Symphony.

Ok, I have a Downloads page which is the page I need protecting. It has a URL param of action and has a page type of Member.

I have a Login page with this form:

<h2>Login Form</h2>
<div id="guideline">
<h4>Notes</h4>
<ul>
  <li>If you are not a member, please <a href="{$root}/register/">register</a>.</li>
  <li>If you have forgotten your password, you can <a href="{$root}/login/forgot/">retrieve it</a>.</li>
 </ul>
</div>
<xsl:choose>
<xsl:when test="$action = 'forgot'">
  <form method="POST" action="{$root}/login/">
    <p class="success">Enter your email address below and you will be sent an email containing your password</p>
    <fieldset>
      <label>Email Address: <input name="front-end-authentication[username]" type="text" /></label>
      <input type="submit" id="submit" name="action[front-end-authentication][forgot]" value="Retrieve Password" />
      <p><a href="{$root}/login/">Cancel (back to login)</a></p>
    </fieldset>
  </form>
  </xsl:when>
  <xsl:otherwise>
  <form method="POST" action="{$root}/login/">
    <xsl:if test="//front-end-authentication/@status = 'invalid'">
      <p class="error">Authentication Failed! Please check your details</p>
    </xsl:if>

    <xsl:if test="//front-end-authentication/@password-retrieval-email-status = 'sent'">
      <p class="success">Email sent. Please check your inbox.</p>
    </xsl:if>

    <xsl:if test="//front-end-authentication/@status = 'authenticated'">
      <p class="success">You have successfully logged in</p>
    </xsl:if>

    <fieldset>
      <label>Email: <input name="front-end-authentication[username]" type="text"/></label>
      <label>Password: <input name="front-end-authentication[password]" type="password"/></label>
      <input id="submit" type="submit" name="action[front-end-authentication][login]" value="Login"/>
      <input name="redirect" type="hidden" value="{$root}/downloads/" />
      <p><a href="{$root}/login/forgot/">Forgot your password?</a></p>
    </fieldset>
   </form>

So if you go to /downloads/ do you get the login form?

Yes the URL remains /downloads/ but the login form appears there.

That should be all you need then. If you login from there do you get redirected back to the downloads page?

Oh now I am getting an error saying unregistered value “action”.

Does it work if you change the form to action=""?

Nope it still gives me the same error.

Hmm. What happens if you remove the <input name="redirect"/>? Any chance you can post your prefs as well?

Preferences

Also same error.

I’m a little stumped. Looks like it should be working properly. Any errors in the logs?

Do you want to take a look?

You can contact me at nick[at]nicktoye.co.uk

and I can give you access.

Dru had a look and he couldn’t figure it out. I’m starting to think maybe Media Temple are not playing nicely with Symphony.

There doesn’t seem to be any params that indicate the user is logged in. I have looked and not found.

Is there a hidden param that I need to uncover?

It seems like such a simple thing but I want to be able to pass into the page a param that is linked with the user who has just logged in.

Seems the only XML I can get out of the Event is

event/front-end-authentication/@status

How come we get logged out of Symphony when we logout of of the member system? It’s a pain when testing and styling.

How come we get logged out of Symphony when we logout of of the member system

Line 126 might have something to do with this:

session_destroy();

This will kill all open sessions, including your Symphony login session. You could try commenting it out and see what happens — does the logout still work? Or perhaps wrap an if around that line to check whether the extension is set up to use sessions over cookies (see lines 173–175).

Ok, well commenting it out didn’t work.

Oh, it did work.

So now I need to create an if statement. Ok then.

@NickToye: I added the username to the XML output. My modified extension is on GitHub, it should offer some ideas as to how to add further output as required.

Ok this is the code I added:

private function __expireCookie(){

        if($this->_Parent->Configuration->get('use-sessions', 'frontend-authentication') == 'yes'){
            session_destroy();
        }


        $Cookie = new Cookie(__SYM_COOKIE_PREFIX_ . 'front-end-authentication', (24 * 60 * 60), __SYM_COOKIE_PATH__);
        $Cookie->expire();

    }

Now that didn’t work, now I’m still new at php, well not new, but I don’t ever write it because I never have had to till now.

So how come it didn’t work?

@neilalbrock

I think I already made that change in another project, but it was just a bit of text that I changed on the advice of makenosound.

What line did you change?