close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Web Page Viewer for CSM

Thread began 3/11/2010 5:21 am by SPT | Last modified 3/25/2010 3:05 pm by Eric Mittman | 3947 views | 9 replies |

SPT

Web Page Viewer for CSM

How about using a Lightbox type popup viewer with an Iframe to display the page i am editing:

So to test my idea I have added a static (light box type) popup viewer on several pages inside of the PowerCMS Admin area. The viewer has an iframe that contains the page I have the content on via CMS.

I think adding a simple pop up viewer like (Light box type) is most helpful. The Client does not have to navigate away from the CMS to see changes.

So what I need help/teaching on:

- Adding the fields in the database to enter the URL to the edited page.

- Adding form element to insert the url from the insert page and binding them.

Also Setting up Security Assist to manage Rules for hide/show based on Admin of Editor.

I will then place the dynamic URL inside of the Popup code inside of the html and it will look great.

Since I will restrict the insert page to the Admin only (me) I can be sure to enter the correct page url.

My provider allows me to use myphpAdmin. I have basic knowledge of how to create fields but can not seem to figure out how to create the relationships or Foreign key if that is the proper term.?

Also need help adding the security assist functionality to the Solution to make it truly less work for the web developer and more understandable to less savy clients.
So using my SecurityAssist to hide/show elements like:

“Delete” - this button can really create work when they press delete and the area on the page becomes unused and empty (no history to fix that one) then I have to go back and paste their code again.

“Insert Area”, there again it is not saving me time if I have to enter codes every time they “Insert New Content”.

“Developers Notes” at the bottom of the Contents Detail Page. Confuses the client.

So I guess I will also have to create fields in the database for Admin and Editor rights?
Then I have to setup a hide/show link inside of CMS to the Security Assist registration page for adding editors and administers.

The Page to insert admin and Editors should only be accessible via the Admin rights so I guess I just add another hide reveal to the link for that.

I would bet you smart WebAssist fellas could add all of that to the solution in a matter of a couple hours or less. I am on day 2 of trying.

Sign in to reply to this post

Eric Mittman

I'm not sure that I understand exactly what you are going for in the end but I can try to help answer any specific questions that you have about using our tools for the various parts. If you are not familiar with manipulating your db you should check out the Database Starter Kit that we have here:

database-for-php/

Along with this free training there are some good resources for getting familiar with SecurityAssist and applying the functionality it provides on the SecurityAssist support page, here is a link to that:

securityassist/

I think it would be a good idea for you to review some of the documentation and info so that you can get an idea on how applying these features with SecurityAssist work. Please post back with any questions that you have and we will help you with what we can.

Sign in to reply to this post

SPT

Thanks Eric,

I guess first I would like to use my Security Assist to Show/Hide region based on admin or user.

I know how to use this Show/Hide feature in Security Assist just not on changing how to tell the rules manager how to base the username access level.

It has been a while since I last used Security assist but I did download and reviewed the material,videos and links you advised.

However, with the username and the password being located with in the Globals file and not in a database I am confused on how to create access rules.

Sign in to reply to this post

Eric Mittman

It is not as straight forward when you are trying to manipulate the SecurityAssist implementation in PowerCMS. The rule that is used to protect the pages in the admin area is called Administrator and is defined as the session variable $_SESSION['AdminLogin'] being equal to the $GLOBALS['WAGLOBAL_Admin_Password'] value.

You can continue to make use of this rule, or you can craft your own rules and get rid of these. If you are going to be using Security Assist extensively it might make sense to do it like this instead. This way you can have complete control over the access rules and how they are constructed. I'm including a screen shot of the Administrator rule in the rules interface so you can see how it is setup.

Sign in to reply to this post

SPT

Thanks again Eric,

I have spent some time experimenting on trying to setup different users.

I currently have had no luck.

Is there anyway I could get you to outline step by step the easiest way just to add 2 user levels and then have a way for security assist show/hide elements.

Thanks

Sign in to reply to this post

Eric Mittman

We have a complete Solution Recipe that is dedicated to user level authentication, here is a link to the pdf for it:

securityassist_user_level_auth_sr.pdf

In the solution recipe section on the SecurityAssist support page there is also an interactive version of the Solution Recipe, here is a link to the support page if you need it:

securityassist/

Please review this Solution Recipe to get a feel for how to setup the user level authentication. Let us know if you have any questions or if you encounter any issues.

Sign in to reply to this post

SPT

Sorry I have tried this and I am still not getting anywhere.

I watched the videos (many times over the years)

This is what I have tried.

-I go to the Database included with CMS
-I add a new table "Users" with 4 columns
UserID
UserName
UserPw
UserLevel

-Then I run Security Assist setup everything as instructed in the video with the connection to my new table inside the CMS database and based off of the CMS admin template. No encrypted password (not necessary right now)
Goes fine.

-I go to the Dreamweaver Modify >> Security Assist >> Access Pages Manager.
-I change all of the necessary pages in the admin folder from CSM to "Logged into Users".
Upload everything.

With a registered user in the User table I am still not allowed on the CMS index page. (it is the page chosen to go to on successful login.)
I tested going to a different page not CMS specific and login function works.

Beyond doing the above I have not found any more specific to CMS and Security Assist in the WebAssist tuts.

Perhaps some more Specific information to using both of these Web Assist products in conjunction with each other would help me.

Sign in to reply to this post

Eric Mittman

Did you remove the original access restriction rule that was in place on the PowerCMS pages? If the old rule is still there you will not be able to access the pages by just being logged in. One way you can test your rule is to create a new blank page and apply the rule to it, then login and visit your new page. If you pass the rule you will have access to the page. If so this indicates that your login page and logged in rule is working ok and that there is another restriction on the pages that is preventing you from accessing them.

For reference the access restriction rule that is on the PowerCMS pages by default looks like this:

php:
if (!WA_Auth_RulePasses("Administrator")){
    WA_Auth_RestrictAccess("users_login.php");
}
Sign in to reply to this post

SPT

Ok here is where I'm stuck.

I have CMS working fine under all default settings.

Separately, I have Security Assist setup on template other than CMS admin Template and all working good for pages not associated with CMS.

I then use the WebAssist Page Rules Manager and change all of the admin pages to "Logged into users".

On the CMS admin pages I notice a server behavior located on the admin template.

Show if "Administrator"

code:
<?php if(WA_Auth_RulePasses("Administrator")){ // Begin Show Region ?>
<a href="../Admin/contents_search.php">Advanced Search</a> | <a href="../admin/users_logout.php">Log Out</a>
<?php } // End Show Region ?>


So on the CMS admin template I use the server behaviors tab and double click on SecurityAssist Show Region (Administrator)

In the WebAssist Show Region window I simply change this to - Logged into users

code:

<?php if(WA_Auth_RulePasses(&quot;Logged in to users&quot;)){ // Begin Show Region ?>
<a href="../Admin/contents_search.php">Advanced Search</a> | <a href="../admin/users_logout.php">Log Out</a>
<?php } // End Show Region ?>


I also add a link to my CMS index page on my default Security Assist Profile page.

Save everything upload it all of the files.

So I login successfully and go to my default Security Assist Profile page then click the link to CMS index and get this error in the browser:

Parse error: syntax error, unexpected ';', expecting T_PAAMAYIM_NEKUDOTAYIM in /home3/ameliapl/public_html/admin/index.php on line 133


Back in Dreamweaver: admin/index
Line:127
</div>
<div class="right">
<?php if(WA_Auth_RulePasses(&quot;Logged in to users&quot;)){ // Begin Show Region ?>
<a href="contents_search.php">Advanced Search</a> | <a href="users_logout.php">Log Out</a>
<?php } // End Show Region ?>
</div>


The head of the pages inside of the CMS admin all say:

<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php require_once( "../WA_Globals/WA_Globals.php" ); ?>
<?php require_once( "../WA_CMS/WA_CMS.php" ); ?>
<?php require_once('../Connections/localhost.php'); ?>
<?php
if (!WA_Auth_RulePasses("Logged in to users")){
WA_Auth_RestrictAccess("../users_LogIn.php");
}
?>

None of them say:

if (!WA_Auth_RulePasses("Administrator")){
WA_Auth_RestrictAccess("users_login.php");
}

Sign in to reply to this post

Eric Mittman

Are you using the quote entity instead of the double quote like the code you posted here:

php:
<?php if(WA_Auth_RulePasses(&quot;Logged in to users&quot;){ // Begin Show Region ?>

<a href="../Admin/contents_search.php">Advanced Search</a> | <a href="../admin/users_logout.php">Log Out</a>
<?php // End Show Region ?>



If so you should update it to use the double quote characters like this:

php:
<?php if(WA_Auth_RulePasses("Logged in to users"){ // Begin Show Region ?>

<a href="../Admin/contents_search.php">Advanced Search</a> | <a href="../admin/users_logout.php">Log Out</a>
<?php // End Show Region ?>
Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...