A Member System in PHP with some extras
Forum rules
This section is to share tips, tricks and tutorials related to WYSIWYG Web Builder.
Please do not post questions or problems here. They will not be answered.
PLEASE READ THE FORUM RULES BEFORE YOU POST:
viewtopic.php?f=12&t=1901
This section is to share tips, tricks and tutorials related to WYSIWYG Web Builder.
Please do not post questions or problems here. They will not be answered.
PLEASE READ THE FORUM RULES BEFORE YOU POST:
viewtopic.php?f=12&t=1901
This is weird... I have used the password script program with success for a few sites.
Works well except for the last site - I constructed the site and all was well. I then added 5 new pages to the site and found that those pages are not protected.
EG:
I have a paged called noticesandminutes.php (can't access unless you have passwords)
I have another page called zskylights.php linked from the Notices and Minutes page (the skylight can be accessed without passwords)
It appears it is the 5 new pages that I added recently that are not protected.
All the pages, new and old are in the same folder.... any thoughts?
Thanks.
Works well except for the last site - I constructed the site and all was well. I then added 5 new pages to the site and found that those pages are not protected.
EG:
I have a paged called noticesandminutes.php (can't access unless you have passwords)
I have another page called zskylights.php linked from the Notices and Minutes page (the skylight can be accessed without passwords)
It appears it is the 5 new pages that I added recently that are not protected.
All the pages, new and old are in the same folder.... any thoughts?
Thanks.
-
-
- Posts: 51
- Joined: Tue Jun 19, 2007 4:27 pm
- Location: United Kingdom
- Contact:
Sorry for the late post! Yeah I agree. I made a suggestion that the password protect in Wb6 should have MySql database support because with all of my members areas, there is soooo much code! I decided I am going to make a professional extension suite for members areas for WB6 so I will be sharing that with you all when it is done. It will have support for remember me functions, admin areas, extra user fields, profile info for user, database support (mysql) and more! Of course it is going to take a while...kees wrote:madjamonline,madjamonline wrote:...nothing is safe in this world anymore... there will always be a way.
I always make sure that my pwds in php are MD5'd.
I agree that hashing passwords (md5, sha1) is more secure. I didn't use this technics in order to keep it clear for WebBuilder users.
Of course I and you will understand that NASA will not use my script
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
Not sure what you mean...
If you want a specific landing page (password protected) to be available to all members (both simple members - 1 - and Admins - 2 - ) set the required level to 1 and place the code in the start of page. That's all.
The same goes for ALL pages where all members should have access.
If, instead, you only want the Admins to be able to see the page set the required level to 2.
Or maybe I misunderstood ??
If you want a specific landing page (password protected) to be available to all members (both simple members - 1 - and Admins - 2 - ) set the required level to 1 and place the code in the start of page. That's all.
The same goes for ALL pages where all members should have access.
If, instead, you only want the Admins to be able to see the page set the required level to 2.
Or maybe I misunderstood ??
www.dbtechnosystems.com
-
-
- Posts: 51
- Joined: Tue Jun 19, 2007 4:27 pm
- Location: United Kingdom
- Contact:
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
Please note that unless you need sorting and exporting features that go beyond a free script limits, the file system that is used (as well as that that is embedded in WB6) are quite enough. On a randomly created 20.000 members archive file, i have a 0.5 secs delay compared to a MySQL DB driven script. Of course, a file based script is not intended for such volumes....
www.dbtechnosystems.com
-
-
- Posts: 51
- Joined: Tue Jun 19, 2007 4:27 pm
- Location: United Kingdom
- Contact:
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
-
-
- Posts: 51
- Joined: Tue Jun 19, 2007 4:27 pm
- Location: United Kingdom
- Contact:
-
-
- Posts: 51
- Joined: Tue Jun 19, 2007 4:27 pm
- Location: United Kingdom
- Contact:
-
-
- Posts: 51
- Joined: Tue Jun 19, 2007 4:27 pm
- Location: United Kingdom
- Contact:
Very interesting. I read through the whole thing but not having a particular problem and never having done a password protection, it was more of academic interest than anything.
However, I have a design upcoming very soon where password protection is required.
General questions...
Will the "members" have to re-enter their passwords to access multiple pages?? I gather I shouldn't use cookies so is there an alternative?
In this situation, I don't know of any reason for individual passwords. It is really more a matter of keeping non-members out of certain pages.
I was thinking in terms of a portal page with member pages being hidden, but maybe that is all wrong. I haven't gotten to the point of design yet so I really haven't given this any serious study yet but since this topic is so right on, I thought I would ask.
thanks!!!
However, I have a design upcoming very soon where password protection is required.
General questions...
Will the "members" have to re-enter their passwords to access multiple pages?? I gather I shouldn't use cookies so is there an alternative?
In this situation, I don't know of any reason for individual passwords. It is really more a matter of keeping non-members out of certain pages.
I was thinking in terms of a portal page with member pages being hidden, but maybe that is all wrong. I haven't gotten to the point of design yet so I really haven't given this any serious study yet but since this topic is so right on, I thought I would ask.
thanks!!!
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
Is there some way to keep any track of member check-ins without doing a data base?? I will be designing a site that will have about 1400 members. There is only one level of membership. There will be a unique member ID and password for each member.
I was trying to think of someway that I could pull stats without a database. For instance, if each login took each member to their own page, then stats from my host server tells me how many hits there were on each page and that info might be useful. However, that puts an extra page in the process for each member (and of course in the website).
Any ideas?? It isn't worth the cost of a data base so it probably isn't worth doing unless someone has a great idea.
Thanks!!!
I was trying to think of someway that I could pull stats without a database. For instance, if each login took each member to their own page, then stats from my host server tells me how many hits there were on each page and that info might be useful. However, that puts an extra page in the process for each member (and of course in the website).
Any ideas?? It isn't worth the cost of a data base so it probably isn't worth doing unless someone has a great idea.
Thanks!!!
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
Re:
Are you still planning to make the extension or have you make it already?madjamonline wrote:Sorry for the late post! Yeah I agree. I made a suggestion that the password protect in Wb6 should have MySql database support because with all of my members areas, there is soooo much code! I decided I am going to make a professional extension suite for members areas for WB6 so I will be sharing that with you all when it is done. It will have support for remember me functions, admin areas, extra user fields, profile info for user, database support (mysql) and more! Of course it is going to take a while...kees wrote:madjamonline,madjamonline wrote:...nothing is safe in this world anymore... there will always be a way.
I always make sure that my pwds in php are MD5'd.
I agree that hashing passwords (md5, sha1) is more secure. I didn't use this technics in order to keep it clear for WebBuilder users.
Of course I and you will understand that NASA will not use my script
Buy Automation Shopping Cart for CMS WEBSHOP + 2.2 Using WB10!
- Use secure gateway to buy using PAYPAL website.
- Use secure gateway to buy using PAYPAL website.
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
Re: A Member System in PHP with some extras
madjamonline no longer is active on this forum (at least from what I know) however,most of these features have been added in the standard WWB login tools.
www.dbtechnosystems.com
Re: A Member System in PHP with some extras
Alright thanks. But l will like redirect login username to different page using database (mysql or flatfile or other db). Any idea on how l should do this using above guide?Navaldesign wrote:madjamonline no longer is active on this forum (at least from what I know) however,most of these features have been added in the standard WWB login tools.
Buy Automation Shopping Cart for CMS WEBSHOP + 2.2 Using WB10!
- Use secure gateway to buy using PAYPAL website.
- Use secure gateway to buy using PAYPAL website.
- Navaldesign
-
- Posts: 862
- Joined: Sat Mar 01, 2008 8:08 pm
- Location: Italy
- Contact:
Re: A Member System in PHP with some extras
Set a default Destination page in the "login" tool. All users will be sent to this page.
Then, in this page, add the "Redirect user" tool to define the page where each user will be redirected.
The user will not even know or see that there is a "redirect". He will only see the page he is supposed to see.
OR (better solution):
Use (with MySQL) the DBTS Login tools that allow the administrator to set a specific page (after login) for each user.
Related thread: viewtopic.php?t=29083
Then, in this page, add the "Redirect user" tool to define the page where each user will be redirected.
The user will not even know or see that there is a "redirect". He will only see the page he is supposed to see.
OR (better solution):
Use (with MySQL) the DBTS Login tools that allow the administrator to set a specific page (after login) for each user.
Related thread: viewtopic.php?t=29083
www.dbtechnosystems.com