimal template to that menu item? Then just set all of your content to only be accessable by registered users?

Author:	wolfcreek [ Tue Nov 01, 2005 12:10 pm ]
Post subject:	Re: Force login before access to site - my solution
keliix06 wrote: Couldn't you make the first page in the main menu the login component then just assign a minimal template to that menu item? Then just set all of your content to only be accessable by registered users? That's usually how it's done, but this hack allows you to verify memberships/registered users by assigning a specific template to certain areas. It's also another way to force registration instead of just displaying "You have to be a registered user to access this page" or "You are not authorized to view this". Instead of a DENIED, you give them the alternative to register. I find it keeps surfers in house and empowers them to get to the information. It's allowed my site to increase in size, instead of deterring the visitor to just close the window or decide it's not worth it. It's all a matter of how you want to approach things, and whether or not you feel it's necessary. For those of using Community Builder and some sort of Account payment system, it helps to drive sales, and/or develop mailing lists for future info and releases. Just my opinion. Wolf.

Author:	warmac [ Tue Nov 01, 2005 4:49 pm ]
Post subject:	Re: Force login before access to site - my solution
Quote: I find it keeps surfers in house and empowers them to get to the information. It's allowed my site to increase in size, instead of deterring the visitor to just close the window or decide it's not worth it. That's just a more pretty way of keeping visitors on strings to bait them ( I believe there's a term for this form of manipulation) It wouldn't inspire me to register, I'd just close the window I like (access denied) it's simple and very clear - I think the visitor has the right to choose if they want to participate in a site or not without having to be baited. Since so many sites these days use some form of registration/list entrapment tactics alot of visitors tend to not want to engage in it unless its' something they really want to do. thanks to programs like (bugmenot) you can access most things without ever having to register, it spits out a username/password for you and you can just read the content and get out.

Author:	otacon7 [ Fri Dec 30, 2005 10:55 am ]
Post subject:	Re: Force login before access to site - my solution
What if, instead of including the alternate template within the same file, you want to make it so if the user logs in, then it automatically switches to another templete. How would you do this??

Author:	mili [ Tue Mar 28, 2006 3:51 pm ]
Post subject:	Re: Force login before access to site - my solution
This is neat. Eike has another piece of code which redirects http sessions coming from certain IP addresses to the login page or any other page I still haven't got Eike's code to work on my setup but would be nice if these two features were merged into one Thoughts? -Niko

Author:	Requiem [ Tue Mar 28, 2006 5:35 pm ]
Post subject:	Re: Force login before access to site - my solution
Unbelievably helpful thread! I'm a newbie who's been trying to figure this out for a while. Very nice solution. - Jon G

Author:

mili [ Tue Mar 28, 2006 6:34 pm ]

Post subject:

Re: Force login before access to site - my solution

Hey guys

Am strugling to get this working but my template won't load at all after following instructions above

Can someone help modifying it? Thanks Niko

This is my temlate index.php file:

#################################################################################

defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );
// needed to seperate the ISO number from the language file constant _ISO
$iso = explode( '=', _ISO );
// xml prolog
echo '';
?>

if ( $my->id ) {
initEditor();
}
?>

Home

@ Contact

Top

#################################################################################

Author:	houbahop [ Tue Mar 28, 2006 7:05 pm ]
Post subject:	Re: Force login before access to site - my solution
Isn't it possible to joomla to make the menu items and the content to be visible for registered users only???

Author:	room58 [ Fri Jun 09, 2006 1:56 pm ]
Post subject:	Re: Force login before access to site - my solution
I have implemented this method but have found only one drawback. If the users session expires whilst broswing the site (on say a content page where the URL is (Http://www.domain.com/index.php?option= ... &Itemid=27). and they hit Refresh (CTRL F5), they get the login screen but with no modules loaded. If you return to the site root, it's fine, just when you have querystring params. Why would this happen?

Author:	redlokki [ Mon Oct 30, 2006 7:22 pm ]
Post subject:	Re: Force login before access to site - my solution
I'm looking for something similar, but I'd like to isolate the registration portion in a JS popup or, better, handle the form through Flash: http://forum.joomla.org/index.php/topic,108904.0.html I tried creating a new, blank document with the appropriate calls, but the core security disallows direct access. I am puzzling out how to simply send the relevant form info directly from Flash without worrying about creating a mini PHP registration page, but I think that will encounter the same problems. Any thoughts on how to get there from here?

Author:	wsecomp [ Sun Nov 12, 2006 3:55 am ]
Post subject:	Re: Force login before access to site - my solution
I have a similar question... Instead of using a completely different template, is it possible to force a page upon a logged-in user's return? I have set the redirect in CB, but upon returning to the site, users still see the site's intro screen. Could I force something like: If not logged in, show contentID=## else show mosContent (or whatever it's called)?

Author:	toubkal [ Mon Nov 13, 2006 9:26 am ]
Post subject:	Re: Force login before access to site - my solution
If you are referring to for e.g. a front page welcome message, I usually use a module position which is hidden for logged in users You can then create a welcome message in the module manager ( modules > site modules > new ) e.g. Here I create a module position 'top' only for those NOT logged in Quote: id ) {?> } ?> and here in a simpler form ( without jumping in and out of php for the html div etc ) Quote: id ) { mosLoadModules ( 'top', -2 ); } ?>

Author:	thedude [ Wed Jan 24, 2007 7:31 pm ]
Post subject:	Re: [RESOURCE]Force login before access to site - my solution
This is probably a dumb question for experienced users so please forgive me for being a noob! What is the -1 or -2 in the load module function and what does it do?

Author:	toubkal [ Wed Jan 24, 2007 8:24 pm ]
Post subject:	Re: [RESOURCE]Force login before access to site - my solution
it specifies the type of container that the module will be output within e.g. div / table / nested divs / raw see http://help.joomla.org/content/view/33/125/

Author:	thedude [ Fri Jan 26, 2007 12:37 am ]
Post subject:	Re: [RESOURCE]Force login before access to site - my solution
Thanks so much for the reply toubkal. Here is another question and I am trying to make it very simple for myself. Would this chunck of code work putting two templates on one page? Code: <?php if ( $my->id) {?> code for one template <?php } else {?> code for the second template <?php } ?> Is it missing anything? Thanks

Author:	Cylindric [ Fri Jan 26, 2007 11:56 am ]
Post subject:	Re: [RESOURCE]Force login before access to site - my solution
Wow, thanks toubkal! Uncanny timing, because I was just looking for something to do this for an intranet site, where we want the whole thing to be member-only! Thanks.

Author:	toubkal [ Sat Jan 27, 2007 9:16 am ]
Post subject:	Re: [RESOURCE]Force login before access to site - my solution
thedude wrote: Thanks so much for the reply toubkal. Here is another question and I am trying to make it very simple for myself. Would this chunck of code work putting two templates on one page? Code: <?php if ( $my->id) {?> code for one template <?php } else {?> code for the second template <?php } ?> Is it missing anything? Thanks Yes, you can do that. You may be able to use just 1 css stylesheet for both but if you wanted to use 2 diferent ones you can just place more (or all) of the template code within the IF / ELSE statement so that a different stylesheet is referenced for each situation.

Author:	RakiuraSkies [ Sun Jan 28, 2007 12:32 am ]
Post subject:	WoooHooo!!!
This is awesome! I don't know how long I have looked, how many searches made, tried so many different things to achieve JUST THIS! Thank you! Now... can i mod the 'very minimal template' to something that'll make people want to visit my site!!!

Author:	RakiuraSkies [ Sun Jan 28, 2007 12:52 am ]
Post subject:	Re: [RESOURCE]Force login before access to site - my solution
toubkal wrote: If you are referring to for e.g. a front page welcome message, I usually use a module position which is hidden for logged in users You can then create a welcome message in the module manager ( modules > site modules > new ) e.g. Here I create a module position 'top' only for those NOT logged in Quote: id ) {?> } ?> and here in a simpler form ( without jumping in and out of php for the html div etc ) Quote: id ) { mosLoadModules ( 'top', -2 ); } ?> OK, I think what I want to do is add a welcome message to the new login page. A few questions though... Which module are you referring to? How do I make the module hidden for logged-in users? In which file does the code modification shown go? In what position within the file should the code be placed? I think that's about it -for the now Again thanks Toubkal, so far I really like the way this is shaping up!

Page 1 of 2	All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/