Solved

Restricting access to PHP/CGI scripts to only registered users in Joomla

Posted on 2009-07-04
2
489 Views
Last Modified: 2012-05-07
I run Joomla CMS on my Apache server (WAMP) with User Registration feature enabled. This means visitors can register and have accounts on the web site. I can restrict access to specific articles/sections from Joomla itself. Using the "Custom HTML" module, I added an HTML form to the web site; this HTML form sends its parameters to a PHP file (I created) located in the server.

The customized HTML form is restricted to only registered users. However, that does not prevent non-registered users from running my PHP file (If they knew its name).

How can I restrict access to my own PHP/CGI files to only registered users? Does Joomla provide such feature?
0
Comment
Question by:ISDCCC
2 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 24778044
I am not sure if Joomla can do what you want all by itself, but it should be fairly easy to protect your action script.  Use a CAPTCHA image.  That way you will be able to know that anyone who access your PHP file came through your form and was human-enough to enter the CAPTCHA information correctly.

A good place to start is with ReCaptcha:
http://lmgtfy.com?q=ReCaptcha

Best regards, ~Ray
0
 
LVL 4

Accepted Solution

by:
stevepicks earned 500 total points
ID: 24778237

<body>
<?php //cortecy of lleo for joomla 1.5
$user =& JFactory::getUser();?>
<?php if ($user->id > 1) : ?>

<!-- user IS logged in so deliver normal template
     Your normal template HTML here -->

<?php else : ?>
<!--  Visitor is NOT logged in so deliver the login page -->

<jdoc:include type="modules" name="user9" />

    <?php if ($option == 'com_user') : ?>
         <jdoc:include type="component" />
    <?php endif; ?>
<?php endif; ?>

</body>
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how can i gnupg encrypt a PDF document? 12 64
How do I fix this UPDATE error? 7 32
parse url to form? 7 25
Extracting content from meta tag PHP MYHTML DOM 3 21
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question