close ad
WARNING: Do Not Install the DREAMWEAVER CC 2017 or 2018 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Security Rule

Thread began 10/02/2014 1:49 pm by anonymous | Last modified 10/03/2014 4:16 pm by Jason Byrnes | 902 views | 19 replies |

anonymous

Security Rule

Hello,
To use Security Assist to create a rule that allows access to a page based on a Date Range ($startDate - $endDate) is the idea to create 2 separate rules?

For instance the first rule is IF > $startDate and the second rule is IF < $endDate
Then reroute the user elsewhere if they do not have the appropriate criteria as a session value which will be set when they login.

Yes, this is the best way or is there some other consideration?

Sign in to reply to this post

Jason ByrnesWebAssist

create one rule as:

Deny IF Today is < $startDate

AND
Allow If Today is < $endDate

Sign in to reply to this post

Steve

It's not working for some reason..

Rule:

case "Subscribed":
$comparisons[0] = array(FALSE, "".$startDate ."", 3, "".date('Y-m-d') ."");
$comparisons[1] = array(TRUE, "".$endDate ."", 3, "".date('Y-m-d') ."");
break;


Test page:

http://intuitorsports.com/test-security.php

<?php 
$startDate = '2014-9-31';
$endDate = '2014-10-5';
?>
<?php
if (!WA_Auth_RulePasses("Subscribed")){
WA_Auth_RestrictAccess("purchase.php");
}
?>




Next the failure takes you to a purchase page that also fails:
It should have stayed on the test page as the date range is valid.

http://intuitorsports.com/purchase.php?accesscheck=%2Ftest-security.php%3F

This page does not load properly due to the cart code that reformats the form tag.
for instance if you go to the purchase page without the URL query string it works fine. IF accessed due to a redirect as shown in the link above it fails at the re-writen form action tag

The page loads and stops at this point:

<form name="eCart1_1_ATC_2" method="POST" action="/purchase.php

Sign in to reply to this post

Jason ByrnesWebAssist

I'll need to troubleshoot directly, see the private message section.

Sign in to reply to this post

Steve

Link provided in message above. Also FTP details provided in prior eCart posts from yesterday. I will repost these for you

Sign in to reply to this post

Steve

details added

Sign in to reply to this post

Jason ByrnesWebAssist

save start date and end date as session variables, and use strtotime to convert to a time stamp:
<?php
@session_start();
$_SESSION['startDate'] = strtotime('2014-10-3');
$_SESSION['endDate'] = strtotime('2014-10-5');
?>

make sure that is before the security assist helper require once line.

I also had the rules a little off, do the rules as:

Restrict if:
<?php echo (strtotime(date('Y-m-d'))); ?>
<
<?php echo $_SESSION['startDate']; ?>

Allow if:
<?php echo (strtotime(date('Y-m-d'))); ?>
<
<?php echo $_SESSION['endDate']; ?>

i updated the form action code to correct a syntax error, i changed:
htmlentites

to
htmlentities

Sign in to reply to this post

Steve

Thanks Jason,
I'm working on getting additional values from the Purchase page , Cart, Checkout inserted on Purchase. The eCart object looks like it needs additional values for my start and end dates.

Where do we add the additional values to pass to the insert into DB on success of purchase?

eCart Object Charges?

Sign in to reply to this post

Jason ByrnesWebAssist

add columns to the cart object to collect those values, then enter the start and end dates into those columns in the add to cart button behaivor.

Sign in to reply to this post

Steve

Jason,
Adding columns to the cart object via the Charges tab or manually insert in the code?


Also I added the session values and also the new security rule change but still not passing as valid:

http://intuitorsports.com/test-security.php

This page sets the Sessions and on the purchase.php page you get a session dump that shows their presence.


Rule:

case "Subscribed":
$comparisons[0] = array(FALSE, "".(strtotime(date('Y-m-d'))) ."", 3, "".((isset($_SESSION['startDate']))?$_SESSION['startDate']:"") ."");
$comparisons[1] = array(TRUE, "".(strtotime(date('Y-m-d'))) ."", 3, "".((isset($_SESSION['endDate']))?$_SESSION['endDate']:"") ."");
break;

Also added as an attachment.

Rule makes total sense Restrict IF less than start date then Allow if less than end date... This gives us a valid span but something is not respecting this...

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...