In yii, i am creating a project. I want to create link in yii such that it will get send to user by email and when user will click link,actionCheck will get called in which this user's id will get retrieved. and password reset page will get render to him for inserting new password. I also want to pass confirmation random key generated along with link,So that i can retrieve that user's id, So how to create this link?
i had generated it as-
$url='http://localhost/Project/index.php?r=User/Check&key=$key'
where $key is a randomly generate one.
When i am passing this link to email and clicking it,Its giving an error as-
"Error 403 You are not authorized to perform this action."
Please help me.
In your User controller you can see
public function accessRules()
{ ... }
add your actionCheck() there, with appropriate access rules something similar to below
array('allow',
'actions'=>array('action1','action2',..............,'check'),
'users'=>array('*'),
),
Related
I have setup my own custom notification for reaching out to my users to verify their email. They don't get their verification email at registration. They register, I call them and screen them, then approve their registration. After I approve them, they get a verification email. All this is working great. However, when the user clicks their verification link in their email, it takes them to the login page but in the database, the email_verified_at column never updates with a time stamp. I've followed multiple tutorials and can't figure out for the life of me why this is happening.
This is my notification function in my controller that I'm using for the screening process:
public function toMail($notifiable)
{
if (static::$toMailCallback) {
return call_user_func(static::$toMailCallback, $notifiable);
}
return (new MailMessage)
->subject(Lang::get('Verify Email Address'))
->line(Lang::get('Please verify email.'))
->action(
Lang::get('Verify Email Address'),
$this->verificationUrl($notifiable)
)
->line(Lang::get('If you did not create an account, no further action is required.'));
}
and here is my verification controller:
public function __construct()
{
$this->middleware('auth');
$this->middleware('signed')->only('verify');
$this->middleware('throttle:6,1')->only('verify', 'resend');
}
When I hover over the link in mailtrap, it has a valid URL and, as stated, redirects to the login screen.
I can supply any other code requested, I just didn't want to paste 5 files worth of code here if it wasn't necessary as all the other functionality seems to be working fine. If anyone can help me figure out why this is happening, it would be greatly appreciated.
I'm developing an extension that have both, a list of records (action show) and a form to send a new record (action new).
The list must be for public access, but the form must require a login form (I'm using the login form content type that comes with TYPO3).
I have tried using the Access Tab for the plugin selecting Show at any Login but it applies to the entire plugin not for each action.
Currently, this is how the page looks like:
How could I get to display the login form only when someone tries to create a new record?
Note: The extension is based on Extbase and Fluid. The target version is TYPO3 6.2.
The easiest would be to split the actions in different "views" with switchableControllerActions in your flexform. Then you would need to place separate plugins on two different pages, that way you can have different access configuration for the plugins. If you don't know how to adjust the flexform, you can post the content of it here.
The other way would be to make a check inside the controller, but i would only use it if you have a lot of different roles you need to check.
if ($this->loginUser === null && $GLOBALS['TSFE']->loginUser && !empty($GLOBALS['TSFE']->fe_user->user['uid'])) {
// the user is logged in
} else {
// return '' as action content
return '';
}
I'm using Login Control form in ASP.NET and after successful login would like to track the username to give welcome greeting and so on. Also, if any user tried to directly go to a random page without passing the authentication, then I would like to raise an error page. I tried various methods with Membership Control to retrieve the username but I'am getting errors. Can someone point me to the right direction?
There are two controls for this task. LoginName gives you the current logged in user name and the other is LoginStatus which gives you the current status whether user is logged in successfully or not.
if (User.Identity.IsAuthenticated == false)
{
Response.Redirect("your_redirecting_url");
}
I want to create an AJAX-registration form on my Yii-project. So on every page I have a login-button, which shows a popup if the user isn't authorized. In that popup he can see registration form with email field, password field, and CAPTCHA (default Yii captcha).
So, my model for user's registration is User. There is a validation rule:
array('code', 'captcha', 'allowEmpty'=>!Yii::app()->user->isGuest),
My controller, where all user's actions are, is User (url: site.url/user/) and I added there captcha action:
'captcha'=>array(
'class'=>'CCaptchaAction',
'backColor'=>0xFFFFFF,
'foreColor'=>0x000000,
),
In my next code:
$this->widget('CCaptcha', array(
'clickableImage' => true,
'showRefreshButton' => false,
))
And here is a problem:( Being inside a popup, which can be shown on every page (index page, for example, which belongs Main controller) captcha wants to load an image from that controller (from /main/captcha, not /user/captcha).
Adding captcha in every controller is bad idea, so I added
'captchaAction' => '/user/captcha',
But after that captcha wants to load from an url
http://site.loc/user/captcha/v/4fe99aca1bbed
User-friendly url's crashed captcha and I can't avoid it (as I think, not being a yii-expert, it's because of common path-config).
Is there an easy solution to solve this? Should I repair URL's or re-configure CAPTCHA?
So, while I was waiting for help, I solved the problem by myself :)
In my project i separated my controllers into the next hierarchy:
/frontend
/backend
All controllers for common users are (of course) in Frontend section, including UserController and MainController.
Yes, I wrote some configs to hide /frontend/ in URL's like this:
'<c:\w+>/<a:\w+>' => 'frontend/<c>/<a>',
And i was sure, that string in my CAPTCHA config ('captchaAction' => '/user/captcha') knows where to go (and it was almost so!), but NO!
I should write FULL PATH to my controller and action like below:
'captchaAction' => '/frontend/main/captcha',
As I said in question, I placed my CAPTCHA action in UserController, but now you can see it is located in MainController (i deleted it from UserController)
And I got an error:
CCaptchaValidator.action "captcha" is invalid. Unable to find such an action in the current controller.
So, to solve this, I just had to use a property captchaAction of CCaptchaValidator in my User MODEL! Code:
array('code', 'captcha', 'captchaAction'=>'/frontend/main/captcha', 'allowEmpty'=>!Yii::app()->user->isGuest)
So, now my AJAX Captcha validation works correctly where I want.
Good luck with Yii's default CAPTCHA, dear community!
Any one know how to go back to the "last page" after a user is presented the login screen and chooses to create a new account?
Basically the sequence is this:
User tries to get to protected content
Redirected to login page
If he logs in he is redirected to original page
If he chooses "create new account" and fills it out, he is redirected to the home page
How do we get him automatically redirected to the original page (not a static page).
There are several ways to go about this. The most straight-forward is to have a login link somewhere in the navigation that appends the destination to the url. The code for this is something like:
<?php
if (user_is_anonymous()) {
$link = l(t('Login'), 'user/login', array('query' => drupal_get_destination()));
}
?>
You can also set a custom access denied page at admin/settings/error-reporting that could either go to a callback that outputs the above code, or to a simple php node that outputs that code.
Additionally, the user login block provided with Drupal core uses the same method to redirect a successful login back to the originating page.
Edit: Note that the above methods will rarely work for registration, because there are more steps involved there. Specifically, when a user needs to verify an email address, passing the originating destination along via the email would involve modifying the core user registration process.
It will potentially still work on a site configured to not verify email addresses. The idea then would be to provide 2 links: 1 for login and the other for registration, both passing along destination information.
LoginToboggan may also be worth pursuing, although it doesn't yet offer the exact registration feature you're looking for.
straight php would be to include a header of this form:
<?php header("Location: " . $_SERVER['HTTP_REFERER']); ?>
for more information refer to the php manual
EDIT:
you can also include a hidden field in your form and set it to
$url = $_SERVER['PHP_SELF']; // or HTTP_REFERER depending on the setup
include the header code snipped to your registration form.