password-protect directories with phplist?

jpirhalla

Is there a way to password protect directories or pages using phplist? I would like to grant access to certain pages only after a user has logged in using a phplist user registration form. Thanks!

sneakyimp

You can password protect a whole directory using apache user authentication. Look the apache docs for more info. There's a useful article here which gives some easier to digest info.

If you want to restrict access to your phplist files, I would recommend that approach if you don't have a lot of users....like if you just want you and your buddies to be able to administrate your phplist stuff.

If, on the other hand, you have a big list of users in a database and want phplist to manage them, then you would need take a different approach.

Perhaps you could tell us more about what you are trying to do? Would you have a situation where some new user you had never met would sign up and need access to this folder?

jpirhalla

Thanks sneaky. The site is hosted on a Windows server. Our "Subscriber" list is ~100,000 (these are primarily prospects who receive a monthly newsletter but do not have access to the member area). Our "Member" list is ~3,500 (Members have access to the Member area and receive a weekly email update). My goal is to manage both lists with Phplist so that subscribers or any visitor can double-opt-in subscribe and unsubscribe without admin intervention.

sneakyimp

sounds to me like you should just create two distinct lists in phplist and that would take care of it because phpList already has subscribe and unsubscribe pages, no?

jpirhalla

Phplist does have subscribe and unsubscribe pages and double-opt-in (which I would like to use), but I have not been able to figure out how to password-protect the member area so that only registered users can access it after they login.

There is a setting in phplist config.php called "define("ASKFORPASSWORD",0)", but I can't seem to find any documentation on how to define public and private pages.

Functionality - if a visitor clicks on a link to a Member page but has not registered and logged in, then he is directed to register.aspx, else continue the member page.

sneakyimp

aha so you have a 'member area' in your site -- something that you are creating -- which you do not want to be accessible to the general public but only to folks who are in your 'member' list.

I poked around a bit and didn't find much. You are probably going to need to read the source code of phplist to find out what techniques are used for database access and what tables exist, etc.

Sorry I can't be of more assistance. You may want to try posting of searching their forums, like [urlhttp://forums.phplist.com/viewforum.php?f=16]this one[/url].

jpirhalla

Thanks sneaky. Funny thing... I tried to register on the phplist forum site so that I can post a question but their register page continues to time out when I try to register. So i can't post a question there.

sneakyimp

Don't be afraid to peek at the source code. Start with the subscribe/unsubscribe page. It'll probably have a query (or perhaps an object reference) or two so you know how those are done. You may need to dig some more but eventually you'll find how they check to see if a user exists in a particular list.

jpirhalla

thanks. if i figure it out i'll post the solution.