Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Restricting access to PHP/CGI scripts to only registered users in Joomla

Posted on 2009-07-04
2
Medium Priority
?
505 Views
Last Modified: 2012-05-07
I run Joomla CMS on my Apache server (WAMP) with User Registration feature enabled. This means visitors can register and have accounts on the web site. I can restrict access to specific articles/sections from Joomla itself. Using the "Custom HTML" module, I added an HTML form to the web site; this HTML form sends its parameters to a PHP file (I created) located in the server.

The customized HTML form is restricted to only registered users. However, that does not prevent non-registered users from running my PHP file (If they knew its name).

How can I restrict access to my own PHP/CGI files to only registered users? Does Joomla provide such feature?
0
Comment
Question by:ISDCCC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 24778044
I am not sure if Joomla can do what you want all by itself, but it should be fairly easy to protect your action script.  Use a CAPTCHA image.  That way you will be able to know that anyone who access your PHP file came through your form and was human-enough to enter the CAPTCHA information correctly.

A good place to start is with ReCaptcha:
http://lmgtfy.com?q=ReCaptcha

Best regards, ~Ray
0
 
LVL 4

Accepted Solution

by:
stevepicks earned 2000 total points
ID: 24778237

<body>
<?php //cortecy of lleo for joomla 1.5
$user =& JFactory::getUser();?>
<?php if ($user->id > 1) : ?>

<!-- user IS logged in so deliver normal template
     Your normal template HTML here -->

<?php else : ?>
<!--  Visitor is NOT logged in so deliver the login page -->

<jdoc:include type="modules" name="user9" />

    <?php if ($option == 'com_user') : ?>
         <jdoc:include type="component" />
    <?php endif; ?>
<?php endif; ?>

</body>
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question