search

amnah / yii2-user

Yii2 user authentication module
MIT License
253 stars 104 forks source link

Display ads on login-protected pages #139

Closed gugoan closed 8 years ago

gugoan commented 8 years ago

Hello, I am trying to follow the instructions on the link below to publish ads on the pages of members. However I am unable to validate the data.

Can you give me an example of how it would look fields filled?

https://support.google.com/adsense/answer/161351?hl=en

http://www.webnots.com/adsense-crawler-access-to-password-protected-pages/

amnah commented 8 years ago

Hmmm I've never used this so I'm not exactly sure how it works. However it looks like you just need to enter the login url/info, something like this:

Restricted url - http://example.com/user/profile
Login url - http://example.com/user/login
Login method - POST
Parameter - LoginForm[email]
Parameter - LoginForm[password]

What error are you getting?

gugoan commented 8 years ago

I tried exactly that, but the message below in the PARAMETER field: These characters are not allowed: [,]

print2

amnah commented 8 years ago

Hmm then I'd recommend making a separate login page. Add the input fields manually so they won't have the brackets, ie, email instead of LoginForm[email].

You can load the params using:

// DefaultController
public function actionLogin()
    {
        /** @var \amnah\yii2\user\models\forms\LoginForm $model */
        $model = $this->module->model("LoginForm");
        // load post data and login
        $post = Yii::$app->request->post();

        // if ($model->load($post) && $model->validate()) {
        if ($model->load($post, "") && $model->validate()) {
            $returnUrl = $this->performLogin($model->getUser(), $model->rememberMe);
            return $this->redirect($returnUrl);
        }
        return $this->render('login', compact("model"));
    }
gugoan commented 8 years ago

That other page I would enter the input fields in HTML anyway? and use that actionLogin ?

amnah commented 8 years ago

You can just create a whole new function/page, something like public function actionLogin2(). It would contain the exact same code with two changes

// DefaultController
public function actionLogin()
{
    // ...
    $model->load($post, ""); //instead of $model->load($post)
    // ...
    return $this->render('login2', compact("model")); // instead of 'login'
}

Then create the login2.php view file with the input fields.

gugoan commented 8 years ago

I can not understand very well, see this as my control actionLogin:

    public function actionLogin2()
    {
        $model = Yii::$app->getModule("user")->model("LoginForm");
        if ($model->load(Yii::$app->request->post()) && $model->login(Yii::$app->getModule("user")->loginDuration)) {
            return $this->goBack(Yii::$app->getModule("user")->loginRedirect);
        }
        return $this->render('login2', [
            'model' => $model,
        ]);
    }
amnah commented 8 years ago

$model->load($post, ""); // note the second parameter ""

this allows you to use html input email instead of LoginForm[email]

gugoan commented 8 years ago

right!

In my manual test worked, but when testing on CRAWLER ACCESS appears Bad Request (# 400) Do you know why ?

amnah commented 8 years ago

Hmm probably csrf. Try disabling it

http://stackoverflow.com/a/28526946

gugoan commented 8 years ago

finally worked: D thank you

Any security risk to keep a second page login to be used by CRAWLER?

amnah commented 8 years ago

Ummm if someone finds it, then possibly. You may want to consider adding a third parameter with a private key/hash.

gugoan commented 8 years ago

Yes Thanks man