I'm new to Gravity/Wordpress/PHP - BUT here's what I'm after.
I have Gravity page that asks for username/password.
I'm using this Active Directory Integration Plugin (completely
separate from GF) https://wordpress.org/plugins/active-directory-integration/
The ADI plugin works as expected with the default WP login screen, ie I enter LDAP creds it auth's against my ldap server confirms everything is good and lets me in.
Problem being I don't want to use the default wordpress login. Is there a way to use the GF and the after submission function to call this other plugin/php file to auth against ldap and or check the local WP db should the user not be found in AD?
You will have to implement a function that is triggered by the gform_after_submission-action which then in turn calls the authenticate-action. But I'm not sure that will work...
But as far as I understand your question you want to replace/customize the login screen to something different. If that's the case you might want to have a look for 2 things:
A way to adapt the login-screen to your needs. Have a look at f.i. https://premium.wpmudev.org/blog/customize-login-page/. I did a search in my favourite search engine for "customize wordpress login form"
replace the login URL with something different. For that you might want to have a look at the iThemes-Security-plugin for wordpress which - amongst other excelent security features - allows you to rewrite the login-url to something other than wp-login. It does so in a completely transparent manner that you will have no problems updating your wordpress!
With these two changes you would be able to completely alter the existing login-screen to something individual without having to tweak the authentication mechanisms of wordpress which might result in strange (and insecure as the default login will still be available) behaviour.
Related
I am creating a wordpress site where i want to create accounts for the user but want to prevent users getting an email confirming there registration. Is there a way or a plugin that does this?
I have 2 possible solutions for you:
1) It's not for the faint of heart, but if you really want to you could try hacking the pluggables.php file in the includes directory. Keep in mind that updating Wordpress would nuke this.
I suspect it would involve modifying this function:
function wp_new_user_notification()
You can find it around line 1190 in pluggables.php.
2) Alternatively I know the old version of the Register-Plus plugin, included an option to disable user registration e-mail notifications.
Presumably the newer Register-Plus-Redux still offers similar functionality.
We have a site where we are intending to sell access to video tutorials. I have set up Joomla ACL to limit access to those pages only to those users who have been given the relevant access permissions and access is being sold through shopping cart called MijoShop.
This setup is working okay at the moment, but there is bit of an issue with user experience. At the moment it seems I can only stop people from viewing a page, but I can't see an easy way to show them alternative content with Joomla ACL. Ideally, if a logged-in user does not have access to a certain video tutorial page, when they click on the link to the page they will instead see a page giving them an opportunity to buy access to the tutorial. This means that I need a method for showing different content on the same page depending on which Joomla user groups a user is assigned to. Is this possible with vanilla Joomla ACL, or am I going to have to find a content management extension that can add the ability to do this?
You should be able to do that with the Vanilla ACL. IIRC you can setup various groups with access to different tutorials/pages/things - then you can make a member a part of multiple groups - thus giving them access to those things as needed.
If unable to do something like that - then I think George Wilsons comment would suffice for a while and you could implement some if/then/else type statements into the code of the article which would work.
Your best bet however is to try the ACL solution first and foremost as that allows you to keep things generally more easy to manage from a backend perspective.
I'm building a product that involves clients adding their FB app data into my product's dashboard.
In this case each client would have to go to developers.facebook.com/apps and create an app first.
I would want to have a button which says "Create App" in my website that when clicked, would create the app instantly for the client.
So is it possible to create a FB App from my website (with script, not manually) ??
Thanks in advance,
Altin.
It was possible couple of years ago, and now it's been removed.
First of all, I’d think about the question, “does every client really need their own app?”
Maybe it’d also be possible to have all of the stuff you’re planning to do (no details on that) under one app, and have it decide on what data to show based on the fact which client’s Facebook page it gets added to (if it’ll run as page tab app), or by some additional parameter passed to it when calling it. You could f.e. example automatically redirect to a sub-folder on your webspace based on this criteria, that displays individual pages for that client.
If that’s not an option, then yes, your clients will have to set up the basic app themselves (and therefor they’ll need a verified account) – and afterwards tell app id and secret to you. Many of the “advanced” app settings can then be set by you via script – look at what properties are marked as “(Editable via API)” here: https://developers.facebook.com/docs/reference/api/application/
(Although some of the basic settings, like category, description, logo etc. will still have to be set by your client themselves. But other, more “technical” stuff, that the client maybe doesn’t know about and doesn’t even want to be bothered with, like canvas/page tab URLs etc. can be set by you. I’d say that’s as good a compromise as you can get for such a scenario.)
i created an application with some models, after that, i used ACL and created some ACOs to protect my Application.
Now i wanted to add a RESTful API to my application, so i edited routes.php with something like that
Router::mapResources('routes');
Router::parseExtensions();
this also works fine, for example going to http://localhost/myapp/routes.json gives me a json object of my routes if i'm already logged in
shure, somebody cannot do a login with a web-form when he is using my API, so i want to know if it is possible to send the regular login informations with the request using REST Auth Basic (or Digest) and use the working ACL in my App to authenticate and show the result object (or if its wrong, send the right header)
any ideas?
if something is unclear, PLEASE leave a comment
i used the newest cake php version 1.3.3
If you look at other API based services, usually they use token to identify user. For example if there is username matt and he has token 123456, you can give him access to url http://localhost/myapp/123456/routes.json. Then, in your controller, you can authenticate the user by using token.
http digest authentication is possible when javascript is used to handle the authentication process, non-javascript clients default to having the standard popup.
Probably they won't mind though.
Info found at http://www.peej.co.uk/articles/http-auth-with-html-forms.html :
The main reason people walk away from
using HTTP authentication is that they
want control over the look of the
login form and most browsers display
an awful looking dialog box. So what
we need is a way for HTML forms to
pass HTTP auth data when it's
submitted. The HTML spec provides HTML
forms as a way to create queries and
to POST urlencoded data to a URL, but
can we subvert it?
It comes with a warning :)
Warning: The solution outlined in this
article is experimental and might be a
complete lie, be warned that your
mileage may/will vary.
I'm building a site with Joomla where a forum should exist amongst other things. But also I plan to develop a custom made functionality (diary-like) with a php inserts (it really works, for example with jumi). The problem is that I suppose nobody will understand if the forum and this sub-site will have separated logins. I'd use an existing forum authentication for my code also, but I don't like the idea that the login will look like forum-only login. I see there are bridges exist (like JFusion), but should I choose one particular forum extension if I plan to use a particular bridge extension? And are bridges easy to access with custom-made php code?
If this is for a Joomla 1.5 website, you will want to create a user plugin that will log the user into your custom site as they log into Joomla. Take a look at plugins/user/example.php for an example user plugin. The onLoginUser function will be called just after someone successfully logs into Joomla. At this point, you'll have all of their data in the $user array that's passed into the function. You should be able to use this information to create a bridge into your external PHP application.