Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

How to password protect CMS page, category and/or product page
 
Paaaaa
Member
 
Total Posts:  50
Joined:  2008-10-30
 

Hello

I needed a fast hack to protect one CMS page with username and password. I found an easy way to do that.

First You need to create file in app/design/frontend/yourtheme/yourtheme/password/pass.phtml

<?php 

$user 
$this->__($this->getUserName());
$pass $this->__($this->getPassWord());

if(@
$_SERVER['PHP_AUTH_USER'!= $user || @$_SERVER['PHP_AUTH_PW'!= $pass)
{
  header
('WWW-Authenticate: Basic realm="Restricted Access"');
  
header('HTTP/1.0 401 Unauthorized');
  die(
'You can't access this area.');
}

?>

Now You need to insert next line to app/design/frontend/yourtheme/yourtheme/page/html/header.phtml
I have inserted it right at the beginning of header.phtml

<?php echo $this->getChildHtml('pass'?>

The last step is to enter the code to Layout update XML in Custom Design tab.

<reference name="header">
<
block type="core/template" name="pass" template="password/pass.phtml">
<
action method="setUserName"><txt>4321</txt></action>
<
action method="setPassWord"><txt>1234</txt></action>
</
block>
</
reference>

To change username or pass, just change the “4321” and “1234” to any value You want.

 
Magento Community Magento Community
Magento Community
Magento Community
 
type0
Jr. Member
 
Total Posts:  7
Joined:  2010-03-16
California
 

Hello.

I tried your password protect solution, but get a blank page.

I followed your directions exactly.

/app/design/frontend/default/hellowear/template/password/pass.phtml

Added <?php echo $this->getChildHtml('pass') ?> to /app/design/frontend/default/hellowear/template/page/html/header.phtml.

I’m using the Hellowear template if that makes a difference.

Can you help?

Thank you.

Mike

 
Magento Community Magento Community
Magento Community
Magento Community
 
meeeearcus
Member
 
Total Posts:  57
Joined:  2008-07-01
 
type0 - 09 April 2010 01:32 PM

Hello.

I tried your password protect solution, but get a blank page.

I followed your directions exactly.

/app/design/frontend/default/hellowear/template/password/pass.phtml

Added <?php echo $this->getChildHtml('pass') ?> to /app/design/frontend/default/hellowear/template/page/html/header.phtml.

I’m using the Hellowear template if that makes a difference.

Can you help?

Thank you.

Mike

Had the same issue. if you look at the pass.phtml file the line with die should be this:

die('You can\'t access this area.');

it was missing a ‘ and an escape.

 
Magento Community Magento Community
Magento Community
Magento Community
 
tylerhale
Jr. Member
 
Total Posts:  5
Joined:  2010-08-16
 

I tried this method and I thought it was working great until I tested it again on a different computer.  It seems that once logged in, any one can access the page.  I need to have the password and username required for each visit.  Any ideas or help is greatly appreciated, thank you!

 
Magento Community Magento Community
Magento Community
Magento Community
 
MagePsycho
Mentor
 
Avatar
Total Posts:  1702
Joined:  2009-06-23
 

Better alternative:
http://www.magentocommerce.com/magento-connect/MagePsycho/extension/3954/store_restriction
Which protects the store from non-logged in users. You can also even filter for logged in customers by giving access to certain customer groups only.

If you want to protect the CMS pages only or Category or Product page, you can contact me for the Pro Version of Store restriction.

Thanks

 
Magento Community Magento Community
Magento Community
Magento Community
 
KWAVE
Member
 
Avatar
Total Posts:  53
Joined:  2009-04-04
Boston
 

This works great for me. I was wondering though is there any way to send them to a page if enter the wrong pass and login rather then showing text on a blank page saying you don’t have access?

I actually applied this to a category page so just to let everyone know it works in there also not just CMS pages.

 
Magento Community Magento Community
Magento Community
Magento Community
 
KWAVE
Member
 
Avatar
Total Posts:  53
Joined:  2009-04-04
Boston
 
KWAVE - 11 February 2011 09:51 AM

This works great for me. I was wondering though is there any way to send them to a page if enter the wrong pass and login rather then showing text on a blank page saying you don’t have access?

I actually applied this to a category page so just to let everyone know it works in there also not just CMS pages.

I found a solution to this.

die(’<div align="center"><br><br><h2>Sorry you did not enter the correct login information. Please try again.<br><br> You are being redirected back to the login page.<br><br> Thank You</h2></div> <meta http-equiv="refresh" content="3;url=http://www.website.com">’);

Magento Web Design

 
Magento Community Magento Community
Magento Community
Magento Community
 
sbalay1029
Jr. Member
 
Total Posts:  1
Joined:  2012-08-22
 

I was checking through forums and found your solution very helpful. But I am wondering I can do it only with password field..

I tried removing username code in pass.html and xml too. But is not working.

Let me know if you have any suggestions.

 
Magento Community Magento Community
Magento Community
Magento Community
 
adultcart
Jr. Member
 
Total Posts:  7
Joined:  2009-02-01
 

I was really excited because I thought this would work.

But no matter WHAT the password is, and no matter what I put in, it won’t work.

If i put in the correct password, the page reloads and it asks me for the password.

If I hit cancel, it dies out.

This is frustrating.

UPDATE: it was a server issue and it’s working now!

 
Magento Community Magento Community
Magento Community
Magento Community
 
andrewvolk
Jr. Member
 
Total Posts:  1
Joined:  2011-12-07
 
adultcart - 16 November 2012 06:13 AM

I was really excited because I thought this would work.

But no matter WHAT the password is, and no matter what I put in, it won’t work.

If i put in the correct password, the page reloads and it asks me for the password.

If I hit cancel, it dies out.

This is frustrating.

UPDATE: it was a server issue and it’s working now!

What was the server issue? I am having the same password problem and would love to be able to get it fixed. Thanks!

 
Magento Community Magento Community
Magento Community
Magento Community
 
vchin
Jr. Member
 
Total Posts:  1
Joined:  2013-09-11
 

Thanks for this! It works like a charm.

Just wondering if someone can provide some explanation about what the code in the 3 different files do and how they are linked together?

I’m trying to learn more about the Magento backend.

Thanks!

 
Magento Community Magento Community
Magento Community
Magento Community
 
SpiderJeff
Jr. Member
 
Avatar
Total Posts:  15
Joined:  2012-12-04
 

Hello,
This is not working for me. It will open the page without prompting for a username or password. I am using Community 1.7. Any assistance would be great. Thank you.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top