We use cookies to improve your experience. No personal information is gathered and we don't serve ads. Cookies Policy.

ExpressionEngine
Log In Sign Up

Before loading /system and /index.php/member/login/

Development and Programming

Tiger0516's avatar
Tiger0516
31 posts
18 years ago
Tiger0516's avatar Tiger0516

Hi there,

I wonder if there is a way to detect if I have some session value before loading /system/index.php and /index.php/member/login/.

I tried two extension hooks, login_authenticate_start and member_member_login_start. But they both seem to work after login page was loaded and “Submit” button was submit.

The following is my test code. My objective is that, when visiting /index.php/member/login/, if I do not have a token (passed by URL), then I will get “No token” and the program exits.

But currently, I still get the normal memberlogin page.

Any hint on how to do what I want?

I also tried to change a little bit of cp.login.php. I put

$edata = $EXT->call_extension('login_authenticate_start');
            if ($EXT->end_script === TRUE) return;

before

if ( ! $IN->GBL('username', 'POST') || ! $IN->GBL('password', 'POST'))
        {
            return $this->login_form();
        }

But it does not work as I expect, either.

Thanks for help,

—test code—

<?php
  
  if ( ! defined('EXT')) {
    exit('Invalid file request'); }
  
  //test code. class name is misleading. cp_loginstart means normal member login start  
  class Cp_loginstart{
  
    //private fields
    var $setting=array();
    var $name            = 'Pre CP Login';
    var $version         = '1.0.0';
    var $description     = 'Data validation before control panel login page was loaded';
    var $settings_exist  = 'n';
    var $docs_url        = '';
    
    //constructor
    function Cp_loginstart ($setting='') {
        
        $this->setting=$setting;  
    } 
  
    function  beforeLogin()
    {
        global $IN; 

        if ($IN->GBL('token', 'GET')!=null)
            echo 'Has token';
        else
            {echo 'No token';
            exit(1);}

    }
  
    function activate_extension()
    {
        global $DB;
    
    $DB->query($DB->insert_string('exp_extensions',
                                 
     array('extension_id' => '',
    'class'        => "Cp_loginstart",
    'method'       => "beforeLogin",
    'hook'         => "member_member_login_start ",
    'settings'     => "",
    'priority'     => 11,
    'version'      => $this->version,
    'enabled'      => "y")));      
    } 

    function update_extension($current='')
    {
    global $DB;
    
    if ($current == '' OR $current == $this->version)
    {
        return FALSE;
    }
    
    
    $DB->query("UPDATE exp_extensions 
                SET version = '".$DB->escape_str($this->version)."' 
                WHERE class = 'Cp_loginstart'");
}

    function disable_extension()
    {
    global $DB;
    
    $DB->query("DELETE FROM exp_extensions WHERE class = 'Cp_loginstart'");
    }
  
  }
?>

Well, I know I can add the following

if (isset($_GET['token']))
            echo 'Has token';
        else
            {echo 'No token';
            exit(1);}

to /system/index.php and it can work. But I still prefer a way through an extension.

Any suggestion?

Thanks!

[Moderator Edit: Moved to Extensions forum]

       
Derek Jones's avatar
Derek Jones
7,561 posts
18 years ago
Derek Jones's avatar Derek Jones

The only hooks I can think of that will hit before that in this page are the session hooks: sessions_start and sessions_end. Either will be suitable to use; just keep in mind that this is called on every page, including the control panel, so you will likely need to be a bit more discreet than in your code sample above.

       

Reply

Sign In To Reply

ExpressionEngine Home Features Pro Contact Version Support
Learn Docs University Forums
Resources Support Add-Ons Partners Blog
Privacy Terms Trademark Use License

Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.