Frog CMS - Password protect pages?

Password protect pages?

7 posts, 5 voices

Apr 19, 2008 17:42 aesop1 4 posts	I see that the content has a "protect" checkbox. Is this for password protecting the content? Is there a way to password protect or require authentication of specific content? Thanks!

Apr 20, 2008 04:12 David 820 posts	Hi aesop: Clicking the "protect" checkbox hides it from users who do not have full admin privileges. If you are preparing a website for a client, for instance, you can "hide" pages that should not be edited by them (usually ones with plenty of PHP code in them!) :) I don't know about password protection of specific content -- but anyone would need a password of some kind to sign into the admin area ... where they can have "Administrator", "Developer", or "Editor" rights (assigned in the "Users" tab, of course). I'm not sure that there is much documentation on what these levels mean. My guess is: Administrator = full access to everything Developer = access to everything except the "User" module Editor = access only to unprotected pages Hope that helps!

Apr 21, 2008 08:34 aroundthefur 83 posts	so is there an possibilty to create a frontend page where only registered users have access or something like this? :=)

Apr 25, 2008 00:30 aesop1 4 posts	David, Thanks for explaining the "protect" feature. I'm looking for a login functionality that would be external to the CMS.

May 11, 2008 07:53 Andy 142 posts	I'm also looking for a way to do this, and the only way I have been able to think of doing it is via .htaccess files and creating a folder in the root. However, this just kicks out 404 errors - does anyone know any ways to do this? I'm trying to do it on a "media" page - perhaps some javascript?

May 11, 2008 08:14 Andy 142 posts	not the best solution in the world but it works : var password; var pass1="yourpassword"; password=prompt('Please enter your password to view this page!',' '); if (password==pass1) alert('Password Correct! Click OK to enter!'); else { window.location="http://www.yoursite.com/failed_validation"; } Add the above code to a js file and link to it from your tags, eg: <script type="text/javascript" src="<?php echo URL_PUBLIC; ?>public/js/pass.js"></script> Should work :)

May 12, 2008 12:53 mvdkleijn 396 posts	Just a quick note Andy, not to be annoying or anything but... this is not secure in any sense of the word. Anyone with a enough skills to download and open up your javascript file can read the password and visit your "secure" page. security through obscurity is never a good idea. I was personally hoping Philippe would make Frog's own security system available to "regular" pages besides the backend admin pages.

May 12, 2008 14:25 Andy 142 posts	yep - totally aware of its inherent problems - i wouldn't recommend it for any site that needs secure access but as I say it was for a "media" page - just to keep casual passers by out. ideally it could be done with a plugin so that users can be admistered via the admin panel and a new security level(s) could be assigned to pages. I think this is one of the biggest leaps frog can make in a future release but for now, javascript is enough to do the job I need it to for the current site I'm working on....