How to make restricted access posts on your site
This requires that you’re using Moveable Type, and that you are able to run PHP on your site. It probably is possible to convert this to another type of blogging software - the key is the ability to use categories…
First an overview of what we’re going to do:
1) We need to set cookies on users machines
2) Set up a file with a list of “allowed” visitors
3) on your pages, check to see if the current visitor is allowed to see restricted posts and check if the post is restricted.
4) as a backup, set up a password entry on the individual pages so that users can also gain access via password.
———————————————————–
step one
To set a cookie on the users page dump this code at the top of all your pages. (I have this in an MT include, and I include it all over the place). Make sure this comes BEFORE your <html> tag. (and BEFORE your doctype tag)
<?
if (!isset($id)) {
srand((double)microtime()*1000000);
$randval = rand();
setcookie(”id”,$randval,time()+126144000,”/”,”.YOURSITE.COM”,0);
}
?>
(obviously change the “YOURSITE.COM” part)
If you’re using something else that sends PHP info BEFORE the header tags (a good example would be if anyone’s using domesticat.net’s skins tutorial you will want to incorporate this code into that as well.
Using the above skins example, that tutorial calls for creating a separate file that is called up with the page. This file contains the PHP code that goes above the HTML. You will need to open up that file and place this code (MINUS the <? ?> php designators) before the closing php tag.
If you are trying to send multiple bits of PHP data before the HTML tag, you are going to encounter an error.
step two
Create a file called something like “allowedAccess.ini” and in there, add your allowed IPs and Cookievalues. (one for each line - make sure there are no extra spaces, and there is only one cookie value or IP on each line)
If you can, it would probably be a wise idea to create this file OUTSIDE of your public_html directory (or the directory the public can view) That way, there’s no chance anyone but you will see it (in other words, people won’t be able to type in the file name into their browser and see your list of IP addresses and Cookie IDs)
note some people have had trouble with this part and can only get it to work on their servers if they format it a special way. You might want to just try to make it like this:
001 = “2131460966″; //you can comment a line afterwards
002 = “1231243121″; //and write a note to yourslef
003 = “234234241″; //to remind you who this is
(those numbers in the quotes are the cookie ids)
step three
Set up a category called “restricted”. Assign this category to the posts you want to “hide”. Around the MT code that you want to hide for “unauthorized visitors” put this code:
<?
$password = “PASSWORD_YOU_DEFINE”; //we’ll be using this on the password potection part…
$ip = $REMOTE_ADDR;
$cookievalue = $HTTP_COOKIE_VARS["id"];
$array = parse_ini_file(”/home/SERVER_PATH/TO/YOUR/FILE/allowedAccess.ini”);
$cat = “<$MTEntryCategory$>”;
$restricted = “restricted”;
$accessallowed = FALSE;
if (in_array($ip, $array, TRUE) || in_array($cookievalue, $array, TRUE)
|| $passwordguess == $password)
{
$accessallowed = TRUE;
}
if ((!strcasecmp($cat, $restricted)) && !($accessallowed))
{
PRINT “<p>This post is a restricted post. To gain access to view this post, simply click <a href=’mailto:YOUREMAIL@ADDRESS.COM?subject=access_for_”;
PRINT $cookievalue;
PRINT “_and_”;
PRINT $ip;
PRINT “‘ >*here*</a> and send me an email (make sure you do NOT change the subject line), and I will give you access ASAP. (Access is usually given within 6 hours, or so (it’s done manually)… if after that time you’re still not able to see the restricted posts, please email me to let me know and I’ll give you password access).</p>”;
PRINT “<p class=\”footer\”>To gain access via password <a href=\”<$MTEntryLink$>\”>click here</a></p>”;
} else {
?>
<$MTEntryBody$>
etc. etc. …the rest of the MT code for your post…
at the end of the MT code for the post add the below
<? } ?>
(note this goes INSIDE your <MTEntries> tags - unless you’re restricting your entire blog… in which case I’d recommend doing something else - which would call for a different tutorial) 
step four
As a backup - you can set up a password entry field on the pages themselves. Users would have to enter this each time they view a restricted access page - so it’s a little inconvenient, but works well as a backup…
On your individual entry page, after this line:
PRINT “‘ >*here*</a> and send me an email (make sure you do NOT change the subject line), and I will give you access ASAP. (Access is usually given within 6 hours, or so (it’s done manually)… if after that time you’re still not able to see the restricted posts, please email me to let me know and I’ll give you password access).</p>”;
add this:
PRINT “<p>If Cookie/IP access fail, there is password access, however it must be used for each page with a password protected entry. Not the best
workaround, but it’s the only solution for those who have their cookies
turned off or dynamic IPs. </p>
<form method=\”post\” action=\”#\”><b>Enter Password:</b><br/><input name=\”passwordguess\” size=\”40\” class=\”textinput\”/> <br/> <input type=\”submit\” name=\”post\” class=\”button\” value=\”Unlock Entry\” /></form>”;
April 22nd, 2002 at 4:08 pm
All these goodies almost make me want to switch from greymatter!
Oh, and I have a question, and I didn’t know who else to ask! Everytime I try to validate my xhtml on w3.org it comments out my doctype line and places it’s own - problem is, it pastes in the exact same doctype line I used in the first place, no matter what! Eek. This prevents me from having “validated” code. Help!
April 22nd, 2002 at 4:09 pm
Sorry I know that was totally unrelated but I need help. Pleasssse?
April 22nd, 2002 at 4:22 pm
Heya erica!! Your doctype is incorrect. (if it’s the same as on the site you linked to in your post-a-comment)
First of all, you’re not specifying a URI so it has no clue WHAT doctype it should be looking for, just that it’s HTML Transitional.
The correct doctype for HTML Transitional is the following:
<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”
“http://www.w3.org/TR/html4/loose.dtd”>
If you want it to validate as XHTML you need an XHTML doctype (CLICK HERE for all the doctypes and a little more about how/why they work) In order to validate xhtml, you need to keep all HTML in lowercase letters and end all open tags such as break tags and image tags:
<br/>
<img src=”file.jpg” alt=”whatever’ width=”xx” height=”xx” />
Not sure if that helped any.
April 22nd, 2002 at 5:13 pm
Thanks but actually I’m referring to a different page (sorry that wasn’t clear)
The doctype I’m using;
When I go to validate the page there are no errors, however it comments out that doctype and puts in the same exact line!
April 22nd, 2002 at 5:15 pm
Oh well the doctype I’m using didn’t show up. Heh!
Oy. I went to link the validator page,
http://validator.w3.org/check?uri=http%3A%2F%2Fcherrygoddess.com%2Fcherry%2F&charset=utf-8+%28Unicode%2C+worldwide%29&doctype=XHTML+1.0+Strict&ss=
and saw it gives you an easier URL to refer your users to, so I clicked that so I could copy and paste it;
http://validator.w3.org/check?uri=http://cherrygoddess.com/cherry/;ss=1
In the first it checks as not valid because of the doctype, in the second it checks as valid.
*scratching head*
I think I need more cola and some advil now.
April 22nd, 2002 at 6:18 pm
Oh!
Perhaps the problem is not that you don’t have a doctype, the charset that you’ve chosen.
Question, what led you to choose utf-8?
Try putting this code in place of that:
<meta http-equiv=”content-type” content=”text/html; charset=iso-8859-1″ />
See if it helps any. I’ve never seen utf-8 before. Not that it means it’s wrong.
April 22nd, 2002 at 6:21 pm
Actually, I think the solution might be far simpler.
Erica, when you’re putting in your URL to validate, you should just put in your address and let the character encoding and document type detect automatically.
I think maybe what you’re doing is entering the character type and document type you have and you don’t need to do that.
So the problem doesn’t lie in your xhtml at all.
April 23rd, 2002 at 12:51 am
I was so happy to see this post, but what is a cookie value?
April 23rd, 2002 at 1:38 am
Lynda I think you may be right.
utf-8 is unicode - it was recommended by the validator when I didn’t have a char encoding type set.
April 23rd, 2002 at 7:17 am
Sarah - the script sets a cookie on the users machine. All the cookie is is an “ID number” - a way to identify the user to the site. When someone asks for access to the site - you’ll get a number that’s associated with that cookie (the cookie value) that’s on their machine. Allowing access from that ID number, allows access for that user.
Does that make sense?
April 23rd, 2002 at 9:02 am
I forgot to mention this with my notes to Jennifer to be included in the post, but hopefully it’s obvious that this isn’t the most secure way of restricting your posts.
If you export your entries to any other source, such as using XML syndication, etc, keep in mind the restricted posts are going to be there in full (or at least partial)
April 23rd, 2002 at 12:42 pm
Wonderful! I was just about to e-mail Lynda and Jenn and beg one of them to share the secret of restricted posts with me. Now I don’t have to bother.
You goddesses rule!
April 23rd, 2002 at 4:24 pm
Oh, bless you… protected entries was one of the things on my Movable Type wish list, and it’s one of the primary reasons I’ve not migrated to using MT for journaling purposes.
But now that I know it’s an option, I will have to start playing with it and get it working for me. What a wonderful gift… thanks so much!
April 25th, 2002 at 6:55 pm
thank you -so much- for this script! it’s -exactly- what i’ve been looking for!
April 26th, 2002 at 10:47 am
For the part about “goes INSIDE your tags ” do you mean that literally?
As in
I feel dense.
April 26th, 2002 at 12:21 pm
No stupid questions here… (heh.. just stupid answers!
No - not in between the single tag itself but - the <MTEntries> IN HERE! </MTEntries>
Does that make sense?
If you put the PHP restriction OUTSIDE of that, then before printing ANYTHING from your blog, it would check to see if the person has access or not… and display none of it if they didn’t have access… in fact - now that I think about it - you’d probably get some MT errors because categories apply to specific POSTS. There is no <$MTEntryCategory$> outside of the <MTEntries> … </MTEntries>
hope I didn’t confuse the issue even more so… I can post the entire contents of a sample Main Index template if that would be helpful…
April 26th, 2002 at 5:16 pm
Oh thank god that would be helpful if you could so that. Sometimes it takes me SEEING something before understanding it, especially if it is PHP related.
April 26th, 2002 at 5:42 pm
Sarah - I’m the same way. I learn more by example than instruction.
I have mine setup terribly weird, so I’ll let Jenn post her template when she gets a chance.
May 3rd, 2002 at 12:15 am
I finally put the script on my site and LOVE it, but I wonder, can you have it so only certain people can view certain restricted posts? For example, I would want my sister to see a post I made recently about breastfeeding, but I do not want a friend of mine to see it because of our different views on it, and yet I would want this friend to see other restricted posts I may make in the future, does this make sense? How could I go about this?
May 3rd, 2002 at 8:40 am
Without actually trying out any code - my guess is that you COULD do that - but you may have to have it be a different category and you’d have to have multiple access lists set up.
Do an if statement: If category == restricted1 then accessarray => accesslist1.ini… if cateogry == restricted2 then accessarray => accesslist2.ini… then if users cookie id is in accessarray then accessallowed = true… (that’s pseudo code, obviously that won’t work as is… but the logic is there… If you’re not comfortable with PHP, I can give that a try tonight or this weekend to see if it works.)
May 3rd, 2002 at 11:11 am
I’ve tested this out (based on the response from mr. b2) and you DO NOT need to put the print<<<EOF stuff there, just open and close the php tags. For ACTION, I like doing this (as I don’t think it’s a good idea about leaving it blank) I just found out about it:
<form method=”post” action=”<?echo $_SERVER['PHP_SELF'];?>”>
May 4th, 2002 at 8:46 am
Sarah - here’s the code (and it works, just tested it on my personal blog)
<?
$ip = $REMOTE_ADDR;
$cookievalue = $HTTP_COOKIE_VARS["id"];
$cat = “<$MTEntryCategory$>”;
$restricted = “restricted”;
$superrestricted = “super restricted”;
$accessallowed = FALSE;
$pretitle = “”;
$array = parse_ini_file(”/home/PATH_TO_FILES/accesslist.ini”);
$array2 = parse_ini_file(”/home/PATH_TO_FILES/accesslist2.ini”);
if (!strcasecmp($cat, $restricted)) {
$pretitle = “Restricted Post: “;
if (in_array($ip, $array, TRUE) || in_array($cookievalue, $array, TRUE))
{
$accessallowed = TRUE;
}
} else if (!strcasecmp($cat, $superrestricted )) {
$pretitle = “SUPER DUPER Restricted Post: “;
if (in_array($ip, $array2, TRUE) || in_array($cookievalue, $array2, TRUE))
{
$accessallowed = TRUE;
}
}
?>
<p class=”headline”><? echo $pretitle; ?><$MTEntryTitle$></p>
<?
if ((!strcasecmp($cat, $restricted)) && !($accessallowed))
{
PRINT “<p>This post is a restricted post. To gain access to view this post, simply click <a href=’mailto:scripty@scriptygoddess.com?subject=access_for_”;
PRINT $cookievalue;
PRINT “_and_”;
PRINT $ip;
PRINT “‘ >*here*</a> and send me an email (make sure you do NOT change the subject line), and I will give you access ASAP. (Access is usually given within 6 hours, or so (it’s done manually)… if after that time you’re still not able to see the restricted posts, please email me to let me know and I’ll give you password access).</p>”;
PRINT “<p class=\”footer\”>To gain access via password <a href=\”<$MTEntryLink$>\”>click here</a></p>”;
} else if ((!strcasecmp($cat, $superrestricted )) && !($accessallowed))
{
PRINT “This is an EXTREMELY restricted post. Access is granted on an invitation only basis”;
}
else {
print <<<EOF
<$MTEntryBody$>
…etc…
Assumptions here:
You have a secondary access file called
accesslist2.ini
You have another category called “super restricted”
May 5th, 2002 at 5:50 pm
I love you!!! thank you so much!!!
May 18th, 2002 at 8:53 pm
Please, please someone help me! I’ve broken this good and proper and have no idea how to make it work
It’s fine on the index page, but the exact same code gives a parse error on the entry pages, and it doesn’t appear to be setting the cookies.
May 19th, 2002 at 9:27 pm
Finally I have this working on my blog. I have the “entry” section of my entry pages indented so that the code flows a little easier on the eyes, and the extra whitespace before the ending “EOF;” was causing it to break.
Also, were you aware that the cookies don’t get set in Netscape? It’s fussy about the way it wants cookie info to be sent.. this page has more info about that. I’m working on tweaking the code in my pages so that it does work.
May 30th, 2002 at 12:23 pm
I guess I’m missing something on my page, I know it’s obvious!
http://www.simplysara.com/testtwo/
I’m using this blog as a testing blog for things, and I keep on getting an error with the password part, plus you can see the name of the post in the sidebar under Last 10 Posts and when I pass my mouse over the link for the password, it shows the link to the post, then I just click it and I can see everything. I used Amy’s tutorial and know that the skins are working properly. I put the code in the wrong place I guess. Any help would be great!
May 30th, 2002 at 12:37 pm
sara - I see this on your page:
Enter Password:
&l;input name=”passwordguess” size=”40″ class=”textinput”/>
&l;input type=”submit” name=”post” class=”button” value=”Unlock Entry” />
Fix that, and if that doesn’t do it, ..if you send me what you have as your template, I can try to figure it out.
May 30th, 2002 at 1:21 pm
Thanks Jennifer, but I pasted right from the page, I guess I have it in the wrong place or something…that’s how it’s showing up…
June 1st, 2002 at 12:37 pm
I posted a question, and i don’t see it, so I’m gonna ask again, sorry if it’s repeated.
This is a silly question, but does this hack work, as is, with b2? If not, do you know of how it could work with b2? It would be so useful.
Thanks,
Liz
June 1st, 2002 at 5:08 pm
Hi Liz, I don’t think you were asking me but I’m giving a whirl at answering you anyway, mostly because I’ve never looked at b2 before and wondered how it worked and stuff
If you were to change the line in the goddess’ script that says $cat = <$MTEntryCategory$>”; to instead say $cat = the_category(); perhaps that would work; but I’m not really sure, you’d have to test it out I guess.
July 22nd, 2002 at 2:58 pm
How exactly does one set up an INI file? The tutorial says add your allowed IPs and Cookievalues. (one for each line - make sure there are no extra spaces, and there is only one cookie value or IP on each line) but I’m not sure how to do this? Am I including my own IP address, at work and at home, here?
Help!
November 5th, 2002 at 5:27 am
I got the INI file format wrong initially. It needs to be :-
001=”32.256.84.985″
002=”125841259″
January 6th, 2003 at 2:33 pm
hi, i really really really want to restrict access to certain posts on my site, and this is the only tutorial ive found about that… quite popular.
however, when i try to use this code, 1 of 2 things happen: the code that goes in the ‘mt entries’ section shows through, but doesnt ‘hide’ anything, OR, when i put in the code and create a php file (instead of html), none of my mt tags work… so you cant see any of my posts, but you can see the mt tags alll over the place. what am i doing wrong?
also, im worried about using this code because it wouldnt work very well if i have a lot of people on dialups coming to my site… i, for one, am on a dialup half the yr… would i have to keep adding myself every time i signed on? ive seen this problem mentioned by people not using this script…. is this actually a problem?
um… but thank you for this script
this site it very fun.
January 6th, 2003 at 2:50 pm
1) If you’re seeing the PHP code come up in your browser, then your server isn’t processing it. If the page has a .html or .htm extension it may not automatically know to process php code.
As for why it doesn’t work when you have .php extension - that doesn’t make any sense. You’re still creating the page inside MT - correct? Can you email me what your template looks like with all the code in it?
2) The script is cookie and IP based. I recommend granting access via cookie - as this is not dependent on the persons connection to the internet and would only change if they erase their cookies on their machine, start using a different browser, or a different machine. If this is something they do regularly - there is the password access they could use as a backup.
January 6th, 2003 at 3:30 pm
hi jennifer, thanks for the quick response:
1.) wellll… it recognizes SOME of the php… heres what my page looks like when its an .html with the php tossed in:
TITLE To gain access via password click here (this link is NOT a link to gain access, but the archive link for the entry)
“; } else { print
January 7th, 2003 at 12:00 pm
i have been trying to get this script to wrok for about 6 months now and finally read shelagh’s comment which fixed it. thank you so much! i love this script.
January 24th, 2003 at 12:19 pm
I’m trying to implement this script and I’m running into a problem. When I put in the code to set a cookie, I get this error at the top of my page (in the browser)
“Warning: Cannot add header information - headers already sent by (output started at /home/me/public_html/index.php:2) in /home/me/public_html/index.php on line 6″
(I’ve changed the path name here for security)
Line 6 as far as I can figure is the Title Line.
I’ve tried this putting the code directly into the template as well as using an MT include.
Any ideas would be much appreciated, thank you!
January 24th, 2003 at 12:56 pm
That kind of an error typically means you’re trying to add “header” type information after you’ve already started writing the page… ie. after the <html> tag.
“header” type information in this case would be the cookie that we set. Are you sure that you’re not placing the “create cookie” part (the block with the “setcookie” function in it) AFTER the first <html> tag? That would cause that kind of an error…
January 24th, 2003 at 1:20 pm
Absolutely certain. I’m placing the code in the index.php file, via the template interface just above the <html> tag.
January 24th, 2003 at 3:05 pm
(as I discovered via Email with Christine… she had it above the HTML tag - but after the doctype… so just to clarify - it needs to be above the first html tag AND the doctype)
January 24th, 2003 at 6:00 pm
Well, it worked!
Now, however I’m trying to implement the password back up and can’t for the life of me figure out where to put the password code.
I’ve looked at the archive template for the ind. entries as well as the .php file itself for the test entry that I did, but neither of those files has the code:
************************
PRINT “‘ >*here* and send me an email (make sure you do NOT change the subject line), and I will give you access ASAP. (Access is usually given within 6 hours, or so (it’s done manually)… if after that time you’re still not able to see the restricted posts, please email me to let me know and I’ll give you password access).”;
************************
The only place I can find that is on the main index template.
So, if I access the post from the recent entries section, or click on the “access the post via password” link, I go straight to the post.
I have not given myself access, through IP or cookie, so it’s not that…
January 24th, 2003 at 7:53 pm
It works! It works!
I am loving this script. Thank you so much.
Special thanks to Jennifer for not cursing at me… =)
February 15th, 2003 at 5:42 pm
Sarah sent me the link to this page beacuse I asked her how she did it and I must say I’m impressed. It’s a pretty cool way to restrict but I’m a moron when it comes to php. I did everything it says except step 4 (haven’t gotten there yet) but I get this error at the top of every post (wether it’s restricted or not:
Warning: Cannot open ‘/home/allowedaccess.ini’ for reading in /home/me/public_html/blog/index.php on line 696
Warning: Wrong datatype for second argument in call to in_array in /home/me/public_html/blog/index.php on line 701
Warning: Wrong datatype for second argument in call to in_array in /home/me/public_html/blog/index.php on line 701
What’s that mean?? I didn’t change the code at all. I’ll leave everything as is so you can take a look. Thanks in advance!
February 15th, 2003 at 5:51 pm
Looks like your paths are set wrong…
if you set the path in your code to:
‘/home/allowedaccess.ini’
that’s probably not where that file is if this is the error
/home/me/public_html/blog/index.php
Double check where your file is.
February 15th, 2003 at 7:53 pm
I’m pretty sure it’s right… I put it outside public_html but I’ll put it somewhere else and give it a try. Thanks!
February 15th, 2003 at 7:57 pm
if you put it outside public_html that’s fine, but then your path would read something more like this:
‘/home/me/allowedaccess.ini’
not
‘/home/allowedaccess.ini’
Email me directly if that still doesn’t make sense…
February 15th, 2003 at 8:07 pm
Nope your right it was wrong it should have been /home/USERNAME/allowedaccess.ini
It works!! Thanks!
February 15th, 2003 at 9:12 pm
One more question! Sorry…
in step 4 where it says:
add this:
PRINT “<p>If Cookie/IP access fail, there is password access, however it must be used for each page with a password protected entry. Not the best
workaround, but it’s the only solution for those who have their cookies
turned off or dynamic IPs. </p>
<form method=\”post\” action=\”#\”><b>Enter Password:</b><br/><input name=\”passwordguess\” size=\”40\” class=\”textinput\”/> <br/> <input type=\”submit\” name=\”post\” class=\”button\” value=\”Unlock Entry\” /></form>”;
I’d like to have something like this:
To gain access via password please click <a href=”mailto:me@me.com?subject=”password access please”>here</a> and e-mail me.
between the lines:
turned off or dynamic IPs. </p>
and
<form method=\”post\”
so they can e-mail me for password access. But I get parse errors when I try. I know it has something to do with the thml tags. I’m missing something I think to make it parse right or whatever. Thanks
February 15th, 2003 at 9:23 pm
I’m not real sure this is the problem because I don’t see any errors on your page.
But I think I can guess… it’s because of the double quotes ( ” ) you have in your <a href=”mailto:me@me.com?subject=”password access please”> line…
There’s a few ways to handle this… either “escape” all the ” characters like this: \”
or
close the php tag like this: ?> write your html/text, etc and then afterwards open it again like this: <?
February 15th, 2003 at 9:28 pm
nope didn’t work… here’s the error if it’ll help.
Parse error: parse error in /home/me/public_html/blog/mt-archives/000056.php on line 233
February 15th, 2003 at 9:32 pm
Ohh! I got it lol I hat an extra ” in there
should be:
<a href=/”mailto:me@me.com?subject=password access please/”>
not
<a href=/”mailto:me@me.com?subject=”password access please/”>
February 20th, 2003 at 11:33 pm
If only you had the b2 equivalent of this.
Well, I have it, but it’s not working for me, so if anyone anywhere might be able to lend a hand in that area, please e-mail me.
Thanks.
reese@shockmesane.net
March 11th, 2003 at 7:27 pm
Ok I have it up and running on my main page but because comment is not a php page it wont work how do I make comments page a php page. Its showing the whole restricted post. Does that make anys sense?
March 11th, 2003 at 7:29 pm
Dont worry I know how to fix it (take out the actual entries in my comments box).
June 2nd, 2003 at 5:11 pm
Using this is there a way to make the posts comments restricted too? sometimes the comments give away what’s in the post…
June 2nd, 2003 at 5:13 pm
Just make sure that <? } ?> at the very end of the code comes AFTER any comment stuff and it’ll hide it too..
June 4th, 2003 at 4:25 pm
Ok here is another question… is there anyway to do only part of an entry restricted? I assume because you use catagories it’s a no but I thought I’d ask anyway
June 12th, 2003 at 1:21 am
I have a testblog set up here:
http://www.planetgaile.com/testblog/index.php
to try out the password protected entries. It all seems to be working but there is one thing I can’t figure out, and that is why I need to have the “index.php” on the address to make the entries show up. If you leave that off the page looks blank as if no entries are there at all?
Is that a cookie issue and is there a way around it?
Thanks.
June 13th, 2003 at 2:32 am
Could you please post an example index page? The password part seems to be working well but when i try and make a regular post I get a parse error. Also, when I go to create an entry I do it like normal and then just put the <? } ?> at the bottom?
Thank you
June 13th, 2003 at 6:40 am
There’s a sample page here (but that’s without the password access worked in)… I’ll try to post an example of the password access…
June 16th, 2003 at 2:50 pm
I keep getting:
Parse error: parse error, unexpected ‘
June 16th, 2003 at 2:52 pm
sorry, that was:
Parse error: parse error, unexpected ‘$#60′ in /home/MYUSERNAME/public_html/mt/glryx/index.php on line 62
June 16th, 2003 at 2:59 pm
I had to set the entry to draft because I couldnt leave it with an error like that, tell me if you need it back and ill change it… oh and in that parse error it was *unexpected ‘<’* not *unexpected ‘&$60′*
June 17th, 2003 at 5:28 pm
I had this working just fine but I went and accidently deleted my main index, category and date based archive templates (don’t ask lol) the only one that survived was the individual entry archives. Now I can’t seem to get the restricted posts thingy to work again. that’s what happens
June 17th, 2003 at 5:29 pm
forgot to ask if anyone can help…or know the problem?
June 29th, 2003 at 6:51 pm
I hope I didn’t miss this in the comments: do we need to add *both* the IP and Cookie ID to the .ini file (as Shelagh showed in her comment)? Or is it an either/or thing?
Thanks for this - I had fun playing this afternoon. =)
(haven’t tackled the comments moderation script yet, hehe)
June 29th, 2003 at 8:12 pm
It’s really an either or… your choice. Whichever you think will be most reliable. ie. if you have someone that clears their cookies a lot (but their IP only changes once in a while) - IP is probably the better way to go. Otherwise, I’ve found the cookie to be more reliable.
July 9th, 2003 at 9:55 pm
Hi, great hack!
I was just wondering, is there a way to protect your feeds using the script? Or do you just have to enter your entry in the “extended” area?
July 13th, 2003 at 9:16 am
Hello thank you for the great script, I have a few people whow would like to use this and I have set it up this morning, along with blocking the restricted catagory through rss feeds so now the private post will not show up when the page is syndicate. I have a few questions though, it is not password protected when someone clicks on the restricted catagory(I have all the catagories listed off of the front page), also if you click on the archive link it is not password protected, is their any way to do this? I think I can find a way around by just not having the restricted catagory show up in the list on the front page, but how do I make it so the archives are password protected or cookie protected as well?
July 13th, 2003 at 11:52 am
Is there a way to make the edited templates default so when I add a new user I don’t have to edit their templates each time?
July 13th, 2003 at 1:28 pm
Ok I have the archive list locked with a password and I was able to filter out the catagory and not allow the restricted catagory be passed through the RSS feed, but my next challenges is how do I lock down the “recent entry” link besides just removing it all togther?
November 15th, 2003 at 10:26 am
I was playing with the script and trying to figure out if there is a way to make multiple categories restricted. I like to keep my journal organized, so I have different categories for different type of entries. What I was looking to do was to take those same category names, but add RESTRICTED in the new category, so I can stilld divide the restricted entries up.
December 17th, 2003 at 7:12 pm
Hmmm,
I tried this but it seems that the CSS went haywire..
The formatting is messed up.
Has anyone else had this issue?
December 26th, 2003 at 1:09 pm
I have implemented the code on my site, and it works great so far. I have two problems/questions though.
1) when someone sends me an email requesting access, the subject line comes across as access_for__and_123.456.78.910 which seems like it’s leaving out the cookie ID. How can I fix that? And can I put $MTEntryTitle$ in the subject too?
2) any time I use a class or span tag inside of the PHP code, I get a parsing error. Is there a fix for that?
December 27th, 2003 at 11:23 pm
Thanks to Tek, I realized that the answer to the first part of my question was resolved by fixing the code that sets the cookie.
I had changed +126144000,”/”,”.YOURSITE.COM”,0); to +126144000,”/”,”.anxiousdog.com/narcissia”,0);
removing the /narcissa fixed my problem.
I’m still having trouble getting the CSS to work inside the PHP code.
January 11th, 2004 at 10:36 pm
I got this script working without a hitch. Great job! Has anyone been able to devise a means of using this script to protect entries in RSS feeds? If so, please Email me or leave instructions in a comment here.
January 12th, 2004 at 7:59 am
Patch - there really isn’t a way to get it to do the same - since this requires php. Instead, my workaround was that I put the “main” portion of the post in the “more” section for “restricted posts - and gave a brief “summary” in the main part (nothing incriminating)
and then in my RSS feed - I include a link to the “more” as part of the RSS feed - but I only show the main part in the feed.
Another possibility - protect a “full view” of the posts via htaccess/folder password protection - and offer the username and password to access those feeds to those you trust.
January 19th, 2004 at 2:27 pm
Aha! I had not thought of using the more section in that way. I knew there was a reason I had not created a full-post feed.
Thanks. You rock.
January 24th, 2004 at 9:25 am
Oh my gawd.. I must be the biggest dumb ass around here.. Ive been tinkering around with the code (which btw is fantastic!) - but I just dont understand it.
This is going to be a really stupid question, but where do I put the password I choose??
Im not very code savvy. If it wasnt for dreamweaver I wouldnt have a site at all
Im so sorry for being such a pain. I need help!
February 8th, 2004 at 7:06 pm
I’ve discovered an issue with this script. I like to keep a searchable function and a category list on my journal, but doing so allows the restricted entries to be searchable, and viewable in category archives (not sure about monthly yet). Is there any way to get around this?
February 22nd, 2004 at 3:59 pm
I have set up this script at http://divamaggie.com . However, it seems to have added a border around all of my posts. I was wondering if someone may know why. I would really appreciate your help.
February 22nd, 2004 at 4:04 pm
Got it! Off to implement step four.
February 22nd, 2004 at 7:15 pm
In the following code <a onclick= \”window.open
(’http://www.yoursite.com/pathto/form.php’, ‘access’, ‘width=270 , height=17
0, directories=no, location=no,menubar=no, scrollbars=no, status=no, toolbar=
no, resizable=no,screenx=150,screeny=150′);return false\”
href=\”#\”>CLICK HERE TO REQUEST ACCESS</a> where it says …href=\”#\”… , is that supposed to be changed and if so what to?
February 24th, 2004 at 4:28 pm
As far as the “FORM EMAIL INSTRUCTIONS:” go, does anyone have the code for “(you can make this a popup later on using normal javascript popup commands)”? Also, in the <a onclick=\”window.open
(’http://www.yoursite.com/pathto/form.php’,'access’,'width=270,height=17
0,directories=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=
no,resizable=no,screenx=150,screeny=150′);return false\”
href=\”#\”>CLICK HERE TO REQUEST ACCESS</a>. part of the code, where it says href=\”#\”, how would that look after it is filled in? Something like href=\”http://www.yoursite.com/pathto/form.php\”? Sorry for repeating part of this. I was thinking the reason no one has replied to my previous comment was because I had been unclear. I would really appreciate your help with this.
March 31st, 2004 at 9:04 pm
is there a way to tweak this so that instead of assigning everyone a cookie and then comparing the cookie IDs to the list of permitted ones, it’ll give you a certain “permitted” cookie after you correctly enter the password that’ll enable you to access all the entries, and then change it back to a “non-permitted” cookie (or just delete the permitted one) after you click a logout link or when you close the browser? there are computers in my house that are used by several people, so i’m leery about having my protected entries permanently accessible from those machines - it’d be much nicer to have people login once at the beginning of each visit…
i have some php experience, but i’ve never done anything with cookies before, so sorry if this is a silly question.
thanks!!
April 18th, 2004 at 3:31 pm
I notice that there are a few posts about how to prevent restricted entries from showing up in the archives, but I haven’t seen any responses and am having the same problem. i.e. if I post a restricted entry, all a person has to do is click on my archives link and the itemized entry list gives them access to the post. Is there any way to prevent restrcited posts from showing up in the “recent entries” and archives? Thanks.
April 18th, 2004 at 3:43 pm
The script needs to be put on every archive template that displays your post. So that means your main index template, individual archive, monthly and or category archives. Anything that displays the body and/or extended entry of your posts.
April 18th, 2004 at 5:55 pm
Ok, I put the code on all of my templates, which hid the restricted entries, but now some of my templates are messed up. For the most part it works great (see: here) but on the April 2004 Monthly archives and some of the categories archives the template is all messed up. I can’t figure out why this is because it is working fine on other pages in the same archive type.
For examples see monthly archive April 2004, compared to March 2004.
I’ve tried saving a version of the monthly archive template w/o the new coding but that didnt help, nor did deleting 2004_03.php and re-uploading it, or deleting the monthly archive template. Any help would be very much appreciated. Thanks!
April 18th, 2004 at 11:56 pm
This is a great script. I just implemented it on my site to restrict access to some sensitive photos. The only problem I’m having is that on the category archive page where I have all the restricted entries listed down the page, it is subsequently listing the text from the restricted code that many times down the page instead. Is there a way to only display that code once on a category archive list like this?
links to the: CatArchList and relevant code from that page. As you can see I added the /DIV /BODY and /HTML tags to the end of the replacement text in an effort to have the code end the page abruptly on the first iteration, but that obviously didn’t work. Any help would be greatly appreciated. Thanks.
April 19th, 2004 at 8:55 pm
The only problem I’m getting is this error:
Parse error: parse error, unexpected $ in /home/october/public_html/version9.php on line 141
When I go to that line, that unpexpected “$” is not even there. Any suggestions?
April 19th, 2004 at 8:56 pm
The only problem I’m getting is this error:
Parse error: parse error, unexpected $ in /home/october/public_html/version9.php on line 141
When I go to that line, that unpexpected “$” is not even there. Any suggestions?
April 20th, 2004 at 9:19 am
When you’re checking lines for a parse error, make sure you have the word wrap feature turned off in whatever editor you’re using, otherwise you’ll be counting what aren’t actual lines.
April 21st, 2004 at 5:42 pm
This code is great! I modified your code slightly because I only want the password portion. I don’t want to do the cookie thing. However, for some reason I’m getting this error:
Notice: Undefined variable: passwordguess in http://path/to/000579.php on line 737
The password does work, but it just shows the error. I don’t really know php at all, so any help with this would be appreciated! Great work!
April 22nd, 2004 at 2:21 pm
Oh and the error is on page http://www.theboghs.com/blogtest/archives/000579.php.
Thanks
April 23rd, 2004 at 12:10 am
Just thought I’d let everyone know that I got the code working flawlessly now. Had a little help from a friend. Thanks for the script, Jennifer.
May 2nd, 2004 at 7:35 pm
Ok, I’m still getting a parse error with the word wrap turned off. Here is the code:
line 119
line 120
line 121
May 2nd, 2004 at 7:39 pm
oops.
line 119 <div class=”weblog”>
line 120
line 121 <?
line 122$password = bad.girl.; //we’ll be using this on the password potection part…
May 2nd, 2004 at 8:01 pm
Your password should be in quotes:
$password = “bad.girl”;
I will fix the post so that’s more clear…
May 11th, 2004 at 10:25 pm
In regards to the ini file, what if the person is on dial up and has a different ip number each time they connect to the internet?
May 12th, 2004 at 7:51 am
That’s why you’d want the cookie ids as well as IP. You can put in both for each person to cover all your bases. (Or maybe ask them to tell you whether they are on dialup when the request access - and then only use the cookie value in those cases)
May 25th, 2004 at 4:24 pm
Do any of the mt tag names change with the 3.0D upgrade? I would really appreciate your support.
July 3rd, 2004 at 2:02 pm
I just found out that my feeds aren’t protected this way (of course when I think about it…).
Any way how I can protect them aswell?
I can’t get the code to work as it has MT-cat-tags.
September 14th, 2004 at 8:19 pm
At Virtual Venus, a Movable Type resource site that’s sadly no longer updated, I found a strategy to restrict certain portions of a blog post. It uses the old Scripty Goddess proected entry hack and another plugin, but the end…
October 19th, 2004 at 12:16 pm
scriptygoddess…
October 21st, 2004 at 8:02 pm
scriptygoddess…
January 13th, 2005 at 6:33 pm
A quick question about this on multiple blogs. Will this work on http://www.anxiousdog.com if I have it set up on http://www.anxiousdog.com/narcissa/ ? I’m assuming I just implement it the same way and then use a different .ini file.
January 27th, 2005 at 11:17 am
Of course I answered my own question. I just made another .ini file for the other website.