Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

[SOLVED} Password Protect Individual Page


Go to End


4 Posts   2342 Views

Avatar
zenmonkey

Community Member, 545 Posts

30 September 2009 at 8:04am

Edited: 02/10/2009 9:55am

Is it possible to Password Protect and Individual Page. Creating a Security Group with 1 Member won't work as I am using Current Member checks to block access to portions of the site. Basically this would be a page that would require an Access Code to Enter, but this Access Code will distributed to individuals who shouldn't have access to the data.

Avatar
dalesaurus

Community Member, 283 Posts

30 September 2009 at 4:17pm

You could do this with a custom form. Just have a text field and on the post check it to be the correct secret code, write the page content to the session. On the template side use a simple control to check the session for having any value, if it does display it.

Then when user's session times out POOF! Away goes the secret page content.

Avatar
zenmonkey

Community Member, 545 Posts

1 October 2009 at 12:20pm

I Keep getting an Unidentified Index error. I assume this is because I'm dynamically generating the session index with the Page Title so that each AccessCodePage can have its own $_SESSION var. Is there a better solution?

Avatar
zenmonkey

Community Member, 545 Posts

2 October 2009 at 9:55am

Solved Thanks to a Hint from IRC
I used the Session Class instead of a $_SESSION var

FYI in the pagetype init function I used

$sesCheck = Session::get($arIndex); 
      if (isset($sesCheck)){ 
      } 
      else 
      { 
         Session::addToArray($arIndex, 1); 
      }

Later in the form Action

if (strtolower($data['AccessCode']) == strtolower($this->AccessCode))
		{
			//Compare PageCode to Form Code
			$arIndex= strtolower(str_rot13(str_ireplace(" ","",$this->Title)));
			//Save Code To Session
			Session::set($arIndex,strtolower($this->AccessCode));
			
			
			//add function to Add Name and Email to DataObject
			Director::redirect(Director::baseURL(). $this->URLSegment);
		}

and Finally my Check Function for my Template

function CodeCheck(){
		$arIndex= strtolower(str_rot13(str_ireplace(" ","",$this->Title)));
		$sesCheck = Session::get($arIndex);
		
		if ($sesCheck == strtolower($this->AccessCode)) {
			return true;
		}
		else
		{
			return false;	
		}
	}