Prevent from accessing a blog

Prevent from accessing a blog

Postby gastoncs on Tue Aug 05, 2008 12:07 pm

Hello I have created an application in php that automatically creates the blogs, my app is on my server in order for my client to see the app they have to log-in first, after they have log-in a page is call with a bunch of links, each link takes them to each blog; the thing is that if an external person types the address of the blog on the address bar it can see the blog and I want to prevent that,I just want that the person that had log-in have access to the blogs.

can some one help me to solve this issue.

thanks
gastoncs
 
Posts: 25
Joined: Wed Feb 13, 2008 11:24 am

Re: Prevent from accessing a blog

Postby jondaley on Wed Aug 06, 2008 8:29 am

Do you want other logged in people to be able to see other's blogs, or just the person who owns the blog?

I wonder if you could simply do it at the template level, and put something like:

[code] {if $authuser}[code] in header.template

and [code] {/if}[code] in footer.template
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch

Re: Prevent from accessing a blog

Postby gastoncs on Wed Aug 06, 2008 3:23 pm

Thank you jon, yes I want any logged people to see any of the blogs; that sounds like a good idea the thing is that I need to add a session_start() in order to get the $authuser and I try to do that and I don't know way it looses the session and I don't get the $authuser.

do you have any idea way that happens?
gastoncs
 
Posts: 25
Joined: Wed Feb 13, 2008 11:24 am

Re: Prevent from accessing a blog

Postby jondaley on Wed Aug 06, 2008 11:42 pm

You don't need to add a session_start - it is already included in the code. I am simply recommending moving the authuser call from the default comment form, to the whole page.
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch

Re: Prevent from accessing a blog

Postby gastoncs on Thu Aug 07, 2008 2:04 pm

Haa Ok I know what you mean, that works fine if the user logs-in through the lyfeType Admin page but all of our users log-in through our server using a php page,the thing is that most of the viewers will not have to be register on the LyfeType users list.

regards
gastoncs
 
Posts: 25
Joined: Wed Feb 13, 2008 11:24 am

Re: Prevent from accessing a blog

Postby jondaley on Fri Aug 08, 2008 12:34 am

I am not sure how lifetype knows if someone is authenticated or not, if they aren't in the lifetype system? Are you using a customer userdata provider?
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch

Re: Prevent from accessing a blog

Postby gastoncs on Fri Aug 08, 2008 7:04 pm

Do you mean a third-party company that manages our suerdata? no we have our own servers, I think we have a miss communication from my part, sorry for that; let me explain the process may be its more clear.
the user types our server address on the address bar when he press enter a php log-in page is call,after the page is open he needs to type the usrId and the pw creating a session between the user and the server, after he logs-in a php page with a bunch o links appear those links takes them to each blog; the think to do now is to be able to have access to that session Id, so we can have If ($usrId) {} on the template, as you all ready suggested, but the problem that we have know doing that it that the session get's lost.

I hope this explains more
gastoncs
 
Posts: 25
Joined: Wed Feb 13, 2008 11:24 am

Re: Prevent from accessing a blog

Postby jondaley on Sat Aug 09, 2008 7:18 am

Ah, no. I meant LifeType's userdata providers, I think you might want to look into them. I haven't used them myself, but they are good for providing authentication with 3rd party software. http://wiki.lifetype.net/index.php/User_data_providers
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch

Re: Prevent from accessing a blog

Postby gastoncs on Sun Aug 10, 2008 7:00 pm

Thanks for the info jon, what I understood from the data providers correct me if I am wrong is that it provides information about the user that has currently log-in, for this data providers first you need to pass a bunch of parameters and one of them is the usrId, I am still struggling how to get the user id form the current user that is loged-in, but let me read a bit more.

thanks
gastoncs
 
Posts: 25
Joined: Wed Feb 13, 2008 11:24 am

Re: Prevent from accessing a blog

Postby jondaley on Tue Aug 12, 2008 10:40 am

Sort of, but it allows the user information to come from different places, rather than lifetype's user database, ie. you could have your own database that it would check, or I suspect that maybe you want a user provider that looks in the session for the user information.
jondaley
Lifetype Expert
 
Posts: 6169
Joined: Thu May 20, 2004 6:19 pm
Location: Pittsburgh, PA, USA
LifeType Version: 1.2.11 devel branch


Return to LifeType 2.0 Development

cron