Users, Authentication &amp; Personalization - MODX Community Forums https://forums.modx.com/board/?board=75 <![CDATA[PDF-files only for web user]]> https://forums.modx.com/thread/104815/pdf-files-only-for-web-user#dis-post-563704 PDF files in an internal area are to be made available for download. But if I enter the URL of the file in the browser, I can download the file without registration.
Is there a way to make files only for web users available?

ModX 2.7.0
Login 1.9.7]]>
https://forums.modx.com/thread/104815/pdf-files-only-for-web-user#dis-post-563704 Mon, 21 Jan 2019 03:51:47 +0000 https://forums.modx.com/thread/104815/pdf-files-only-for-web-user#dis-post-563704
<![CDATA[Getting lots of fake registrations using the Login.Register extra]]> https://forums.modx.com/thread/104811/getting-lots-of-fake-registrations-using-the-login-register-extra#dis-post-563626
I then put a postHook on the registration snippet which logs all submissions to the Modx error log. To my surprise, the only things logged are the legitimate registrations. The fake/spam registrations do not get logged. How are they bypassing my registration form?

The spam users usually have a matching "name" and "fullname". Also, their email often ends in “.ru” or contains “yandex”

I’m running Modx 2.7.0.

Has anyone else seen this kind of thing? How are they doing this and how can I stop it?]]>
https://forums.modx.com/thread/104811/getting-lots-of-fake-registrations-using-the-login-register-extra#dis-post-563626 Thu, 17 Jan 2019 07:20:34 +0000 https://forums.modx.com/thread/104811/getting-lots-of-fake-registrations-using-the-login-register-extra#dis-post-563626
<![CDATA[CookieList - Wishlist/favorites addon for Revolution using lovely Cookies!]]> https://forums.modx.com/thread/71914/cookielist---wishlist-favorites-addon-for-revolution-using-lovely-cookies?page=4#dis-post-561724 http://modx.com/extras/package/cookielist

CookieList is a generic addon that can be used for keeping wishlists, user favorites and other similar content. It allows you to define the value that needs to be saved which means it is not restricted to Resources, but may also be used to provide wishlist functionality for custom components. As the name indicates, it stores data in a Cookie.

Documentation can be found at http://rtfm.modx.com/display/ADDON/CookieList]]>
https://forums.modx.com/thread/71914/cookielist---wishlist-favorites-addon-for-revolution-using-lovely-cookies?page=4#dis-post-561724 Mon, 24 Sep 2018 09:55:17 +0000 https://forums.modx.com/thread/71914/cookielist---wishlist-favorites-addon-for-revolution-using-lovely-cookies?page=4#dis-post-561724
<![CDATA[Best way of implementing user presentation pages?]]> https://forums.modx.com/thread/103951/best-way-of-implementing-user-presentation-pages#dis-post-559233
/users/user1
/users/user2
/users/user3

possibly with subdirectories for listing personal resources. Then I need some way of catching requests and directing them to the same snippet. One solution I have seen in MODX is Tagger plugging in to the OnHandleRequest event. But doesn't that add a penalty to every request that MODX handles? An alternative would be to do the routing in Nginx/Apache, which would mean a minuscular overhead on every other request too. I've seen it in Discuss. Any other options? What would you do? Tagger obviously made its choice, but is it optimal for someone used to configuring the web server? And Discuss is mostly an attempt to port SimpleMachine and doesn't interface well with MODX.]]>
https://forums.modx.com/thread/103951/best-way-of-implementing-user-presentation-pages#dis-post-559233 Tue, 26 Jun 2018 10:20:18 +0000 https://forums.modx.com/thread/103951/best-way-of-implementing-user-presentation-pages#dis-post-559233
<![CDATA[login.php warning : htmlspecialchars() expects parameter 1 to be string, array given]]> https://forums.modx.com/thread/103059/login-php-warning-htmlspecialchars-expects-parameter-1-to-be-string-array-given#dis-post-559133
I keep getting this warning in my logs.
/core/components/login/controllers/web/Login.php : 100) PHP warning: htmlspecialchars() expects parameter 1 to be string, array given

When I look at the login.php file, this is what I can see
98 /* Escape placeholder values */
99 foreach ($phs as $k => $v) {
100 $phs[$k] = htmlspecialchars(str_replace(array('[',']'),array('[',']'),$v));
101 }

I am running MODX Revolution 2.5.8-pl, and the login package 1.9.4-pl2

Any ideas?

Thanks
Steve Reid
]]>
https://forums.modx.com/thread/103059/login-php-warning-htmlspecialchars-expects-parameter-1-to-be-string-array-given#dis-post-559133 Tue, 19 Jun 2018 12:14:15 +0000 https://forums.modx.com/thread/103059/login-php-warning-htmlspecialchars-expects-parameter-1-to-be-string-array-given#dis-post-559133
<![CDATA[ClassExtender - modUser - Add new field after initial config]]> https://forums.modx.com/thread/103896/classextender---moduser---add-new-field-after-initial-config#dis-post-558771
Now I would like to add some additional fields without dropping the table, losing any data, and starting over.
• Is ClassExtender able to add the new column?
• Or should I manually create the new column in the DB, adjust the 'MyExtUserSchema' schema file, and then run the ClassExtender snippet after?

Thank you for your help!]]>
https://forums.modx.com/thread/103896/classextender---moduser---add-new-field-after-initial-config#dis-post-558771 Mon, 28 May 2018 06:06:21 +0000 https://forums.modx.com/thread/103896/classextender---moduser---add-new-field-after-initial-config#dis-post-558771
<![CDATA[How to automatically login a web user after registration?]]> https://forums.modx.com/thread/43980/how-to-automatically-login-a-web-user-after-registration?page=3#dis-post-558515
Something like
$modx->login->loginUser([’webuser_id’])
which would automagically perform the login process, and allow me to get on with custom script execution.

i’ve searched the forums without luck, and default login snippet is too complicated to hack apart...
anything like this exists?]]>
https://forums.modx.com/thread/43980/how-to-automatically-login-a-web-user-after-registration?page=3#dis-post-558515 Sat, 12 May 2018 03:39:41 +0000 https://forums.modx.com/thread/43980/how-to-automatically-login-a-web-user-after-registration?page=3#dis-post-558515
<![CDATA[Profile and Extended User Field]]> https://forums.modx.com/thread/103711/profile-and-extended-user-field#dis-post-557924
I'm trying to use Profile to grab an extended user field (created with ClassExtender) named "screenName" in a Resource Template (not a Chunk).

The "screenName" should reflect the user who created the Resource and not the signed-in user.
[[!If?
    &subject=`[[+screenName]]`
    &operator=`empty`
    &then=``
    &else=`Name: <a href="[[~20? &author=`[[*createdby]]`]]" rel="author">
    [[!Profile?
        &user=`[[+createdby]]`
        &useExtended=`1`
    ]]
[[*createdby:userinfo=`extended.screenName`]]</a>

No output.]]>
https://forums.modx.com/thread/103711/profile-and-extended-user-field#dis-post-557924 Wed, 11 Apr 2018 07:05:43 +0000 https://forums.modx.com/thread/103711/profile-and-extended-user-field#dis-post-557924
<![CDATA[Can't preview unpublished pages]]> https://forums.modx.com/thread/98711/can-t-preview-unpublished-pages?page=2#dis-post-555529
While logged in to the manager I can't preview unpublished pages despite having super admin rights. Instead, I get redirected to the 404 page.

These pages are made of plain HTML, no Login snippets or any other kind are called.

The System Error Log doesn't report anything at all either.

I wonder if this is the new default behavior of the latter ModX versions.
]]>
https://forums.modx.com/thread/98711/can-t-preview-unpublished-pages?page=2#dis-post-555529 Wed, 29 Nov 2017 07:06:26 +0000 https://forums.modx.com/thread/98711/can-t-preview-unpublished-pages?page=2#dis-post-555529
<![CDATA[How to add User Group to Form Customization Profile through API?]]> https://forums.modx.com/thread/80312/how-to-add-user-group-to-form-customization-profile-through-api#dis-post-553333 I am thankfull in advance for any help.
I am using MODX Revolution 2.2.4-pl (advanced).
I am trying to create member pages. This issue has been raised many times and several users have suggested working solutions (like Bob Ray's tree_root_id solution and the ACL-based resource and user control).
I have posted my own, ACL-based solution on gist - "own" is actually a gross exaggeration - it is copied-pasted and adapted from several solutions offered by the community (credited in the gist). Be aware though: errors are entirely mine, and I am a non-coder.
The plugin is fairly simple: on UserFormSave, it creates a corresponding resource, resource group, user group, the necessary access controls and group memberships, and a file directory.

But how do I assign the created User Group to an existing Form Customization Profile?

I have tried

$fields = array( 'usergroup' => 25, 'profile' => 2);
$FCPUG = $modx->newObject('modFormCustomizationProfileUserGroup', $fields);
if($FCPUG->save()) {echo 'Success!';}

It does not work. Is it because I can't modify a relationship table?

Then I tried, without success either:
$FCPUGs = $modx->getCollection('modFormCustomizationProfileUserGroup');
$FCprofile = $modx->getObject('modFormCustomizationProfile', 2);
$FCprofile->addMany($FCPUGs);
if($FCprofile->save()) {echo 'Success!';}

In the http://bobsguides.com/modx-object-full-reference.html#modFormCustomizationProfile"" target="_blank" rel="nofollow">object reference (thanks to Bob Ray for it) modFormCustomizationProfile objects have a related object UserGroups (from modFormCustomizationProfileUserGroup).
How do I add one or several User Group to this related object?
Thank you in advance for your help!

Update: I see that lukemcd posted the same question on the forum 4 months ago. But he received no answer and posted no solution.]]>
https://forums.modx.com/thread/80312/how-to-add-user-group-to-form-customization-profile-through-api#dis-post-553333 Thu, 24 Aug 2017 08:33:43 +0000 https://forums.modx.com/thread/80312/how-to-add-user-group-to-form-customization-profile-through-api#dis-post-553333
<![CDATA[Login and/or SubscribeMe?]]> https://forums.modx.com/thread/102450/login-and-or-subscribeme#dis-post-552085 Thanks.]]> https://forums.modx.com/thread/102450/login-and-or-subscribeme#dis-post-552085 Tue, 27 Jun 2017 05:23:10 +0000 https://forums.modx.com/thread/102450/login-and-or-subscribeme#dis-post-552085 <![CDATA[Specific content for users after login]]> https://forums.modx.com/thread/102361/specific-content-for-users-after-login#dis-post-551609
I have the Login plugin all setup and would like to have part of a page only accessible after login - without making two separated pages. Is this possible?

Thanks.
]]>
https://forums.modx.com/thread/102361/specific-content-for-users-after-login#dis-post-551609 Fri, 09 Jun 2017 07:04:33 +0000 https://forums.modx.com/thread/102361/specific-content-for-users-after-login#dis-post-551609
<![CDATA[Notify extra sent multiple emails??]]> https://forums.modx.com/thread/102317/notify-extra-sent-multiple-emails?page=2#dis-post-551495
I have installed Bobray's Notify extra so i can send an email to users in a specific user group.
I thought i'd got my head around it and successfully sent a few test emails to a test user group. However when i sent to my specific user group it appears that users received 6 emails over a period of 18 minutes. All emails were the same except that only the first 2 contained the username with the other 4 displaying the placeholder {{+username}}
I can't find a record of the sent email recipients, only the actual 5 (default amount) emails in the logs (core/components/notify/notify-logs) as pointed out on Bobray's website.

a) Does anyone know if there is a log of recipients anywhere?
b) Anyone know why 6 emails might have been sent?

Thanks for any help

Using Notify 1.4.1
Modx 2.5.2


J

]]>
https://forums.modx.com/thread/102317/notify-extra-sent-multiple-emails?page=2#dis-post-551495 Mon, 05 Jun 2017 08:47:12 +0000 https://forums.modx.com/thread/102317/notify-extra-sent-multiple-emails?page=2#dis-post-551495
<![CDATA[GoogleAuthenticatorX: Add 2-step verification to MODX manager login.]]> https://forums.modx.com/thread/92801/googleauthenticatorx-add-2-step-verification-to-modx-manager-login?page=3#dis-post-547950
I've submit the extra today, awaiting moderators approval.



]]>
https://forums.modx.com/thread/92801/googleauthenticatorx-add-2-step-verification-to-modx-manager-login?page=3#dis-post-547950 Wed, 11 Jan 2017 02:38:32 +0000 https://forums.modx.com/thread/92801/googleauthenticatorx-add-2-step-verification-to-modx-manager-login?page=3#dis-post-547950
<![CDATA[How to redirect if login failed?]]> https://forums.modx.com/thread/96560/how-to-redirect-if-login-failed#dis-post-546291
I'm having the following issue:

I want to redirect to a specific resource (in my case with ID 3) if the user failed to login.
I'm using the following call:

[[!Login? &preHooks=`preHook.DiscussLogin` &loginResourceId=`20` &loginTpl=`lgnNewFrontTpl` &postHooks=`postHook.DiscussLogin` &redirectToOnFailedAuth=`3` ]]


but nothing happens.

The lgnNewFrontTpl call is the following (if it matters):
<div class="loginForm">
    <div class="loginMessage">[[+errors]]</div>
    <div class="loginFront">
        <form class="loginLoginForm" action="[[~[[*id]]]]" method="post">
            <fieldset>
                <p><a href="[[~6]]">Sign Up</a><a href="[[~11]]">Forgot your password?</a></p>
                <p><input type="text" name="username" id="login-username" placeholder="username"></p>
                <p><input type="password" name="password" id="login-password" placeholder="password"></p>
                <input class="returnUrl" type="hidden" name="returnUrl" value="[[+request_uri]]" />
                [[+login.recaptcha_html]]
                <input class="loginLoginValue" type="hidden" name="service" value="login" />
                <span class="loginLoginButton"><input type="submit" name="Login" value="[[+actionMsg]]"  /></span>
            </fieldset>
        </form>
    </div>
</div>


I think I'm doing something wrong with the &redirectToOnFailedAuth=`3`. There is no info how to use it.
In the Login documentation (http://rtfm.modx.com/extras/revo/login/login.login) is written the following:
redirectToOnFailedAuth (1.6.4-pl & +) redirects to a separate page on failed logins

Did somebody know how to use the &redirectToOnFailedAuth or if there is another way to make this redirection working?

Thank you in advance!]]>
https://forums.modx.com/thread/96560/how-to-redirect-if-login-failed#dis-post-546291 Wed, 09 Nov 2016 03:54:00 +0000 https://forums.modx.com/thread/96560/how-to-redirect-if-login-failed#dis-post-546291
<![CDATA[Register with HybridAuth not validate email already exist.]]> https://forums.modx.com/thread/100934/register-with-hybridauth-not-validate-email-already-exist#dis-post-545030
I have a registration form and the HybridAuth so that users can register with their Google or Facebook accounts, it works well. However I need the users who register through Facebook or Google to only register once through their accounts, the email field must be validated so that it is the only one through HybridAuth, Could anyone please help me or direct me on how to do it?

Thanks!]]>
https://forums.modx.com/thread/100934/register-with-hybridauth-not-validate-email-already-exist#dis-post-545030 Thu, 15 Sep 2016 03:32:11 +0000 https://forums.modx.com/thread/100934/register-with-hybridauth-not-validate-email-already-exist#dis-post-545030
<![CDATA[Change pass after of Forgot pass email]]> https://forums.modx.com/thread/100793/change-pass-after-of-forgot-pass-email#dis-post-544515 I have this in my reset resource, the form is showed but the password is not changed.

[[!ResetPassword? &loginResourceId=`11` &tpl=`lgnResetPassChangePassTpl`]]


I know I should use the the 'ChangePassword' snippet, but I'm not sure how to use it in this case.
I'm using MODX 2.5

Thanks for your help and I'm sorry for my English!]]>
https://forums.modx.com/thread/100793/change-pass-after-of-forgot-pass-email#dis-post-544515 Fri, 26 Aug 2016 11:09:53 +0000 https://forums.modx.com/thread/100793/change-pass-after-of-forgot-pass-email#dis-post-544515
<![CDATA[Automated Setting User to Inactive?]]> https://forums.modx.com/thread/99647/automated-setting-user-to-inactive#dis-post-539081
Also, that the "blocked" flag was used to handle things such as multiple failed login attempts.

Am I wrong? Is there somewhere in the system where User-Ids are automatically set to inactive (after they have been set-up and the user has successfully login)?]]>
https://forums.modx.com/thread/99647/automated-setting-user-to-inactive#dis-post-539081 Tue, 01 Mar 2016 09:05:22 +0000 https://forums.modx.com/thread/99647/automated-setting-user-to-inactive#dis-post-539081
<![CDATA[Two User-Ids with Same Email Address?]]> https://forums.modx.com/thread/99646/two-user-ids-with-same-email-address#dis-post-539006
Both user-ids were "inactive". Assuming, same email address user-ids should not occur, is it possible that if an existing user is "inactive", a second one could be added with the same email address?

If I am wrong about registration preventing the situation, I can add more code to my registration pre-hook to prevent this situation.]]>
https://forums.modx.com/thread/99646/two-user-ids-with-same-email-address#dis-post-539006 Mon, 29 Feb 2016 09:53:05 +0000 https://forums.modx.com/thread/99646/two-user-ids-with-same-email-address#dis-post-539006
<![CDATA[Re: Cannot edit all resource fields after trying to limit access to resources for a user]]> https://forums.modx.com/thread/99126/re-cannot-edit-all-resource-fields-after-trying-to-limit-access-to-resources-for-a-user#dis-post-536069
It may be an issue with your browser cache and/or cookies, or possibly with Firefox, since others have reported trouble with the latest FF version.]]>
https://forums.modx.com/thread/99126/re-cannot-edit-all-resource-fields-after-trying-to-limit-access-to-resources-for-a-user#dis-post-536069 Thu, 17 Dec 2015 01:52:16 +0000 https://forums.modx.com/thread/99126/re-cannot-edit-all-resource-fields-after-trying-to-limit-access-to-resources-for-a-user#dis-post-536069