I have Login form,forget password form and register form in a single page.. What can be the name given to the webpage? Any suggestion..
Call it the "Log in" or "Sign in" page (they mean the same thing), as that is the ultimate goal of the page. Registration is just an extra step some people will have to take to be able to log in.
Related
I created a custom form on a shopify page and when the submit button is pressed i want all the data within the form fields to go to another page that is a request form where the user would enter data and upon submission the data will be emailed instead of buying anything. How is this done in shopify? the page that i'm talking about is this one
https://pharaohmfg.com/collections/billiard-pool-tables/products/luxor-pool-table
You can redirect to another page with a custom form but the email will not be send since you are required to use /contact#contact_form as the form action.
One way to bypass that is to submit the form as a contact form and redirect the user upon form success. Please note that this way if you submit the form more than once you will get a google challenge for spam protection which is not user friendly.
Another way is to create a custom APP and using a proxy to submit to that page and handle the request from there.
Or an another option is to use a third party app of some sort and use their form builder ( hopefully allowing you to tie the product variants in some way to the actual form ).
There are free services like formspree that allows direct submissions to an email but I don't know what are the limits there.
I am building a basic login page using the existing sign-in portlet.
I just want to have a functionality that when a user access the website, right now localhost:8080, the sign-in portlet should pop up!
Is this doable? If so, Can someone please hint me how this can be done?
This is how the default page looks like right now:
To log in, I have to explicitely click on the "sign-in" blue button and then it pops out a modal sign in portlet.
But what I am trying to do here is:
Whenever a user clicks on the default url, it should immediately ask the user to login rather than showing a blank page with a sign-in button (something like the output image)
Or even a modal sign-in box (Whatever is easy to customize.)
and
Whenever a user hits any other url for eg. localhost:8080/web/project1/home and if the user is not signed in, it should force him to sign in first.
Two possibilities out of the box:
place nothing but the sign in portlet on the homepage, appearing at that location (typically /web/guest/home)
protect your default page to be not visible to the guest user (this will automatically forward to the sign-in portlet) - see the "Permissions" button on the "Manage Pages" interface
There are more, but these seem to be the first and most obvious ones. Let me know if one of them works for you or what the reason for your request is
From what I understand, you want the Login Portlet to popup as a modal window/lightbox on the current page (i.e. without leaving the page). AFAIK, to achieve this, you'll have to develop all your portlets to use AJAX to create links that point protected resources. So when you get an unauthenticated request, you can stay on the same page and show login dialog.
This is high-level approach. You'll need to 1) embed the Login portlet in your theme and 2) put the below javascript functionality in Theme:
callback function - to handle response for unauthenticated request,
to render modal/lightbox
You might face surprises while implementing this.
I set up an app to allow users to log into my site using Facebook. When users click the FB login button, the expected auth dialog appears. My auth dialog shows a second page which says: "This app may post on your behalf, including status updates, photos and more."
But my app doesn't need any extended permissions, and will not be posting anything to Facebook. I don't want this second page to appear, but I can't figure out how to make it go away.
On my app's settings page, I didn't specify any extended permissions. Is there someplace else I have to specify that I don't want extended permissions?
Thanks for the help.
You might have specified a scope in the "Login with Facebook" button that requests these permissions from the user. Especially if you just copy-and-pasted an example from the documentation, this might have happened.
Check in your HTML whether you have something similar to this:
<div class="fb-login-button" scope="publish_stream">
Login with Facebook
</div>
If so, make sure to get rid of the scope attribute.
I'm having a very weird issue with user logins.
I'm building a site where all the content/menus are only available after you login.
I made a 'login' through the Modules and assign it the "userlogin" position.
Now when I go to the home page or any page, the login box comes up, but there's also a second login form. It seems to be coming from com_user.
This com_user login form doesn't work. I can't login using any credentials. If it was working I can simply remove my login module.
Is there a way I can either:
get com_user to work with normal user logins
or
disable this and so I can only see the Module login.
I can hide it from CSS, but I want to know where it's coming from.
Check the menu link which you have created should be public.
If these are not public then whenever user clicks it, he/she will be asked for login. Thats why the second login option is coming up.
We're creating a website where we will be giving out code snippets to our users which they can place on their own websites. These snippets contain a link a javascript include. When clicking the link, an iframe containing the login dialog to our site opens. The user then authenticates inside the iframe, does his work and when he leaves the iframe his session is closed. We've got it working allready and it's very slick.
Our main concern though is phishing. The user has absolutely now way of veryifying where the login page is really coming from. On the other hand, phising attacks are also succesfull even if the user can see the fake-url in the address bar.
Would you enter your (OpenId) credentials in an iframe? Does anyone know a pattern with which we could minimise the chances of a phishing attack?
The user has absolutely now way of veryifying where the login page is really coming from.
There are ways around that, by having the user choose a secret that the real login page can display back at them to identify itself. Usually this is done with easily-identifiable pictures.
However that is not the only issue. If you allow your login page to be framed (and the user comes to expect that), you also open yourself to clickjacking attacks. The third-party site can frame your login page, then position: absolute their own HTML elements on top of it. Elements like inputs directly on top of yours, sniffing each keypress to nab the password.
You can allow a simple “start login process” button to be framed, and maybe a username/identifier, but the form into which a password should be typed must open in its own browser window (either in the main window or in a popup) with its own address bar and SSL indicator.
Would you enter your (OpenId) credentials in an iframe?
Goodness no.
I would recommend not using an IFrame as they defeat accessibility, seo, and semantics unless you want those defeated. If you are asking people to login via an IFrame then you have a definite accessibility barrier that may be considered legally discriminatory in certain countries.