Content/PHPScripts

From aMember Pro Documentation
Revision as of 06:49, 17 November 2011 by Alex-scott (Talk | contribs)

Jump to: navigation, search

This method allows to add cookie-based login form for any PHP script or pages. It is particularly useful for adding paid membership support to an existing PHP-based application.

If your existing content is in standard .html files rather than .php files, see Content/Folders

Useful if:

  • All your protected content is stored in PHP files.

Not useful if:

  • Images, downloadable content or other non-PHP files are included in your protected content.

Requirements

  • No special requirements

Setting Up Protection

For this plugin to work the file /amember/library/Am/Lite.php must be included at the very top (before the opening <html> tag) of the PHP pages you wish to protect as follows: <php><?php include("aMember_Root_Dir/library/Am/Lite.php"); Am_Lite::checkAccess(array(1,3), 'My Protected Page Title'); .. any existing PHP code goes here .. ?></php>

 Note: You must edit the products# array to reflect the aMember product which gives access to the page. 
For example, if access is confined to those with products 1 and 3 it will be as above. If it is confined to 
those with products 2 and 5 you would use Am_Lite::checkAccess(array(2,5));
 Note: Instead of first argument (array(1,3) in our example), you may use special constants:
   Am_Lite::PAID - access is allowed if user has paid for any subscription
   Am_Lite::FREE - access is allowed if user has a free subscription
   Am_Lite::ANY - access is allowed if user has any not-expired subscription   
   Am_Lite::ONLY_LOGIN - validate username,password only, do not check user subscriptions status
 Note: aMember_Root_Dir must be replaced with actual unix path (not URL!) to aMember folder. You can find
this path at aMember CP, on the "Welcome to aMember Pro Control Panel" screen, in the "Software version info"
table. It is named Root Folder.

How does it work (for programmers only)

When a user enters a URL to the protected page the aMember login form is displayed and the user enters a username/password. This information is compared to entries in the member database to determine whether a user has the right credentials

  • If the user is not authorized yet, user will be redirected to aMember login form;
  • If the user has been authenticated, but has no access to given content, no-access page will be displayed;
  • If the user has an active subscription to a product as defined in products list, then the protected PHP page will be displayed.

If you are not using subscriptions or wish to allow any member to have access to a page, regardless of the subscriptions they hold, then you can define products list as array('ONLY_LOGIN'); This simply checks that the username and password exist in the database. Be careful - it will allow access for non paying or expired members!