Magento - Require Login - Programming Questions - eCommerce Software for Growth, Powered by Open Source

Skip to site navigation »
Skip to main content »
Skip to footer content »

Sales: Call 877.832.5289 (N America)|310.295.4144 (International)

Magento Forum

Require Login

bsboard Total Posts: 15 Joined: 2008-03-18 Ignore user	I am going to be utilizing magento for a B2B order management. There are a couple changes I need, and I would appreciate some direction on . 1) The site should not be browsable unless you are logged in. What I would like to do is have every page (including homepage) display the ‘login’ screen if they are not logged in. I have looked at “Mage::getSingleton(’customer/session’)->isLoggedIn()” but don’t know where to place it. 2) I need to remove payment processing from checkout. Basically, I need to remove the “Shipping” and “Payment” steps of the checkout process. Any help, hints, suggestions will be GREATLY appreciated, as I’m still trying to figure out how this framework works. Thanks
	Posted: May 5 2008 \| top

bsboard Total Posts: 15 Joined: 2008-03-18 Ignore user	Ok, so I still would like some input on this. I found a way to get it working, but it isn’t very pretty, and i’m pretty certain there is a better way. The following is what the try block of the ‘run’ function in mage.php contains: `Varien_Profiler::start('app'); self::loadRequiredExtensions(); self::app($code, $type, $etcDir); if(self::getSingleton('customer/session')->isLoggedIn() \|\| self::app()->getRequest()->getRequestUri() == '/ordernet/customer/account/login/') { self::app()->getFrontController()->dispatch(); Varien_Profiler::stop('app'); } else { header('location:'.self::getUrl('customer/account/login')); }` It works, but I don’t like that I have to have hard-coded the path to the login page (/ordernet/customer/account/login). Is there any way to get the install directory of magento, so I can do something like $installDir . ‘/customer/account/login/’ ?? Any other comments about this setup would be much appreciated
	Posted: May 5 2008 \| top \| # 1

bsboard Total Posts: 15 Joined: 2008-03-18 Ignore user	...and this is why I think there has got to be a better way. The code is getting more and more ugly, as I am finding new URL’s that need special cases. 1. Posting the login form goes to a separate url 2. Admin login page shouldn’t require you to be logged in as member 3. all admin pages are under ‘index.php/admin’ instead of just ‘/admin’ like the login page. So now so far I have: if(self::getSingleton('customer/session')->isLoggedIn() \|\| self::app()->getRequest()->getRequestUri() == '/ordernet/customer/account/login/' \|\| self::app()->getRequest()->getRequestUri() == '/ordernet/customer/account/loginPost/' \|\| (strpos(self::app()->getRequest()->getRequestUri(),'/ordernet/admin') !== FALSE) \|\| (strpos(self::app()->getRequest()->getRequestUri(),'/ordernet/index.php/admin') !== FALSE)) Adding these values introduced a small security threat. Under this scenario it is possible to see the site using a querystring variable which contains a white-listed admin url. (For example, appending ‘?/ordernet/admin’ to any page). So now I need to perform additional checks on the url (perhaps removing the querystring before the strpos check, or checking that the result of strpos is zero [so the substring is at the beginning]) I may find more problems as I go…
	Posted: May 5 2008 \| top \| # 2

CreedFeed Total Posts: 50 Joined: 2007-08-31 Milwaukee, WI Ignore user	Wow, thanks for the above code. I’ve implemented this in my application and it does seem to work, although it is a bit sloppy as you mention in your post. One thing I do not like about this is that it requires the editing of a core file (Mage.php). Is there any way to check if a customer is logged in directly in the index.php file? For my application, I am building two storefronts, one for retail and one for wholesale. I’ve created a second store with a code of “wholesale” so I modified your above code snippets by putting an if ($code == ‘wholesale’) around your code and leaving the original code in for the else statement (corresponding to my if). This way anyone can use the retail store but you must login to see the wholesale store. If something similar to this could be done in the index.php to check for a login that would be a much smoother solution so as to not edit core files. Any ideas? Signature -Steve Quake 1 Resurrection
	Posted: May 19 2008 \| top \| # 3

x3graphics Total Posts: 10 Joined: 2007-11-20 Calabasas, CA Ignore user	I needed to do the same thing so I ended up modifying the template files (template/page/1column.phtml) I added the following code to the 4 files: <body <?php echo $this->getBodyClass()?'class="'.$this->getBodyClass().'"':'' ?>> <!-- Login Block --> <?php if (Mage::app()->isInstalled() && !Mage::getSingleton('customer/session')->isLoggedIn()) { ?> <form action="/magento/index.php/customer/account/loginPost/" method="post" id="login-form"> <div id="b2bloginblock"> <div class="registered-users"> <div class="content"> <h4><?php echo $this->__('Business 2 Business') ?></h4> <p><?php echo $this->__('If you have an account with us, please log in. If you would like an account to access the B2B site please contact us at wholesale@example.com.') ?></p> <ul class="form-list"> <li> <label for="email"><?php echo $this->__('Email Address') ?> <span class="required"></span></label><br/> <input name="login[username]" value="<?php echo $this->htmlEscape($this->getUsername()) ?>" title="<?php echo $this->__('Email Address') ?>" id="email" type="text" class="input-text required-entry" style="width:250px;"/> </li> <li> <label for="pass"><?php echo $this->__('Password') ?> <span class="required"></span></label><br/> <input name="login[password]" type="password" class="input-text required-entry validate-password" id="pass" style="width:250px;"/> </li> </ul> <p class="required"><?php echo $this->__('* Required Fields') ?></p> </div> <div class="button-set"> <button class="form-button" type="submit" name="send" id="send2"><span><?php echo $this->__('Login') ?></span></button> </div> </div> </div> </form> <script type="text/javascript"> var dataForm = new VarienForm('login-form', true); </script> <?php }else{ ?> <div class="wrapper"> and before the closing </html> I added: `<?php echo $this->getChildHtml('before_body_end') ?> <?php } ?> <!--End --> </body>` I really don’t know how secure this is but it has worked for me so far.
	Posted: May 20 2008 \| top \| # 4

JpSp Total Posts: 4 Joined: 2008-04-29 Portugal Ignore user	Hello Magento users and developers, I am a Magento user with Zero experience in PHP or any other code language. and i have read in this post that is possible to hide the Price on storefront, or make the users to loggin the site before they are able to see the products and the information associated with that product. My business its B2B and its extremely important that the prices doesn’t appear on guest users. Theres anyone that can help me doing that. I have the lastest version of Magento with the default theme. I think that it is possible to hide the price by changing the theme, or changing the code in a php file in the theme. I know that isn’t the best solution for security purposes but for me thats enough. thanks for you help and support. Lets enlarge the magento comunity rapidly. João Pedro Paiva Portugal
	Posted: May 30 2008 \| top \| # 5

alistek Total Posts: 293 Joined: 2008-04-02 Normal, IL Ignore user	Take a look at this post: http://www.magentocommerce.com/boards/viewthread/9172/ -Adam
	Posted: May 30 2008 \| top \| # 6

josh_trivera Total Posts: 62 Joined: 2008-02-12 Wisconsin, USA Ignore user	@alistek, 1) thats only price block, not the content. 2) now that magento is 1.X you dont want to be fooling with the Mage Core.(Template Files / Layout files) He should be altering the Template Files to check to see if the user isloggedin. JpSP unfortunately, its going to take some time to get what you want accomplished.
	Posted: August 22 2008 \| top \| # 7

Lee Saferite Total Posts: 245 Joined: 2007-08-31 Lake City, FL Ignore user	One possibility would be to override the core/url_rewrite model, extend Mage_Core_Model_Rewrite and put your code in the overridden rewrite() method. Hackish, but might work. Would be better if Magento had a pair of events surrounding routing.
	Posted: August 22 2008 \| top \| # 8

cozmir Total Posts: 6 Joined: 2008-09-04 Ignore user	Has there ever been a consensus reached on the best way to achieve a login prior to allowing access to the catalog (or sections of the catalog)?
	Posted: September 5 2008 \| top \| # 9

sherrie Total Posts: 872 Joined: 2007-12-14 Illinois, USA Ignore user	I believe there is a community extension for this now. Signature Creativity is falling in love with the world. – Dewitt Jones Current Projects: Aqua Gear Direct & IHSA State Finals • Currently Running: PHP 5.2.5/MySQL 5.0.45/Magento 1.1.8 on HostGator
	Posted: September 5 2008 \| top \| # 10

charvan Total Posts: 8 Joined: 2007-11-01 Ignore user	Sherrie, Could not locate such an extension. Do you have a link please?
	Posted: October 20 2008 \| top \| # 11

SeL Total Posts: 600 Joined: 2007-10-10 Paris, France Ignore user	Found it: http://www.magentocommerce.com/extension/490 Signature Blog Magento en français \| Traduction française de Magento (sa documentation et son fil de discussion)
	Posted: 3 weeks ago \| top \| # 12

Magento Community

Magento Community

Back to top

How to add a default route for products

Image width and Height

Sales: Call 877.832.5289 (North America) 310.295.4144 (International)

© Copyright 2008 Varien. Magento, eCommerce software, is a trademark of Irubin Consulting Inc. DBA Varien
Privacy Policy|Terms of Service Magento Community Count
53193 users|730 users currently online|107225 forum posts