News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

password protecting an entire area, including SMF board with a single login

Started by Mareid, September 21, 2010, 08:54:31 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Mareid

September 21, 2010, 08:54:31 AM
I was able to successfully install SMF2 RC3 on my (shared) webserver.  I have a family website and I want to protect a whole area that includes the SMF board.  For example I want a picture gallery, the SMF forum and a few other pages to be private to registered members, but I don't want them to have to log in more than once per session.  Automatic login via cookie would be great.  I know how to make them register on the SMF board, and log in with a  password, and I am pretty sure I can figure out how to use .httaccess, but I have no idea how to combine them or use one of them so that my users don't have to log in twice, once to the website and once to the SMF forum.  Any clues (in words of one syllable please  :-\ ) will be greatly appreciated

Oya

#1
September 21, 2010, 09:07:42 AM
why not use the smf login and extend that across ur site

its easy to do with ssi - SSI Readme

theres no htaccess then and u can get a picture gallery called avea media that integrates into teh forum so uses forum permissons

ishy

#2
September 21, 2010, 02:21:05 PM
Yeah, there's really no need to hide the entire site behind a password. Just use permissions to refuse access to the forums to guests, and create the gallery and extra pages through mods. Those can be hidden to guests via permissions as well.  Then put the forum on admin activation of accounts, so you approve anyone that joins.

Mareid

#3
September 22, 2010, 09:22:52 AM
Thanks for the info.  On the SSI site, I didn't see any information on how to use the single login from SMF as a security measure for other webpages.  My main focus would be the forum, with other pages linking off the forum, not the other way around, but would a registered user be able to go to a non-forum page, log in and also be logged in to the forum? 

My current website has a forum that requires admin approval of registrants, and no access to guests and non-registrants, but the rest of the website is open to the public.  As a family forum, I want to restrict virtually all of the website (which is mostly forum and picture gallery, but could include a few other pages) to registered members.

I assume from the comments that this is possible, using SSI and the SMF login, but I don't really know where to start. Or is it an automatic artifact of logging in to the forum that any pages using SSI linked from the forum will also be secure?

Oya

#4
September 22, 2010, 10:02:12 AM
u add this code

Code Select
<?php
include('SSI.php');

is_not_guest();

change the path to SSI.php if the forum is in a directory or something but that otherwise checks whether the user is logged in to the forum and if not pushes it to a login form
Print
Go Up Pages1
User actions
Advertisement: