Website Membership Add-on

By pothompson - December 18, 2009

I understand that it's possible to have login only content with the new Website Membership Add-on, but can you let me know if it's possible to access uploaded files that are within login only pages without logging in?

I can see that the page content itself can be protected, but would like to know if an uploaded file can be protected using this Add-on. i.e. If a visitor was to guess the correct URL of an uploaded file, would there be something that prevented them downloading it if they weren't logged in?

Thanks, Paul.

Re: [pothompson] Website Membership Add-on

By Donna - December 18, 2009

Hi there,

Uploaded files (images, etc) wouldn't be protected. CMS Builder can only control PHP based files with appropriate code, so non-PHP pages would still be accessible regardless, if they knew the full URL.

You'd need to have something server side, such as an .htaccess password protection, or something directory-wide to require a password for non-CMS Builder files. :)

I hope this helps!
Donna

--
support@interactivetools.com

Re: [pothompson] Website Membership Add-on

By Dave - December 18, 2009

Hi Paul,

No, the plugin doesn't do that automatically. But it's possible. How you would do it is to write a little script to output the uploaded file, but only if a user was logged in.

Something like this: showMemberOnlyFile.php?filename.pdf

If that's the only thing holding you back go ahead and get the plugin and I'll help you write that little add-on script and we can test it on your site and include it in the next revision.

You can email me additional details to dave@interactivetools.com

Hope that helps!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] Website Membership Add-on

By Djulia - December 19, 2009

Hi Dave,

Your plugin is very useful ! Thanks

It would be possible to ask a confirmation by email with a link for to validate the account (and the email) of the user ?

It is very useful for to validate an account.

Djulia

Re: [Djulia] Website Membership Add-on

By Dave - December 20, 2009

Hi Djulia,

We've done it that way before, but it's a bit complicated. Here's the steps:

- add user account fields for "isVerified" and "verificationKey"
- generate a random verificationKey when you create the account
- email the user with it including a link to a validation script
- the script checks for users with that key and sets isVerified to 1
- add some code to the website or websiteMembership.php to not allow access unless verified
- add some code to resent verification email on request

What if we just generated a random password for the user when they signed up and emailed it to them?

Then we had an "edit your profile" page where they could change their password?

I think that would be simpler. And it would still validate their email (since they wouldn't be able to login without receiving the password.

Would that work for you?
Dave Edis - Senior Developer
interactivetools.com

Re: [Djulia] Website Membership Add-on

By Dave - December 23, 2009

Hi Djulia,

Ok, I should be able to have an update for this next week and then you can help me beta test it. :) I'll just email you direct for that.

Thanks!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] Website Membership Add-on

By depdesign - December 29, 2009

Hi Dave, Can you send me an update too. In addition, is there a way I can setup the registration to have the username be the email address? It just eliminates some confusion with a user logging in. Thanks. [;)]
Dan Perez

Re: [depdesign] Website Membership Add-on

By Dave - December 29, 2009

Hi depdesign,

Sure, I've emailed you the latest beta (beta2) and make added some features and instructions for using email as the username.

Hope that helps! Let me know any feedback or issues you find.
Dave Edis - Senior Developer
interactivetools.com