Formit redirect to secure/one time page?

142 Posts

mtalvenheimo Reply #1, 8 years, 11 months ago

Hi,
I have Product registration -form. After submit it redirects to file downloads -page. This page should be accessible only through submitting registration form - not with direct url. Page should be "one time only", so to speak.

Any tips & solutions how to achieve this?

I don't want to create modx user / member page for this.

24,544 Posts

BobRay Reply #2, 8 years, 11 months ago

One way would be a Register postHook that's listed before the redirect hook and sets a secret code in a $_SESSION variable:

$_SESSION['register_code'] = 'someSecretCode';

Then, put this snippet at the top of the downloads page:

[[!RegisterCheck]]

/* RegisterCheck snippet */

$code = $modx->getOption('register_code', $_SESSION, '', true);
if ($code !== 'someSecretCode') {
    $modx->sendUnauthorizedPage();
}

Instead of the unauthorized page, you could also send them to the register page, like this (replace 12 with the ID of the Register page):

/* RegisterCheck snippet */

$code = $modx->getOption('register_code', $_SESSION, '', true);
if ($code !== 'someSecretCode') {
    $url = $modx->makeUrl(12, "", "", "full");
    $modx->sendRedirect($url);
}

Note that this is a very specific solution. It will work *only* when the user has just registered. It's of no use to someone trying to secure a page that will be visited at other times.

[ed. note: BobRay last edited this post 8 years, 11 months ago.]

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

142 Posts

mtalvenheimo Reply #3, 8 years, 11 months ago

Thanks, This is exactly what i was looking for. I will try it.

24,544 Posts

BobRay Reply #4, 8 years, 11 months ago

Don't thank me until it works. wink

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

142 Posts

mtalvenheimo Reply #5, 8 years, 11 months ago

Well yes...

With this setup form is working, but redirect didn't work for some reason. Stays on form -page

1. Form have custom hook just before redirect hook.

$_SESSION['register_code'] = 'someSecretCode';

(Should there be session_start?)

2. In downloads -page i have snippet

/* RegisterCheck snippet */
 
$code = $modx->getOption('register_code', $_SESSION, '', true);
if ($code !== 'someSecretCode') {
    $modx->sendUnauthorizedPage();
}

...Have to study how sessions are working on modx.

☆ A M B ☆
24,524 Posts

sottwell Reply #6, 8 years, 11 months ago

MODX automatically starts the session on each page load, so you don't need to start a session.

Studying MODX in the desert - http://sottwell.com
Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
Join the Slack Community - http://modx.org

24,544 Posts

BobRay Reply #7, 8 years, 11 months ago

Make sure your custom hook has this at the end, otherwise any hooks after it in the tag won't execute.

return true;

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

142 Posts

mtalvenheimo Reply #8, 8 years, 11 months ago

Yes ofcourse

Thanks BobRay & sottwell. It's working.