Extranet - Frontend Users

From FundaWiki

Jump to: navigation, search

This module has been deprecated.
See Extranet - Frontend Users (official version) for an official version.


After numerous requests (and a paying customer) Fundanemt now have a simple extranet functionality that allow site administrators to lock of a small part of the web-site to a specific user-group. The module is currently very unpolished, but it should be able to handle the job for most users.

[edit]

Module Installation

First you need to download the passwordModule that allow administration of the frontend-user database. The module can be downloaded from qte.dk/projects/fundanemt/passwordmodule/. Extract the zip-file inside the fundanemt/modules directory, and open the module in Fundanemt and create a few users.

[edit]

Template Changes

In your template (index.php) you should change the line stating 

   <?php $parser->printSiteContent(); ?>

with 

   <?php
   
   // ID for page you want to protect (all sub-pages will be included as well)
   $toplevelIdsToProtect = array(13);
   
   $pagelocked = false;
   $topLevelId = $parser->getTopLevelId(1);
   
   $extranet_message = '';
   if (isset($_POST['funda_extranet_login'])) {
       if (isset($_POST['funda_extranet_login_username']) && !empty($_POST['funda_extranet_login_username']) &&
           isset($_POST['funda_extranet_login_password']) && !empty($_POST['funda_extranet_login_password'])) {
   
               $extranet_username = addslashes($_POST['funda_extranet_login_username']);
               $extranet_password = md5($_POST['funda_extranet_login_password']);
   
               $res = $parser->D->dbQuery('SELECT id FROM frontendusers WHERE username="'. $extranet_username .'" AND password="'. $extranet_password .'"');
               if ($parser->D->dbNumRows($res) > 0) {
                   $_SESSION['funda_extranet_username'] = $extranet_username;
               } else {
                   $extranet_message = '<strong>Error: Login failed. Entered username and/or password is incorrect.</strong>';
               }
           } else {
               $extranet_message = '<strong>Error: Login failed. You have not entered both username and password.</strong>';
           }
   }
   
   if (isset($_GET['funda_extranet_logout'])) {
       unset($_SESSION['funda_extranet_username']);
   }
   
   if (in_array($topLevelId, $toplevelIdsToProtect) && (isset($_SESSION['funda_extranet_username']) || !empty($_SESSION['funda_extranet_username'])) == false) {
       $content = '
           <form action="" method="post">
           <h2>Login Extranet</h2>
           <p>Welcome to the extranet.<br>
           Login using your username and password</p>
           <table style="font-size:10px; color:#ffffff;">
           <tr><td>Username:&nbsp;&nbsp;</td><td><input type="text" name="funda_extranet_login_username"></td></tr>
           <tr><td>Password:&nbsp;&nbsp;</td><td><input type="password" name="funda_extranet_login_password"></td></tr>
           <tr><td>&nbsp;&nbsp;</td><td><input type="submit" name="funda_extranet_login" value="Login""></tr>
           </table>
           '. $extranet_message .'
           </form>
           ';
   
       $pagelocked = true;
   }
   
   if ($pagelocked) {
       print $content;
   } else {
       $parser->printSitecontent();
   }
   ?>


The line with 

   $toplevelIdsToProtect = array(13);

should be changed to contain the ID of the top-level page you want to protect.

Additionaly you should add a 

  session_start();

at the top of the template before any output is sent to the client.

Retrieved from "http://fundausers.org/wiki/Extranet_-_Frontend_Users"
Personal tools