Difference between revisions of "Content/PHPScripts"

From aMember Pro Documentation
Jump to: navigation, search
m (Spelling, wording, grammar.)
Line 1: Line 1:
This method allows to add cookie-based login form for any PHP script or pages. It is particularly useful for adding paid membership support to an existing PHP-based application.
+
This method allows to add cookie-based login form for any PHP script or pages. It is particularly useful for adding paid membership support to an existing PHP-based application.  
  
If your existing content is in standard .html files rather than .php files, see [[Content/Folders]]
+
If your existing content is in standard .html files rather than .php files, see [[Content/Folders]]  
  
Useful if:
+
Useful if:  
* All your protected content is stored in PHP files.
+
Not useful if:
+
* Images, downloadable content or other non-PHP files are included in your protected content.
+
  
== Requirements ==
+
*All your protected content is stored in PHP files.
* No special requirements
+
 
 +
Not useful if:
 +
 
 +
*Images, downloadable content or other non-PHP files are included in your protected content.
 +
 
 +
== Requirements ==
 +
 
 +
*No special requirements.
  
 
== Setting Up Protection  ==
 
== Setting Up Protection  ==
Line 21: Line 25:
 
.. any existing PHP code goes here .. 
 
.. any existing PHP code goes here .. 
 
?>
 
?>
</source>
+
</source>  
  
   Note: You must edit the products# array to reflect the aMember product which gives access to the page.  
+
   Note: You must edit the products array to reflect the aMember product which gives access to the page.  
 
  For example, if access is confined to those with products 1 and 3 it will be as above. If it is confined to  
 
  For example, if access is confined to those with products 1 and 3 it will be as above. If it is confined to  
 
  those with products 2 and 5 you would use ''Am_Lite::checkAccess(array(2,5));''
 
  those with products 2 and 5 you would use ''Am_Lite::checkAccess(array(2,5));''
  
 
   Note: Instead of first argument (''array(1,3)'' in our example), you may use special constants:
 
   Note: Instead of first argument (''array(1,3)'' in our example), you may use special constants:
  '''Am_Lite::PAID''' - access is allowed if user has paid for any subscription
+
'''Am_Lite::PAID''' - access is allowed if user has paid for any subscription.
  '''Am_Lite::FREE'''&nbsp;- access is allowed if user has a free subscription
+
'''Am_Lite::FREE'''&nbsp;- access is allowed if user has a free subscription.
  '''Am_Lite::ANY'''&nbsp;- access is allowed if user has any not-expired subscription 
+
'''Am_Lite::ANY'''&nbsp;- access is allowed if user has any subscription that has not expired.
  '''Am_Lite::ONLY_LOGIN''' - validate username,password only, do not check user subscriptions status
+
'''Am_Lite::ONLY_LOGIN''' - validate username,password only, do not check user subscriptions status.
  
 
   Note: '''aMember_Root_Dir''' must be replaced with actual unix path (not URL!) to aMember folder. You can find
 
   Note: '''aMember_Root_Dir''' must be replaced with actual unix path (not URL!) to aMember folder. You can find
 
  this path at aMember CP, click in menu "''Version Info''" link, then look for "''Root Folder''" value.
 
  this path at aMember CP, click in menu "''Version Info''" link, then look for "''Root Folder''" value.
  
== How does it work (for programmers only) ==
+
== How does it work (for programmers only) ==
When a user enters a URL to the protected page the aMember login form is displayed and the user enters a username/password. This information is compared to entries in the member database to determine whether a user has the right credentials
+
 
* If the user is not authorized yet, user will be redirected to aMember login form;
+
When a user enters a URL to the protected page the aMember login form is displayed and the user enters a username/password. This information is compared to entries in the member database to determine whether a user has the right credentials  
* If the user has been authenticated, but has no access to given content, ''no-access'' page will be displayed;
+
 
* If the user has an active subscription to a product as defined in products list, then the protected PHP page will be displayed.
+
*If the user is not authorized yet, user will be redirected to aMember login form.
 +
*If the user has been authenticated, but has no access to given content, a&nbsp;''no-access'' page will be displayed.
 +
*If the user has an active subscription to a product as defined in products list, then the protected PHP page will be displayed.
  
 
If you are not using subscriptions or wish to allow any member to have access to a page, regardless of the subscriptions they hold, then you can define products list as ''array('ONLY_LOGIN');'' This simply checks that the username and password exist in the database. '''Be careful - it will allow access for non paying or expired members!'''
 
If you are not using subscriptions or wish to allow any member to have access to a page, regardless of the subscriptions they hold, then you can define products list as ''array('ONLY_LOGIN');'' This simply checks that the username and password exist in the database. '''Be careful - it will allow access for non paying or expired members!'''

Revision as of 01:43, 18 September 2012

This method allows to add cookie-based login form for any PHP script or pages. It is particularly useful for adding paid membership support to an existing PHP-based application.

If your existing content is in standard .html files rather than .php files, see Content/Folders

Useful if:

  • All your protected content is stored in PHP files.

Not useful if:

  • Images, downloadable content or other non-PHP files are included in your protected content.

Requirements

  • No special requirements.

Setting Up Protection

For this plugin to work the file /amember/library/Am/Lite.php must be included at the very top (before the opening <html> tag) of the PHP pages you wish to protect as follows:

<?php 
include("aMember_Root_Dir/library/Am/Lite.php"); 
Am_Lite::getInstance()->checkAccess(array(1,3), 'My Protected Page Title'); 
.. any existing PHP code goes here ..&nbsp;
?>
 Note: You must edit the products array to reflect the aMember product which gives access to the page. 
For example, if access is confined to those with products 1 and 3 it will be as above. If it is confined to 
those with products 2 and 5 you would use Am_Lite::checkAccess(array(2,5));
 Note: Instead of first argument (array(1,3) in our example), you may use special constants:
Am_Lite::PAID - access is allowed if user has paid for any subscription.
Am_Lite::FREE - access is allowed if user has a free subscription.
Am_Lite::ANY - access is allowed if user has any subscription that has not expired.
Am_Lite::ONLY_LOGIN - validate username,password only, do not check user subscriptions status.
 Note: aMember_Root_Dir must be replaced with actual unix path (not URL!) to aMember folder. You can find
this path at aMember CP, click in menu "Version Info" link, then look for "Root Folder" value.

How does it work (for programmers only)

When a user enters a URL to the protected page the aMember login form is displayed and the user enters a username/password. This information is compared to entries in the member database to determine whether a user has the right credentials

  • If the user is not authorized yet, user will be redirected to aMember login form.
  • If the user has been authenticated, but has no access to given content, a no-access page will be displayed.
  • If the user has an active subscription to a product as defined in products list, then the protected PHP page will be displayed.

If you are not using subscriptions or wish to allow any member to have access to a page, regardless of the subscriptions they hold, then you can define products list as array('ONLY_LOGIN'); This simply checks that the username and password exist in the database. Be careful - it will allow access for non paying or expired members!