I am using the Simple Members module and working on the image upload part.
I am re-using the code for uploading and deleting images from the generated code for the admin. Doing pretty good - for the most part.
Now it is working like this:
I upload a picture and everything works fine - except at the end after the picture is uploaded to the correct folder and the db update is done it seems the user is logged out and I get redirected to the login page.
Same when I delete the picture. The picture is removed from the folder and the db is updated but always landing on the login page.
Any idea on how to figure out what is going on?
Simple Members image upload
3 years ago
3 years ago
#1
3 years ago
#2
Hello,
Any idea on how to figure out what is going on?
Can you post your controller code for uploading the image.
I get redirected to the login page.
Same when I delete the picture.
Any idea on how to figure out what is going on?
There must be a redirect to the home page, Look in your code and change that to where you want to go. Probably the Submit method for Upload and Delete Functions.
Dan
Any idea on how to figure out what is going on?
Can you post your controller code for uploading the image.
I get redirected to the login page.
Same when I delete the picture.
Any idea on how to figure out what is going on?
There must be a redirect to the home page, Look in your code and change that to where you want to go. Probably the Submit method for Upload and Delete Functions.
Dan
3 years ago
#3
Here is the code for the submit_upload_picture function
As you can see it should redirect back to the referer - and echoing out $_SERVER['HTTP_REFERER'] does show that.
So something else is happening...
As you can see it should redirect back to the referer - and echoing out $_SERVER['HTTP_REFERER'] does show that.
So something else is happening...
3 years ago
#4
It could be the csrf_protect() redirecting you, what version of the framework are you using?
Try inserting and echo 'bad vibe' ; die() ; just before the redirect in validation_helper.
Try inserting and echo 'bad vibe' ; die() ; just before the redirect in validation_helper.
3 years ago
#5
It seems to get through csrf_protect without problem.
I am sure there is some other check that is running after the submit_upload_picture and before the redirect gets run that checks the login and fails.
If I do the die; before the redirect and then just copy the URL back into the browser it goes to the root.
How would I check for a login status at that moment?
I am sure there is some other check that is running after the submit_upload_picture and before the redirect gets run that checks the login and fails.
If I do the die; before the redirect and then just copy the URL back into the browser it goes to the root.
How would I check for a login status at that moment?
3 years ago
#6
Hi Thranur,
Now that I'm on my PC and re read your original post - you mentioned you had installed the 'Simple Members' module and have inserted the single 'picture uploader' code generated with the Desktop app - where you inserted it is still unknown and as Dan mentioned earlier, if you could share the whole controller file for us to better help...
Assuming you have created a new module with a member's area and have several methods you need protecting and this submit_upload_picture() is one of them, you are missing which scenario you want to be allowed:
This will allow logged in members to upload images and redirect to the login page if they are not. I would also assume you have followed DC's tutorial on how to protect pages/ methods with the 'simple_members' module - this link will skip you to the part where DC shows this https://youtu.be/v6Mc3e5SXOM?t=458
Here is also a method to check for online users and displays them:
Now that I'm on my PC and re read your original post - you mentioned you had installed the 'Simple Members' module and have inserted the single 'picture uploader' code generated with the Desktop app - where you inserted it is still unknown and as Dan mentioned earlier, if you could share the whole controller file for us to better help...
Assuming you have created a new module with a member's area and have several methods you need protecting and this submit_upload_picture() is one of them, you are missing which scenario you want to be allowed:
This will allow logged in members to upload images and redirect to the login page if they are not. I would also assume you have followed DC's tutorial on how to protect pages/ methods with the 'simple_members' module - this link will skip you to the part where DC shows this https://youtu.be/v6Mc3e5SXOM?t=458
Here is also a method to check for online users and displays them:
3 years ago
#7
Huge thanks DaFa!
This along with putting Debug on in Model.php got me to the solution.
Having these two lines on top of the functions did the trick:
$this->module('members');
$token = $this->members->_make_sure_allowed('members area');
This along with putting Debug on in Model.php got me to the solution.
Having these two lines on top of the functions did the trick:
$this->module('members');
$token = $this->members->_make_sure_allowed('members area');
3 years ago
#8
You actually solved it another way in your post above, by directly loading the 'members' module and invoking '_make_sure_allowed()', which by doing it this way, doesn't need 'members area' to be passed in.
The way I suggested above, was to use the scenarios in Trongate_security.php as DC demonstrated in his video - but do what makes you feel good ?
which when added to the start of a method protects it to only allow logged in users
You can also add these 2 lines to a constructor to protect every method in your module.
Happy coding
The way I suggested above, was to use the scenarios in Trongate_security.php as DC demonstrated in his video - but do what makes you feel good ?
which when added to the start of a method protects it to only allow logged in users
You can also add these 2 lines to a constructor to protect every method in your module.
Happy coding