robust password protection plugin: possible?

  • I was going to build a client site using Mambo, but now I’m wondering if WP might be a better fit. Surely, users will find WP’s admin interface easier to understand. Mambo seems to confuse many a client.

    The thing is this: I need to create an extranet part for this new site, where a client logs in and is automatically taken to a particular page based on the credentials they entered. (Users are assigned to groups, and groups are assigned to a specific folder or area on the site.)

    Not even Mambo can do this (though Mambo Brothers have a plugin that could be modified to do this).

    My question is: is it possible for a WP plugin to do this? I’m considering funding the development of such a plugin, but not knowing much about plugin development, I would love to know upfront if this would be possible or not. No point wasting time with R&D if it is not possible for some reason!

    All comments appreciated!
    JF ??

Viewing 11 replies - 1 through 11 (of 11 total)

  • I guess it depends on how complex you are looking for. How many groups do you want? It would be easy to use the existing ten author levels as different groups. Then if a level two user, which could be changed to Group Two or New Group … logs in, they are taken to a specific part of the website, index page or part of the admin area. As far as being assigned a certain “folder” of the website, do you mean each group would have a different post category? If not, how specifically would each group be able to modify/add content? I don’t know how easy a plugin would be to create for this, but it could most certainly be incorporated into the core code.

    Thread Starter jfriesen

    (@jfriesen)

    Thank you for your reply!

    The number of groups required is unknown at this point. I wouldn’t want to limit it to 10 though. Each group represents a client, so there could surely be more than 10.

    Each group needs to be assigned a specific “area” of the site. I used the term “folder” but WP doesn’t use folders to store posts. What I’m thinking is that posts could be assigned a specific ID (in addition to the WP post ID; this ID would be appended), and group A could access all posts with the ID of “_a1”, for example.

    These users do NOT have access to edit this content. They are extranet users with only access to view content, no WP administration. When they “login”, it’s not into the WP admin area, just to their private content area.

    Is there an article somewhere that explains the limits of plugins? What aspects of the core code can be manipulated via a plugin?

    To make this as easy as possible to administer, I’d like the plugin to NOT require modifications of the core code, though using my-hacks.php would be acceptable to me.

    All comments appreciated.
    JF ??

    To be honest I have no idea how to modify the existing user level system to encompass many groups. Do you have an idea of how many groups you would like? Appending another ID isn’t neccessary. I think it would be easy enough to setup a category for each client.

    Thread Starter jfriesen

    (@jfriesen)

    I was thinking of approaching it outside of the realm of WP users. The users who would be provided access to these protected areas are extranet users, a new class of user that the plugin would introduce. These users are managed by the WP admin, on the Manage tab > “Extranet Users”.

    The number of groups would be arbitrary–any number.

    I know that you can password protect posts, and then group password protected posts within a category. In this situation, does a surfer have to enter the password to each page? Will they be prompted at each page load?

    Also, this doesn’t handle a redirect on login, where a user is automatically sent to their homepage or group page when they login.

    I have an application in hand that handles this type of group authentication and comes with a nice user interface for administering users. I’m wondering if I can port it to WP as a plugin. Further investigation required…

    thanks for your feedback!
    JF ??

    Creating the groups from a plugin would probably be easier than trying to modify the existing user levels. What I was thinking was to create a page that would query the db for only posts from the category the group belonged to. So if the user was a level/group 7, then it would query for only that clients category posts. What is the application you mentioned?

    If you have more than ten clients that however won’t work. What I would suggest then would be to have the index.php template redirect to the login page if the user has not yet logged in. Once logged in it would redirect back to the index page. From there you would query the database for posts in whichever category the group has been assigned. The difficult part is setting up the groups.

    Anyone working n this?

    It’s beyond my level of ability. Might want to look into Multiply. You would create a new “press” for each client, and assign users to it. Everything is done within the one administrative area I believe as well.

    Nah not what I want ??

    A plugin has been developed for WordPress that provides the login/category protection functionality, pretty much as described above. I will post the download URL soon.

    cheers
    SAM ??

    Hi Sam, any news on that project of yours ?
    thanks.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘robust password protection plugin: possible?’ is closed to new replies.