'Protect Page'

All WYSIWYG Web Builder support issues that are not covered in the forums below.
Forum rules
PLEASE READ THE FORUM RULES BEFORE YOU POST:
viewtopic.php?f=12&t=1901

MUST READ:
http://www.wysiwygwebbuilder.com/getting_started.html
WYSIWYG Web Builder FAQ
Post Reply
deejayw
 
 
Posts: 19
Joined: Mon Jun 11, 2018 11:12 am

'Protect Page'

Post by deejayw » Tue Jun 12, 2018 11:31 am

OK, so I have a userdb.php set up and I can manage its content when logged in to admin.
I want to protect a couple of pages such that only certain roles have access. I have assigned roles to my member entries.
I have added the tool 'Protect Page' to a relevant page, set the 'Access denied' and chosen the 'User Roles' as appropriate.
Q: How does the 'Protect Page' tool know what database name to look at (if it is looking at any!) ?
Q: Is the 'Protect Page' tool aware of the roles within the user db (userdb.php) ?
Q: Why am I directed to Access Denied even if I specifically name myself in 'Allow Users' ?
There appears to be a hole in the available recorded help here and my attempts to self educate by experimentation are frustratingly failing! :cry:

User avatar
Pablo
 
Posts: 13528
Joined: Tue Mar 28, 2006 12:00 pm
Location: Europe
Contact:

Re: 'Protect Page'

Post by Pablo » Tue Jun 12, 2018 12:11 pm

Advanced features like user roles/avatars do not work with a flat database. For these features you will have to use a MySQL database.
Q: How does the 'Protect Page' tool know what database name to look at (if it is looking at any!) ?
When the user logs in, a session with username/roles will be created, the protected page does not access the database directly.
Q: Is the 'Protect Page' tool aware of the roles within the user db (userdb.php) ?
No, this requires a MYSQL database.

deejayw
 
 
Posts: 19
Joined: Mon Jun 11, 2018 11:12 am

Re: 'Protect Page'

Post by deejayw » Tue Jun 12, 2018 1:34 pm

So, forgive me for being blunt, what use is the 'Protect Page' tool ? How might it be different from the Single Page Protect tool ?
OK, so (without SQL) how do filter access ?
I had thought to use two separately named databases but the Admin tool only seems to see one despite adding two Admin tools to a page and setting each to the named databases.

User avatar
Pablo
 
Posts: 13528
Joined: Tue Mar 28, 2006 12:00 pm
Location: Europe
Contact:

Re: 'Protect Page'

Post by Pablo » Tue Jun 12, 2018 1:58 pm

So, forgive me for being blunt, what use is the 'Protect Page' tool ?
It prevents access to the page without being logged in. Multiple pages use the same login.
How might it be different from the Single Page Protect tool ?
This only protect one page.
OK, so (without SQL) how do filter access ?
You cannot use user roles without MySQL.
I had thought to use two separately named databases but the Admin tool only seems to see one despite adding two Admin tools to a page and setting each to the named databases.
That is not possible. There can only be one database per website.

deejayw
 
 
Posts: 19
Joined: Mon Jun 11, 2018 11:12 am

Re: 'Protect Page'

Post by deejayw » Tue Jun 12, 2018 3:41 pm

So what data store is the 'Protect Page' tool accessing ?
[Update] My experiments suggest that the username is derived from the browsers session status after a successful login elsewhere.
The Access Denied Page pointer is self explanatory. I can use this to point to a login page.
The documentation for Allow Users suggests that this can be a user or delimited list of users (who are logged in where ?)
You say User Roles cannot be used without SQL

I've set up SQL hosting and created a database with a Users table and, online, I've added some users through the re-configured Admin tool.
What now ? Where do I get more detailed information ?

User avatar
Pablo
 
Posts: 13528
Joined: Tue Mar 28, 2006 12:00 pm
Location: Europe
Contact:

Re: 'Protect Page'

Post by Pablo » Tue Jun 12, 2018 4:02 pm

So what data store is the 'Protect Page' tool accessing ?
It works in combination with the 'login' object which starts a session. The protect page checks if this session has been created and this controls whether or not the pages can be accessed.
The documentation for Allow Users suggests that this can be a user or delimited list of users (who are logged in where ?)
You say User Roles cannot be used without SQL
Correct. It is a 'hard coded' alternative for user rules. These values cannot be changed online.
What now ? Where do I get more detailed information ?
Did you read the help and tutorials?
Did you study the login template?
I am not sure what else I can say about it.
Do you have a specific question about the documentation/tutorial/template?

deejayw
 
 
Posts: 19
Joined: Mon Jun 11, 2018 11:12 am

Re: 'Protect Page'

Post by deejayw » Thu Jun 14, 2018 3:11 pm

Did you read the help and tutorials?
Did you study the login template?
I am not sure what else I can say about it.
Do you have a specific question about the documentation/tutorial/template?
Yes I read the help and followed (and used) the tutorial. I'm not sure what you mean by template in this context.
The 'Protect Page' tool is not sufficiently explained IMO.
The Admin tool prompts for a 'Role' when completing a user entry on-line, but there does not appear to be anything I could read which explains why I could not use it for login filtering.
If for instance, it was explained that the login populates the browser 'session' and that the Protect Page interrogates the session, I might have arrived at the penny dropping moment a lot sooner.
Anyway, I activated PHP and SQL support on my hosting package and created a SQL database. Pointing the various tools at the database has worked and I can now use Roles.

User avatar
Pablo
 
Posts: 13528
Joined: Tue Mar 28, 2006 12:00 pm
Location: Europe
Contact:

Re: 'Protect Page'

Post by Pablo » Thu Jun 14, 2018 3:34 pm

Yes I read the help and followed (and used) the tutorial. I'm not sure what you mean by template in this context.
\
The template as referred to in this tutorial:
http://wysiwygwebbuilder.com/login_tools.html
The 'Protect Page' tool is not sufficiently explained IMO.
Why not? Can you please be more specific? What information are you missing?
Where did I fail?

deejayw
 
 
Posts: 19
Joined: Mon Jun 11, 2018 11:12 am

Re: 'Protect Page'

Post by deejayw » Tue Jun 19, 2018 2:13 pm

Sorry for the delay in my reply :oops:

Yes I used the template and it worked well in the example. My efforts are also concerned with a flat file database.

With hindsight, I can see that the 'login' tool achieves two (or more) tasks :_
1. to submit the user entered credentials and check them against the specified database entry
2. if a match is found, therefore a legitimate user, populate the browser session with the database data held for that user

The 'login name' tool, when used, displays the username/fullname of the person the browser is aware of in the session. There is a clue here that I missed. The 'login name' tool does not require the name of the database!
Similarly, the 'Protect page' tool does not require a database name because it checks the browser session data.

I still don't know why the 'role' field is not useable other than with SQL. If the 'admin' tool can write it to the database, why can't the 'login' tool read it and the 'protect page' tool use it ?

I think you may see that these are details that could have been better explained. The available help adequately describes the tools but does not explain how they work very well. Perhaps my lack of experience was partly to blame but your product is intended to inclusively appeal to people at my end of the experience spectrum, is it not?

In general though, after using the product periodically for only 2/3 weeks, I am enjoying myself and I am inspired to do more.

User avatar
Pablo
 
Posts: 13528
Joined: Tue Mar 28, 2006 12:00 pm
Location: Europe
Contact:

Re: 'Protect Page'

Post by Pablo » Tue Jun 19, 2018 3:21 pm

I still don't know why the 'role' field is not useable other than with SQL.
Because it requires a more complex database. Also we would lose backward compatibility with previous versions.
I think you may see that these are details that could have been better explained. The available help adequately describes the tools but does not explain how they work very well.
Is it really necessary to explain every detail of how things works in the background? If I had to do that then I would not have any time left to add any new features to the software.
I do not think any software goes into that much detail.

Post Reply

Who is online

Users browsing this forum: Chris_t and 10 guests