Hello,
as the title says, I am looking for a simple way to have an external PHP page (rendering HTML) but only accessible/readable when the visitor is a member and logged in.
What would be the best way for me to do that?
Thank you.
Best regards,
Esteffano
There are several ways to do this. I'll provide a quick example below, you would place this in a
xyz.php file in the same directory as you
SSI.php Read the comments I provided in the script for futher details
<?php
/**
* Define $ssi_guest_access variable before including SSI.php to handle guest access to your script.
* false: follows the forum setting of "Allow guests to browse the forum"
*/
$ssi_guest_access = false;
// Include the SSI file.
require(__DIR__ . '/SSI.php');
/**
* If you have "Allow guests to browse the forum" enabled but still do not want guest to access this script
* then use the is_not_guest(); function after including SSI. If they are a guest their journey ends at the next line.
*/
is_not_guest();
echo '<!DOCTYPE html>
<html>
<head>
</head>
<body>
Guests can not see this
</body>
</html>';
In both cases they will be redirected to the login screen
Wow, thank you.
This really helps me do what I want.
Is there also a way to make the output only visible to a certain group (based on group ID)?
Best regards,
Esteffano
Sure, I'll show you a quick snip that should work. But first a notice.
The permission system is based on named permissions and not simple group access. This is because being in a group may be additive or may be subtractive to your permissions. You could be in a group and "loose" permissions. So with that warning out of the way ...
<?php
/**
* Define $ssi_guest_access variable before including SSI.php to handle guest access to your script.
* false: follows the forum setting of "Allow guests to browse the forum"
*/
$ssi_guest_access = false;
// Include the SSI file.
require(__DIR__ . '/SSI.php');
/**
* If you have "Allow guests to browse the forum" enabled but still do not want guest to access this script
* then use the is_not_guest(); function after including SSI. If they are a guest their journey ends at the next line.
*/
is_not_guest();
global $user_info;
$exists = false;
// 1 is the admin, always allowed
// 2 is a global moderator, generally allowed
// 99 is just some group id that you have defined
foreach ([1, 2, 99] as $value)
{
if (in_array($value, $user_info['groups'], true))
{
$exists = true;
break;
}
}
if (!$exists)
{
redirectexit();
}
echo '<!DOCTYPE html>
<html>
<head>
</head>
<body>
Guests can not see this
</body>
</html>';
Here you provide a list of allowed groups, is put in
1, 2, 99 as an example, and the code simply checks if you are in one of those groups. But as I stated this simply means your in a group, not that a necessary you have some permission, it all depends on how you have setup your forum. But for simple cases its just OK, certainly not ideal.
Thank you very much, I really appreciate it!
Will try it out later tonight.
Best regards,
Esteffano
Thank you again,
it really worked well.
I made a little function based on you code to simplify working with the mechanism.
<?php
$ssi_guest_access = false;
// Include the SSI file.
require(__DIR__ . '/SSI.php');
/**
* isVisitorLoggedIntoGroup
*
* Check whether or not visitor is in at least one of specified groups
* @param mixed $mGroups may be string or array
* @return bool TRUE if is in any of the groups, FALSE if in none at all
*/
function isVisitorLoggedIntoGroup($mGroups) {
global $user_info;
// Ensure $mGroups is always an array
$groupsToCheck = (is_array($mGroups)) ? $mGroups : [$mGroups];
// Check if the user is in any of the specified groups
foreach ($groupsToCheck as $group) {
if (in_array($group, $user_info['groups'], true)) {
return true;
}
}
// If none of the specified groups match, return false
return false;
}
echo 'Something anyone can see.<br>';
// Check if the user in any of the specified groups
$allowedGroup = isVisitorLoggedIntoGroup([1, 2, 99]);
if($allowedGroup){
echo 'Something that\'s only meant to be seen by $allowedGroup.';
} else {
echo '<a href="#">Login</a>';
}
Best regards,
Esteffano