I'm trying to find a way to get all users browsing on the same page.
I already know how to get all logged users on my website but I'm trying to get all logged users browsing on a specific page.
I don't know if this is possible and how, if it is possible.
Thanks for your help.
if you tell specific page you deal with specific controller.
In this specific controller which render specific template webPage you can valid if the user is authentified.
If authentified you can launch a listener (and only launch this listener in this controller) which create a specific log (or database insert) on user/authentified trig this trigger.
You can also filter users which launch trigger before run the code and categorize your log.
Otherwise (but not very good) is to create a kernel listener which launch anytime and for each user and request you can decide to (according to many others arguments) throw specific action and logger. With this you can create a best engine for log very specific behaviour on your website for each user.
Perhaps you can find if bundle already exist for this...Or detail using of Monolog component of Symfony framework
Related
I come to you because I'm a little bit lost in the implementation of a specific project...
Here is the configuration of my project:
- A Wordpress website
- An external database outcome of the ERP "OpenERP", containing a table that contains hundreds of users.
In the Wordpress site, I need to create a form that will allow visitors to register in the external database. I also need the visitor to be registered as a user in the Wordpress website because in the near future, registered users will have access to particular content via Wordpress.
In addition to this, the client wants to continue to add new users via OpenERP. In this case, the new user will also need to be created "immediately" in Wordpress.
How can I do this?
Thank you in advance,
Cédric
I looked at "OpenERP" real fast, hoping there is an API. Instead I got confused on the product, just a little. There are fundamentally a few ways to go, here is the path I would explore :
Does "OpenERP" have any type of API for adding and polling users? This is the way to go. So when a new user is registered (created) in WP you can hook the creation via wp_insert_user() see : http://codex.wordpress.org/Function_Reference/wp_insert_user to get started. The hook would check with OpenERP for a user ("does exist") and create if new to OpenERP.
When OpenERP has a new user created, ideally you can send the details to WP, in any number of ways, to create a new user. Creation of the user can include forced PW creation, random PW, and even welcome emails. See wp_create_user via http://codex.wordpress.org/Function_Reference/wp_create_user. You could create an API, a hidden method, an adaptor, etc.
The unanswered question is "What features are available in OpenERP to talk to a remote site over http or the network?". Additionally, what security holes are you opening up and how do these concern the business?
Technically, creation of a password and account, in any professional situation, requires secure practices. SSL/https or possibly SOAP/WSDL to the rescue?
The bottom line : Wordpress has all of the tools, hooks, and features needed to accomplish your goals. What does OpenERP have to allow you to meet these goals?
One final concern, you could have a situation of user conflict - a user created in OpenERP and WP. Some extra logic may be needed, as well as a consideration of how you (as the programmer) choose to define what makes a user unique (email can change, making email a junky unique identifier), user names also can change (not in WP). If these attributes change (edited) you could have heartburn. The entire CRUD cycle needs to be accounted for in detail on both systems. A WP ID to OpenERP ID relationship table, with status, will probably become a requirement.
There are a few other ways to go, but above highlights how I would begin thinking about the problem.
Hope this helps.
I'm building an app that allows the app to hit an ACT url which then triggers a module method to create a new entry using the ExpressionEngine API. However, as there is no user logged in / loggin in, it is not allowed to submit an entry to a channel.
What is the best way to do this. Bypass the EE api and submit the entry manually, or log a user in progamatically..but then how would that work with sessions etc etc?
If the answer is to "log a user in" it would be great to see a code sample if possible.
Thanks!
As you mention, there are 2 ways to add a new entry:
manually add the database records
use the Channel Entries API (http://expressionengine.com/user_guide/development/api/api_channel_entries.html)
The main differences are that entries added using the API will:
perform all the usual data validation (ie, fields that are marked as being required must not be empty)
run any 3rd-party extensions that installed
keep the site statistics up to date (eg, the number of posts by the author)
Adding the entry manually is reasonably easy for simple channels, but gets more complicated if you are using 3rd party fieldtypes that use additional tables.
To log a member in you should just need to:
// Get the member's id (the member must have permissions to post entries)
$member_id = 1;
// Create session
$this->EE->session->create_new_session($member_id);
use the channel entries api to add the entry, and then:
// Log user back out
$this->EE->session->destroy();
when you have finished.
You are going to want to take a look at the Auth.php class in ./system/libraries/Auth.php. This class is an abstraction of the authentication API's and allows you to do exactly what you want. The "loggin as user" feature uses these same methods, as well as the member module.
You can also take a look at the Authenticate module (which is free) so you get an idea of how others work with the Auth class.
https://objectivehtml.com/authenticate
Here is some pseudo code for you to use:
// Fetch the member from the DB using whatever logic you need
$this->EE->db->where('username', 'some-username');
$member = $this->EE->db->get('members');
$this->EE->load->library('auth');
// Load a new Auth_result object which logs in the member
$authed = new Auth_result($member->row());
$authed->start_session($cp_session = FALSE);
$member->free_result();
This code should work, but I didn't not have time to execute it, which is why it's considered pseudo code.
I should also add that I am not sure if this even the best way to solve your problem. I am simply answering the questions of "how to programmatically login a user without knowing their password and without submitting a login form."
I'm researching the use of ACL in CakePHP and it's confusing... I haven't understood a thing.
With ACL can I permit or deny the access to a page (that part I get). But, for example, I want to make sure, that user can't modify of another user. Can I do this with ACL or is only for create/update delete into the query?
The project is still at planning stage, therefore I don't have any code to show.
The CakePHP acl is action base, that means if you have create , delete , edit ,... actions for articles controller, you can allow or deny it to any one, but you can not specify(allow/deny) to any event in actions.
If you have many events in your action, for example in edit action of articles controller you have publish , file upload , image upload ,... events,So you can't handle this events with native acl system, you must handle it by your own code.
hi I am developing custom component in joomla 1.7 I want to restrict user task based on user groups. I have created table and saved all the controller names and tasks and saved the permissions for the previous tasks with user group id. In central com_component.php file I check the user permissions and authorized the taks with controller. This is working really well. What I want to know is can I use addACL() or authorized() functions to do this which is I really don't understand correctly. Bcoz Here I want use both controller and task together.
Developing a component with the Access Control List is described on Joomla! documentations in detail (link). I think the first thing to do is follow the instructions described there. There is even sample code that you can download and use.
The plugin 'GroupJive' for the Community Builder component has ways to do what you are looking for. I would look to that project at least for a guideline. I will be digging into a similar challenge this weekend and if I find code without the need for the component I will let you know.
I am trying to create a login system thats generic so that it can be adapted for use in various apps. I decided that 2 main "parts" of the system will be User Meta Data & Roles/Resources/ACL.
1. Metadata
I thought of keeping most data like what meta data are available for users in the database, so that admins can manage them using some GUI.
Problem is how can I then configue how I want inputs to render (textbox, checkbox, radios etc.). Then another problem is validation, filters.
2. ACL
I think for simple ACL it will work fine. But suppose I want say users to be able to modify posts they own. In Zend_ACL that is accomplished with Assertions. I thought that will make a "simple" login system overlly complex? Also it will be hard to build I suppose?
Currently I have my database like
Logging in users: I recommend using a separate controller (call it Auth for instance) that has loginAction and logoutAction. Zend_Auth (Zend_Auth using database) will check the database for the right credentials. Once the user is verified, you will save it in the global accessible place(the Zend_Auth class has methods to do this). This is also a good moment to query which roles the user has and store them.
Metadata part of your application: I'm not sure what the question is exactly but I assume you want to store dynamic information about user and have a GUI for admins to manage this. Why you would render different types of controls? Validating the information can be done by defining a lot of the most common metadata (like Twitter) and create rules for them. In the save action for the metadata you would validate using these rules.
ACL: Resources rarely change, you are better off putting them in a configuration file (for speed). You should give a lot thought to resources: what are they exactly to you? Controllers? Modules? Create a plugin that will preDispatch every request checking the role of the logged in user against the requested resource. E.g.:
$action = $request->getActionName();
$controller = $request->getControllerName();
// role, resource, privilage
if (!$acl->isAllowed($user->role, $controller, $action) {
//go to access denied page!
}
Now that Zend_ACL is used for the global access rules, you are better off checking for specific access inside the action itself (like if ($loggedInUser == $article->author) {//edit the article};).
Also don't forget Zend_ACL can be integrated with Zend_Navigation to hide menu items users are not allowed to use (and more).