How to create my own scripts in a protected folder?

Discussion in 'aMember Pro v.4' started by trafficbrowser, Nov 17, 2011.

  1. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    Here is what I am doing:

    I added a protected folder.

    Products->Protected Content->Folders

    Added a new record

    Title = The List
    Hide = Not Checked
    Path to Folder = C:\xampp\htdocs\development\trafficbrowser_demo\thelist
    Folder URL = http://localhost/development/trafficbrowser_demo/thelist
    Protection Method = New Rewrite
    Access Permissions = this item is available for all registered customers.

    Then Hit Save

    Then Refreshed the database as instructed [Utiltites->Rebuild Db]

    I place this file in my folder that I made [thelist]

    PHP:
    <php>
    <?php include("C:\xampp\htdocs\development\trafficbrowser_demo\library\Am\Lite.php"); Am_Lite::ANY;

          echo 
    "Test Page!"
    ?>
    </php>
    I sign out of Admin and login as a user

    Under Your Subscriptions I see a Link to "The List" but when I click on it it keeps redirecting to this url
    http://localhost/development/trafficbrowser_demo/no-access/folder/id/1

    It keep telling me that access is denied.

    What am I doing wrong ?

    Here is the documents I am using as a reference http://www.amember.com/docs/Content/PHPScripts

    I am using 4.1.3 Beta

    Thanks in advance
  2. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    First, php code you use is not correct:
    PHP:
    <?php 
    include("C:\xampp\htdocs\development\trafficbrowser_demo\library\Am\Lite.php");
    Am_Lite::checkAccess(Am_Lite::ANY'My Protected Page Title');
          echo 
    "Test Page!"
    ?>
    But above code is not required if you already set protection for folder using new_rewrite protection method.
    I believe your test user does not have active access records, so he can't access protected folder.
    Check that user's access records in aMember CP -> Browse users -> Edit User -> Payments
  3. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    Thanks for the code, on the docs page I was not really sure what to replace.

    I still can't get it working correctly.

    Here is a video that I just made from start to finish. Maybe you can see what I am doing wrong?

    http://trafficbrowser.com/resources/video/amemberFolderProblem/amemberFolderProblem.html

    I am not sure but maybe the .htaccess file has something to do with it ? I did change the path from /amember to /members ?

    Here is that file from root that I changed

    Code:
    #  Sample Nginx rules configuration:
    #  aMember rules (replace /amember to actual aMember Pro path from site root)
    #
    #      location ~* ^/members/.*\.(js|ico|gif|jpg|png|css|swf|csv)$ {}
    #      location ~* ^/members/setup/index.php$ { try_files not-existing-file @php; }
    #      location ~* ^/members/js.php { try_files not-exiting-file @php; }
    #      location ~* ^/members/index.php$ { try_files not-existing-file @php; }
    #      location ~* ^/members/public.php$ { try_files not-existing-file @php; }
    #
    #      location ~* ^/members/public { rewrite ^.*$ /members/public.php; }
    #      location ~* ^/members/setup { rewrite ^.*$ /members/setup/index.php; }
    #      location ~* ^/members { rewrite ^.*$ /members/index.php; }
    #
    #  you must already have something like that in your nginx configuration:
    #
    #      location ~ \.php$ {
    #          try_files not-existing-file @php;
    #      }
    #      location @php {
    #        fastcgi_pass 127.0.0.1:9000;
    #        include fastcgi_params;
    #      }
    #
    #  it is necessary to have @php section, as it is referred by aMember rules, and
    #  it must be located at bottom
    #
    #
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteRule ^public public.php [L]
        RewriteRule ^js.php js.php [L]
        RewriteRule !\.(js|ico|gif|jpg|png|css|swf|csv)$ index.php
    </IfModule>
    
    <IfModule mod_php5.c>
      php_flag magic_quotes_gpc off
    </IfModule>
  4. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    Hum I changed the folder to Free "this item is available for all registered customers"

    But nothing seems to work. I keep getting the denied error as mentioned above.

    I even changed my code of the php index.php

    PHP:
    <?php
    //include("C:\xampp\htdocs\development\trafficbrowser_demo\library\Am\Lite.php");
    //Am_Lite::checkAccess(Am_Lite::ONLY_LOGIN, 'The List Page');
          
    echo "Test Page!"
    ?>
    Could this be a bug ? Nothing seems to be working.
  5. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    I think I been getting my local copy on my computer C:\xampp\htdocs\development\trafficbrowser_demo and my live site confused.

    /members is from my live site. Ignore those....

    Anyway in an effort to debug. I renamed .htaccess to disabled.htaccess in the folder "thelist" now when I surf to it from a user account I no longer get the disabled message, but I do get a 404 error.

    I know for a fact that http://localhost/development/trafficbrowser_demo/thelist/ should work. Something seems to be messed up with the .htaccess from the root folder of trafficbrowser_demo aka "amember" directory.

    I also tried the exact url of the file itself.
    http://localhost/development/trafficbrowser_demo/thelist/index.php

    Here is the root .htaccess file

    Code:
    #  Sample Nginx rules configuration:
    #  aMember rules (replace /amember to actual aMember Pro path from site root)
    #
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/.*\.(js|ico|gif|jpg|png|css|swf|csv)$ {}
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/setup/index.php$ { try_files not-existing-file @php; }
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/js.php { try_files not-exiting-file @php; }
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/index.php$ { try_files not-existing-file @php; }
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/public.php$ { try_files not-existing-file @php; }
    #
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/public { rewrite ^.*$ C:\xampp\htdocs\development\trafficbrowser_demo/public.php; }
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo/setup { rewrite ^.*$ C:\xampp\htdocs\development\trafficbrowser_demo/setup/index.php; }
    #      location ~* ^C:\xampp\htdocs\development\trafficbrowser_demo { rewrite ^.*$ C:\xampp\htdocs\development\trafficbrowser_demo/index.php; }
    #
    #  you must already have something like that in your nginx configuration:
    #
    #      location ~ \.php$ {
    #          try_files not-existing-file @php;
    #      }
    #      location @php {
    #        fastcgi_pass 127.0.0.1:9000;
    #        include fastcgi_params;
    #      }
    #
    #  it is necessary to have @php section, as it is referred by aMember rules, and
    #  it must be located at bottom
    #
    #
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteRule ^public public.php [L]
        RewriteRule ^js.php js.php [L]
        RewriteRule !\.(js|ico|gif|jpg|png|css|swf|csv)$ index.php
    </IfModule>
    
    <IfModule mod_php5.c>
      php_flag magic_quotes_gpc off
    </IfModule>
    Looking in this folder C:\xampp\htdocs\development\trafficbrowser_demo\data\new-rewrite

    It has about 13 empty files inside all with 0 KB worth of data. Not sure if that means something..

    Thanks in advance.


  6. alex

    alex Administrator Staff Member

    Joined:
    Jan 24, 2004
    Messages:
    6,020
    Sorry, did you put protected folder inside aMember folder? It is not yet supported, put it somewhere around, but not inside aMember folder.
  7. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    Well my amember Folder was renamed to something else.. Would that cause a problem?

    I moved the folder, deleted the .htaccess inside that folder. Deleted and Readded the protected options, but it's still saying it's denied, just like above.
  8. thehpmc

    thehpmc aMember Pro Customer

    Joined:
    Aug 24, 2006
    Messages:
    901
    Have you protected your aMember folder?
  9. alex

    alex Administrator Staff Member

    Joined:
    Jan 24, 2004
    Messages:
    6,020
    It is very strange. Could you send us a ticket with FTP info and URL of your aMember installation.

    Can you open any aMember page at all? Please copy/paste exact error message.
  10. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    Sorry maybe I did not say it clearly... I renamed the amember folder. Mainly so I would not get any hackers looking for amember installs. Search on google.com "/amember/signup" to see every site running amember scripts.

    I just downloaded 4.1.5 I am going to start from scratch again, this time I will keep it as amember to see if it installs correctly.
  11. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    I just put in a help desk ticket...

    I just reinstalled and setup everything.. I am not getting accessed denied anymore but I am getting this error on my local server on my machine.

    But on my live site I am only getting a white page with no content. This happens when I click the link to the protected folder in my user account.

    I am now using 4.1.5 on both my local server and my live server.
  12. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    I stand corrected, on my live site it does error out with 4.1.5 it makes an error_log in the folder I am working on.. Here is the error.

    Hope this helps.
  13. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    Sorry that was my mistake.
    Correct code:
    <?php
    include("/home1/phprocke/public_html/0_BlueHostSucksforTopLevelAddOnDomains_trafficbrowser.com/amember/library/Am/Lite.php");
    Am_Lite::getInstance()->checkAccess(Am_Lite::ANY, 'My Protected Page Title');
    echo "Test Page!"
    ?>

    also, do not create protected folders inside aMember folder.
    Protected content should be outsitde of aMember folder. Folder name does not really matter here.

    So for example:
    /trafficbrowser_demo/ - is the folder where 'you have amember installed.
    /thelist/ - is protected folder. Do not put it inside aMember's folder.
    trafficbrowser likes this.
  14. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    ok

    On my development computer (local machine) I corrected the code

    But I am still getting an error.

    On my Live Site the corrected code, then the first time I surfed to the protected folder I got a server error, I refreshed the page and it started working.
  15. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    Please attach file from protected folder that you have in you local machine.
  16. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    The protected file is the exact same one that's on my server, It's just a copy and paste from your corrected code above on reply #13 with a different path.

    Edit: Forgot to Mention that I am using version : 4.1.5.1ff2d38
    PHP Version: 5.3.2

    Attached Files:

  17. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    Attached file can't generate this error:
    Please make sure that you have correct file in place. Also try to clear browser temp. files, may be you have incorrect page in cache.
  18. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    I upgraded the localhost with the new amember version, I am not getting the error no more.. the link protection seems to be working but the folder protection keeps giving me access denied on PHP 5.3.x

    http://trafficbrowser.com/resources/video/aMemberFolderProblem2/aMember Folder Problem.html

    My Live site works great running PHP 5.2.7 but I can't get it working on PHP 5.3.5 on my local machine. My server is planning to do a upgrade soon that's why I am concerned. Any known bugs on PHP 5.3.5 ? should I upgrade to the most stable current version of PHP 5.3.8 ?

    Thanks.
  19. alex

    alex Administrator Staff Member

    Joined:
    Jan 24, 2004
    Messages:
    6,020
    Video is really great.

    To diagnoze then problem, I would look at user (that you are using for test login). Specially look at "Access" records on "Payments" tab. Could you copy/paste what "access" records does this user have?
    Also, another test:
    1. logout from admin and user accounts;
    2. login as admin;
    3. add protected folder as you did in video;
    4. remove all files from folder amember/data/new-rewrite/
    5. login as your test user (that has active subscriptions!)
    6. look at amember/data/new-rewrite/, copy/paste here filenames that you see
    7. then finally goto your protected folder, and copy/paste contents of .htaccess

    And another comment - if PHP file is placed into a folder protected by new-rewrite, you DO NOT NEED to protect it with any code. It is already protected and will not work without login. The PHP code above is necessary when you plan to protect a PHP file without protecting entire folder, or if you need more flexibility in access control.
  20. trafficbrowser

    trafficbrowser aMember Pro Customer

    Joined:
    Oct 30, 2011
    Messages:
    46
    1. Done
    2. Done.
    3. Done.
    4. Done.
    5. Done.
    6.

    a6d8f269f755ce583886b22f3a1aaa45
    a6d8f269f755ce583886b22f3a1aaa45-3

    7.
    .htaccess
    Code:
    ########### AMEMBER START #####################
    Options +FollowSymLinks
    RewriteEngine On
    # if cookie is set and file exists, stop rewriting and show page
    RewriteCond %{HTTP_COOKIE} amember_nr=([a-zA-Z0-9]+)
    RewriteCond C:\xampp\htdocs\development\trafficbrowser\amember/data/new-rewrite/%1-3 -f
    RewriteRule ^(.*)$ - [S=3]
    # if cookie is set but folder file does not exists, user has no access to given folder
    RewriteCond %{HTTP_COOKIE} amember_nr=([a-zA-Z0-9]+)
    RewriteCond C:\xampp\htdocs\development\trafficbrowser\amember/data/new-rewrite/%1 !-f
    RewriteRule ^(.*)$ http://localhost/development/trafficbrowser/amember/no-access/folder/id/3 [L,R]
    
    
    ## if user is not authorized, redirect to login page
    # BrowserMatch "MSIE" force-no-vary
    RewriteCond %{QUERY_STRING} (.+)
    RewriteRule ^(.*)$ http://localhost/development/trafficbrowser/amember/protect/new-rewrite?f=3&url=%{REQUEST_URI}?%{QUERY_STRING} [L,R]
    RewriteRule ^(.*)$ http://localhost/development/trafficbrowser/amember/protect/new-rewrite?f=3&url=%{REQUEST_URI} [L,R]
    
    ########### AMEMBER FINISH ####################
    Here is the video.

    http://trafficbrowser.com/resources/video/aMemberFolderProblem3/aMemberFolderProblem3.html

    If you looking to produce this on your own desktop I have included the server and the project.

    http://trafficbrowser.com/resources/temp_files/xampp.zip

    Includes XAMPP, MYSQL, aMember project

    1. Extract to C: Only if you don't have XAMPP installed already. it should look like this c:/xampp
    2. Start the server c:/xampp/xampp-control-default.exe Start PHP and MYSQL
    3. Surf to http://localhost/development/trafficbrowser/amember/admin (for Admin)
    http://localhost/development/trafficbrowser/amember/ (for Users)

    Admin Account
    ===============
    account: admin
    password: password

    User Account
    ===============
    account:demo1
    password: password

    Thanks.

Share This Page