Custom Page problem

Got something cool to share with AppGini users? Feel free to post it here!
Post Reply
User avatar
baudwalker
Veteran Member
Posts: 188
Joined: 2015-02-03 08:08
Location: Bellingen NSW Australia

Custom Page problem

Post by baudwalker » 2020-07-27 23:41

Hi All,

I made a custom page for my project. as there were a few pages that made the section i put them into a folder and added that folder into the hooks folder.

when the user signs in they are presented with all the tables including the custom page. when the page is accessed it gives an "Access denied" error. but after signing in the second time it works fine.

is anyone able to assist?

As all signed in users should have access I added the following code...

<?php
define('PREPEND_PATH', '../../'); /* the extra "../" is because I have this in a folder within the hooks folder */
$hooks_dir = dirname(__FILE__);
include("$hooks_dir/../../defaultLang.php");
include("$hooks_dir/../../language.php");
include("$hooks_dir/../../lib.php");

include_once("$hooks_dir/../../header.php");

/* grant access to all logged users */
$mi = getMemberInfo();
if(!$mi['username'] || $mi['username'] == 'guest'){
echo "<h3>Access denied Please Sign In</h3>";
exit;
}


Barry


include_once("$hooks_dir/../../footer.php");
?>

User avatar
onoehring
AppGini Super Hero
AppGini Super Hero
Posts: 1156
Joined: 2019-05-21 22:42
Location: Germany
Contact:

Re: Custom Page problem

Post by onoehring » 2020-08-06 15:16

Hi,

interesting ...
Did you try to change

Code: Select all

if(!$mi['username'] || $mi['username'] == 'guest'){
for testing? Maybe accept only a specific usergroup to access that page?

Did you try to place the page directly into your hooks folder?

Maybe this helps:
What I did to secure a custom page:
I created a table in AG with my CUSTOMNAME. This results in a file in your AG root directory with that name.
I edited that file to look like this:

Code: Select all

<?php	
	$currDir = dirname(__FILE__);
	include("$currDir/defaultLang.php");
	include("$currDir/language.php");
	include("$currDir/lib.php");

	//custom language
	include("hooks/language.php");

	include_once("$currDir/header.php");

	/* grant access to all users who have access to the orders table */
	$user_can_access = get_sql_from('CUSTOMNAME');
	if(!$user_can_access) exit(error_message('Access denied!', false));
	
include("hooks/SOMEOTHERNAME.php");

		if(!$footerCode){
		include_once("$currDir/footer.php"); 
	}else{
		ob_start(); include_once("$currDir/footer.php"); $dFooter=ob_get_contents(); ob_end_clean();
		echo str_replace('<%%FOOTER%%>', $dFooter, $footerCode);
	}
	?>
The file /hooks/SOMEOTHERNAME.PHP actually holds my custom code.
Attention: CUSTOMNAME.php will be replaced, when you regenerate your application in AG. For this reason I have a special folder with files that I always copy back, overwriting some AG files - in this case CUSTOMNAME.php as well (you can search this forum for special_from_root which should be contained in my posting about this.

Olaf

User avatar
baudwalker
Veteran Member
Posts: 188
Joined: 2015-02-03 08:08
Location: Bellingen NSW Australia

Re: Custom Page problem

Post by baudwalker » 2020-08-09 23:55

Thank you Olaf, I'll give it a go...

Post Reply