Decrease
Reset
Increase

JoomlaLMS Learning Management System - Support Forum


Go Back   JoomlaLMS Support Forum > JoomlaLMS > General Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 04-11-2012, 01:30 PM
RBoehm RBoehm is offline
Member
 
Join Date: Aug 2011
Posts: 53
Default Utility Creation - Restricted Access

Using a local network (no Internet) with Joomla 1.6.0 and JoomlaLMS 1.2.0 Professional.

I need to enable Teachers to run custom queries in the database, so I set up a .php page that runs the queries they need.

I would like to restrict access to this page so only teachers can see it.

Options:
1 - When the page is loaded, determine that the user is already logged in as a teacher and show the results of the queries, else, direct them to log in to the LMS first.

2 - Set up a log in page that will authenticate the user with their Joomla credentials.

Option 1 is preferred, but I am not sure how to do it - are Session Variables (or something like them) used?.

Option 2 works until I try to convert the entered password to hash it to match what is stored in the database - not sure of the details of how Joomla does this.


Please provide some guidance.

Thanks.
Reply With Quote
  #2  
Old 04-12-2012, 06:40 AM
Helga_13 Helga_13 is offline
JoomlaLMS Support Team
 
Join Date: May 2010
Posts: 856
Default

For the first option some knowledge of the Joomla API is required. You can include Joomla API functions into your custom php script by doing everything that is listed in the joomla index.php files before the line with the connection (and including this line) of the framework.php file.
After that you can get the user object as follows: $user = JFactory::getUser();
ID of the user: $user->get('id');
Username: $user->get('username');

You can check is a user has Teacher user role by the 'jos_lms_users' table
(the user role is defined by the lms_usertype_id field, standard Teacher user role value is 1 , LMS admin = 5)
The courses of the user (if this user is Teacher) can be defined by the 'jos_lms_user_courses' table.

As regards the second option please note that the password is stored in the database in the following way: "crypted_pasword:salt", where crypted_pasword is "md5(plain_pasword+salt)" i.e. the 'password' field in the database consists of two parts separated by a colon. The second part of it is salt - a randomly generated line which is individual for each user (it is stored unencoded). The first part is the encoded password stored in the following way: at the end of unencoded password the salt line is added and after that the whole is encoded in the md5 method.
Reply With Quote
  #3  
Old 04-12-2012, 11:05 AM
RBoehm RBoehm is offline
Member
 
Join Date: Aug 2011
Posts: 53
Thumbs up

Thanks for the help.

Attempting Option 1 by creating the file you describe in c:\wamp\www\Joomla:

Code:
<?php


// START JOOMLA CODE

// Set flag that this is a parent file.
define('_JEXEC', 1);
define('DS', DIRECTORY_SEPARATOR);

if (file_exists(dirname(__FILE__) . '/defines.php')) {
	include_once dirname(__FILE__) . '/defines.php';
}

if (!defined('_JDEFINES')) {
	define('JPATH_BASE', dirname(__FILE__));
	require_once JPATH_BASE.DS.'includes'.DS.'defines.php';
}

require_once JPATH_BASE.DS.'includes'.DS.'framework.php';


$theJUser = JFactory::getUser();
$theJUserID = $theJUser->get("id");
$theJUserName = $theJUser->get("username");

echo "<br />JUSER: " .$theJUser;
echo "<br />JUSERID: " .$theJUserID;
echo "<br />JUSERNAME: " .$theJUserName;
echo "<br />";

// END JOOMLA CODE


?>

Running that file results in no errors, and this display:


Code:
JUSER: JUser
JUSERID: 0
JUSERNAME:

And I am logged in to Joomla as a Teacher.

Any ideas?

Last edited by RBoehm; 04-12-2012 at 11:09 AM.
Reply With Quote
  #4  
Old 04-12-2012, 11:32 AM
RBoehm RBoehm is offline
Member
 
Join Date: Aug 2011
Posts: 53
Smile Solved

Had to add a few more lines for the Application:

Code:

<?php


// START JOOMLA CODE

// Set flag that this is a parent file.
define('_JEXEC', 1);
define('DS', DIRECTORY_SEPARATOR);

if (file_exists(dirname(__FILE__) . '/defines.php')) {
	include_once dirname(__FILE__) . '/defines.php';
}

if (!defined('_JDEFINES')) {
	define('JPATH_BASE', dirname(__FILE__));
	require_once JPATH_BASE.DS.'includes'.DS.'defines.php';
}

require_once JPATH_BASE.DS.'includes'.DS.'framework.php';


// Instantiate the application.
$app = JFactory::getApplication('site');

// Initialise the application.
$app->initialise();



$theJUser = JFactory::getUser();
$theJUserID = $theJUser->get("id");
$theJUserName = $theJUser->get("username");

echo "<br />JUSER: " .$theJUser;
echo "<br />JUSERID: " .$theJUserID;
echo "<br />JUSERNAME: " .$theJUserName;
echo "<br />";

// END JOOMLA CODE


?>

All set now; thanks.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT. The time now is 10:45 PM.

RSS