Where do I activate data assist from?

I have used it, but I can't see where it should be launched from now!

Also, I am just trying to create a log in with Security Assist for an admin section, and for some reason the log in pages etc are being created at the top level of my site rather than in the admin folder that I want them to be created in.

Why are these pages being created at top level? I have a page open at the level I want them created at just as I used to do with data bridge, but it doesn't seem to be working.

Thanks.

Mat

the Data Assist wizard is found at WebAssist -> Database -> Create Data Assist pages


in the security assist wizard, you need to tell it to put the pages in t a subdirectory. for example, to create the login page in a subdirectory of your site named admin, go to the manage pages tab. In the list of pages, select the login page and change the location from:
login.php

to:
admin/login.php

do the same for the other pages to be created.

Ah, thanks Jason.

One final question... how do I check to see if a user has access to the protected pages?

Currently, I have set a db field called active set as an INT type where I was expecting to allow access if set to 1, and deny if set to 0. How do I get the Security Assist wizard to allow or deny access to protected pages?

Thank you

Mat

Hi Mat, you do that under WebAssist->Security Assist -> Manage Site Access, there you will find the different Access for Pages/Rules/Groups, it sounds you should take a look on the Access Rules Manger in your case. There you define the value and criteria for your 1 and 0.

Hope this helps you out! :)

//Morgan

Morgan, thanks for helping, i always appreciate the assistance, but that is only half the solution.


first, you need to edit the Authenticate user behavior, on the session section, click the plus button, and select the active column. this will set a session variable with the value from the active column.

then you can create an access rule in the access rules manager.

set the rule to allow if.

for the value click the lightning bolt icon and select the active session variable.

set the Criteria to "="

and for the comparison enter 1

you dont really need to set a condition for restrict if.

You can them apply the rule to the pages you want to restrict access to.

I have tried what you've suggested Jason, but it didn't validate properly as far as I can tell.

Basically, even though I have restrict access to the page, the page displays without actually pushing you to the login page, however, I do have a show if region on the page that seems to be working if the user isn't logged in.

So I followed the steps given, but the Authenticate User step didn't work as expected in comparison to your explanation. The tab Session Values wouldn't allow me to add anything. If I add the DB table I am checking against in the Database tab, then the Session Values tab allows me to create a session, but it automatically adds a session too. The session it adds is 'id' and each time I click it to highlight it to delete it, another instance of 'id' appears in the dropdown menu... then sometimes it crashes DW!!

Anyway, what ever I seem to be doing is allowing access to users who have been refused and granted access. If I try to change the setting to Restrict and <>, then I am locked out regardless of access granted.

So, I have been trying these conditions within the rule Logged in to tbl_admin:

This lets me in:
Allow if <?php echo $_SESSION['SecurityAssist_id']; ?> <>
Allow if <?php echo $_SESSION['useractive']; ?> = 1

This locks me out:
Restrict if <?php echo $_SESSION['useractive']; ?> <> 1
Allow if <?php echo $_SESSION['SecurityAssist_id']; ?> <>

I've read your help pages and they say only one Allow if can be used per rule, and no matter what combination I use, I am either allowed in, or locked out regardless of access rights.

Any thoughts?

Mat

you dont need to use both conditions.

you only need to use the Allow if <?php echo $_SESSION['useractive']; ?> = 1 condition.


if you wanted to use 2 conditions, you would use:


Restrict If <?php echo $_SESSION['SecurityAssist_id']; ?> =
Allow if <?php echo $_SESSION['useractive']; ?> = 1