Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest sNews - sNews 1.7 - with its own forums - for discussion and user mods.

Author Topic: Allow content based on user/pass  (Read 3681 times)

Malissa

  • Guest
Allow content based on user/pass
« on: February 21, 2007, 09:39:07 am »

Hi,

Currently I have a website using htaccess with 2 user/pass. Depending on the user/pass the page that comes up is relevant to that user. Each user cannot see the other user's page.

I was wondering if sNews is able to allow me to do the same in a more elegant manner.
I need an Admin logon and 2 users that cannot see each others info.
I have searched and tweaked everything I can find and have now found sNews.
I can try to fiddle the 1.4 multiuser hack but I guess I'm wondering if anyone else uses sNews in the same way?

Thanks,
Malissa
Logged

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • “I'm a self-made man and worships my creator.”
    • p-ahlqvist.com
Allow content based on user/pass
« Reply #1 on: February 21, 2007, 10:21:56 am »

Nope, not currently. There is only that 1.4 MOD that does this. I know a guy who called himself Foltrane had something like this done in the 1.5RC version, but that guy is vanished... I just preformed a user search on him, and he is no more it seems... Wonder where the hell he went ?

Malissa, at this point in time there is no known 1.5 MOD for multi user.
Logged
"It's only dead fish that goes with the flow... "
Updated

tyee

  • Jr. Member
  • **
  • Karma: 0
  • Posts: 56
Allow content based on user/pass
« Reply #2 on: February 21, 2007, 05:13:11 pm »

Greetings
  I am currently going to make a Members Area by a not to elegant method. I will install my main sNews pages in let's say "/snews" folder. I will then duplicate that whole folder into a "/snews/members/" folder. I will then protect that members folder with htaccess, and of course make a new database that is separatly accessed.

 There will be a link in the main folder to get to this new members folder. I'm sure it will work but I don't like the duplication but when you think about it the amount of files to copy is trivial. I'll be setting this up in 2 days when my new domain is active. Please let us know earlier if you try this or another method.

PS, there is another method that works in textpattern cms, which also uses a database for the content. Here is the method from the txp forums. I was discussing it with the guy who thought of it.

How To --

Suppose your website is at http://example.com and TXP is installed in the root directory and you want to use HTTP authentication to protect the section called ‘protected’ (http://example.com/protected).

This example assumes your website is hosted on an Apache webserver and that you already have an existing .htpasswd file containing usernames and passwords.

   1. Physically create that directory ‘protected’
   2. Within that directory ‘protected’, create the following .htaccess file:


  RewriteEngine On
  RewriteRule ^(.*) ../index.php


AuthType Basic
AuthUserFile /path/on/server/to/.htpasswd
AuthName "Only for registered users"
require valid-user

End How To

Theory Explanation --

When you’re allowed to visit the protected directory (which exists physically on the server), the RewriteRule prevents that physical directory from being shown to the user. Instead it redirects the request to Textpattern’s index.php (which would have happened if that protected directory hadn’t existed physically on the server), so TXP can show the section you really wanted to see.

Normally, sections in TXP don’t have a corresponding physical directory. It is all handled by index.php. To be able to password protect with .htaccess, a physical directory is required, but… when you request a file or directory that physically exists, the default TXP installation will no longer take care of it; instead that real, physical directory/file will be shown by the webserver. The rewrite rule overrides that by saying: even though there is a physical file/directory here, we still want TXP to handle the request. Because that happens after the authentication step, you get what you want: a password protected TXP section.


I tried to get sNews to work with this but no luck. I kept getting redirected to my index.php page and not to the other page I wanted to go to ("protected" folder in this example). I think the 3rd line needs modifying for sNews --

RewriteRule ^(.*) ../index.php

I think something needs to be added at the end of index.php but I'm not an htaccess guru. I will ask on another forum (with gurus) on how to do this.

tyee
Logged

piXelatedEmpire

  • MIA
  • ULTIMATE member
  • ******
  • Karma: 37
  • Posts: 1401
  • currently MIA
Allow content based on user/pass
« Reply #3 on: February 22, 2007, 01:14:38 am »

Quote from: Patric
I know a guy who called himself Foltrane had something like this done in the 1.5RC version, but that guy is vanished... I just preformed a user search on him, and he is no more it seems... Wonder where the hell he went ?
I think you mean Fotrane p-man ;) and he stated that he had a multi user mod working for sNews 1.5, however he hasn't been around since to share it with us :(
Logged
my apologies to the sNews crew, but I will be MIA for the forseeable future

Patric Ahlqvist

  • Nobodys perfect, but Im pretty effing close
  • ULTIMATE member
  • ******
  • Karma: 65
  • Posts: 4867
  • “I'm a self-made man and worships my creator.”
    • p-ahlqvist.com
Allow content based on user/pass
« Reply #4 on: February 22, 2007, 08:24:32 am »

YEA, thanks pix... :lol: Names to remember at my age, you know ;). Fotrane it was, and I stand corrected.

I've posted an email to him from that site of his making a inquiry 'bout showing us the MOD... Let's see what he says.
Logged
"It's only dead fish that goes with the flow... "
Updated

Keyrocks

  • Doug
  • ULTIMATE member
  • ******
  • Karma: 449
  • Posts: 6020
  • Semantically Challenged
    • snews.ca
Allow content based on user/pass
« Reply #5 on: February 22, 2007, 08:25:48 pm »

@bakercad - Is there any way you could extract the functions affected by this mod from snews.php... into a new php file in the root? I took this approach with my "monstrous" (says Mika :)) Admin Panels Addon (currently in progress, about 95% done). I started by disabling the affected functions in a virgin snews.php file... put the modified functions (all the same ones) in a new.php file... then called the new file back into snews.php with an include string (same as used to call snews.php at the top of index.php) placed just after the language variable array. This way, a user just copies in the new file, disables the noted functions in snews.php, and adds the include statement... and away they go.

I suppose... though... that this would get rather complicated when major mods require changes to the same functions already in another new.php file. As an example, here are the functions I disabled and moved to the new.php file for my Admin Panels Addon... how many of these are affected by your multi-user mod?
   - function login_link
   - function login
   - function administration
   - function settings
   - function form_categories
   - function form_articles
   - function admin_articles
   - function admin_categories
   - function edit_comment
   - function files
Logged
Do it now... later may not come.
-------------------------------------------------------------------------------------------------
sNews 1.6 MESU | sNews 1.6 MEMU

piXelatedEmpire

  • MIA
  • ULTIMATE member
  • ******
  • Karma: 37
  • Posts: 1401
  • currently MIA
Allow content based on user/pass
« Reply #6 on: February 22, 2007, 11:41:08 pm »

wow sounds like 2 very exciting developments in the works.. looking forward to seeing those :)
Logged
my apologies to the sNews crew, but I will be MIA for the forseeable future

Keyrocks

  • Doug
  • ULTIMATE member
  • ******
  • Karma: 449
  • Posts: 6020
  • Semantically Challenged
    • snews.ca
Allow content based on user/pass
« Reply #7 on: February 23, 2007, 12:56:22 am »

Quote from: bakercad
well...I could do that.  However, it effects SEVERAL (14 so far) functions and adds several more functions, thus it would effect several already existing mods that one might have.  So I'm not sure if doing it the way you suggest will help, but I may give it a shot.

The way I'm doing it right now...  Just comment out the MU include in index.php and uncomment the snews.php include as you normally would. ...most of the changes to these same functions are small though.....with the exception of login_link(), I had to redo a lot of that.
Well, at least login_link() is a small function to begin with. :)

Yeah... I was testing my method as a way to have different levels of enhanced functionality as addons. But your method of using separate engine files and including on or the other seems much more practical. This allows us to have a series of engine files, each with different option levels. As an example... one might have the MU added and nothing else, another might have both the MU and the Enhanced Admin Panels (EAP) and another might the MU, the EAP and Phimoz's Hidden Articles (HA) mod.... and so on. This makes far more sense. This approach allows us to put the 'cream-of-the-crop' mods into a series of distributable engine files so that end users would have no mod work to do other than changing the include string in the index.php file.
Logged
Do it now... later may not come.
-------------------------------------------------------------------------------------------------
sNews 1.6 MESU | sNews 1.6 MEMU