Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Security Assist - Activate access rules via database

Security Assist - Activate access rules via database

Thread began 2/07/2013 5:03 pm by dlovas275157 | Last modified 2/15/2013 6:40 am by Jason Byrnes | 1156 views | 3 replies |

2/07/2013 5:03 pm | #1 dlovas275157

Security Assist - Activate access rules via database

Is there a way to toggle on/off the security access rules via the database. I would like to changes a record in the database that would in turn remove the security assist rules from the header of the page, or add it back in.

There are certain pages I want visible tot he public at times, but want to easily lock them back down without having to go back into the code. Making the change in the CMS (database) would be ideal.

Any ideas how to structure this without jeopardizing security?

Thanks

2/08/2013 7:20 am | #2 Jason ByrnesWebAssist

I dont think i would do this through the database, using the database would require a query on every protected page, that would add a lot of traffic to the database, on a busy site, that could add up.

you could create a file in your site that you attach to all of the pages at line 1 before any of the security assist code to set a session to 1 or 0:

php:

<?php

@session_start();

$_SESSION['makeProtected'] = "1";

?>

then add an if statement around the security assist page access code so it will be bypassed if the makeProtected session is not 1:

php:

<?php if(isset($_SESSION['makeProtected']) && $_SESSION['makeProtected'] == "1") { ?>

<?php

if (!WA_Auth_RulePasses("Logged in to visitors")){

    WA_Auth_RestrictAccess("login.php");

}

?>

<?php } ?>

to unlock the pages, set the makeProtected session to something other than 1.

2/14/2013 4:54 pm | #3 dlovas275157

I tried your session code, but I am prompted a header error:

Warning: Cannot modify header information - headers already sent by (output started at /nfs/c06/h05/mnt/153609/domains/domainname/html/project/index.php:8) in /nfs/c06/h05/mnt/153609/domains/domainname/html/WA_SecurityAssist/Helper_PHP.php on line 67

Did you mean to "attach the file" as a php require? Thats what I did before the security assist code blocks in the header.

Attached is my code.

Attached Files

indexPOST.php.zip

lockUnlock.php.zip

2/15/2013 6:40 am | #4 Jason ByrnesWebAssist

the headers already sent error happens if there is output to the page between php tags.

in your page, i see spaces before the opening php tags on line 4, 5 and 11

there is also a blank space at the end of line 5. these blank spaces are causing the error.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.