We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Opening up member registration on existing sites -- what sort of security is needed?

March 16, 2008 10:42am

Subscribe [2]

  • #1 / Mar 16, 2008 10:42am

    Linda A

    666 posts

    So far, the sites I run off EE have been entirely managed by myself and my partners. I have not even made it possible to register accounts for different levels of access, because it hasn’t been needed.

    Now, I am looking at adding account registration, but since I have not built the site at all with this in mind, how much would I need to change to ensure that members can only access what I want them to access?

    Specifically, I am looking at giving them access to one out of several wikis and possibly one out of several blogs. What’s the most effective way to go about this? Do I have to add checks to all templates for the other wikis and blogs, to keep them out, or can I set it up so that the default is that they can’t edit and then make it possible only on the selected wiki and blog?

  • #2 / Mar 19, 2008 8:48pm

    Linda A

    666 posts

    Any suggestions? 😊 For example, I have two existing wikis. If I add a third, which the members I’d be adding should have access to, how do I keep them out from the other two wikis? Or is it a matter of granting them access to the third rather than removing access from the other two?

  • #3 / Mar 19, 2008 8:58pm

    Derek Jones

    7561 posts

    Wikis have member permissions (assigning to Users in the Wiki control panel), and/or you can control access to templates with the Access link in the Template Manager.  If you need more discrete control, you would use conditionals in your template based on logged_in_member_group.  Let us know if you need additional details for a specific access control method!

  • #4 / Mar 19, 2008 9:10pm

    Linda A

    666 posts

    So when a new member is created (and assigned to the default member group), they don’t automatically have access to my existing wikis and blogs? I am sort of trying to wrap my head around if what I need to do is go in and secure everything currently existing (there’s currently nothing in my templates that checks for whether someone is a member or not) or if what I do is open up the things I want to give access to.

  • #5 / Mar 19, 2008 9:14pm

    Linda A

    666 posts

    Oh, okay, I see that wikis aren’t an issue. They could just each have their own group rather than the default. That’s easy enough. 😊

  • #6 / Mar 19, 2008 9:18pm

    Derek Jones

    7561 posts

    And you can always change which group is the default group for new registrants, allowing you to screen them as they register to place them into the appropriate group.

  • #7 / Mar 20, 2008 8:06am

    Linda A

    666 posts

    Yeah, I would probably go with that approach, so there’s nothing they automatically access in case I have some standard checks for the regular Member group that I have forgotten about.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register