samuelyip74 Posted December 31, 2018 Share Posted December 31, 2018 Hi, I created a custom login page and added a hook to redirect non-logged in user to the custom login page. Here the hook: <?php use WHMCS\View\Menu\Item as MenuItem; add_hook('ClientAreaPage', 1, function($vars) { // Perform hook code here... $client = Menu::context('client'); if (is_null($client)) { header("Location: https://www.mysite.com/clientarea/login.html"); } }); I tested and is working fine. How can I exclude certain templatefile from redirecting to the custom login page? I need to exclude logout.php, pwreset.php from redirecting to the custom login page. It seem the hook I created forces all non-logged in user that touch the clientareapage to redirect to the custom login page, including logout.php, pwreset.php etc. Any advise? 0 Quote Link to comment Share on other sites More sharing options...
brian! Posted January 2, 2019 Share Posted January 2, 2019 On 31/12/2018 at 14:09, samuelyip74 said: Any advise? the hook you want already existed. 🙂 0 Quote Link to comment Share on other sites More sharing options...
samuelyip74 Posted January 31, 2019 Author Share Posted January 31, 2019 On 1/2/2019 at 8:11 PM, brian! said: the hook you want already existed. 🙂 Thanks 0 Quote Link to comment Share on other sites More sharing options...
javacodemonkey Posted December 9, 2020 Share Posted December 9, 2020 After making the update to WHMCS 8.04, I found that this hook causes excessive redirects and must be disabled. Is there a modification that needs to be made to it for it to function properly? Here is the code specified in the aforementioned posts if (!defined("WHMCS")) die("This file cannot be accessed directly"); function hook_ForceEveryoneToLogin($vars) { $clientID = intval($_SESSION['uid']); $adminID = intval($_SESSION['adminid']); if ($adminID===0){ if (!in_array($vars['filename'], array("login","dologin","clientarea","pwreset", "register")) && $clientID===0){ header("Location: login.php"); exit; } } } add_hook("ClientAreaPage", 1, "hook_ForceEveryoneToLogin"); 0 Quote Link to comment Share on other sites More sharing options...
brian! Posted December 10, 2020 Share Posted December 10, 2020 21 hours ago, javacodemonkey said: After making the update to WHMCS 8.04, I found that this hook causes excessive redirects and must be disabled. Is there a modification that needs to be made to it for it to function properly? the issue is possibly caused by index.php being used far more than it was years ago and with index not being included in the whitelist of filenames - including it in the list could be a quick fix, but might then allow access to pages that you don't want non-clients to see. ultimately, you might need to use a combination of filenames and template names to be more specific about what you want non-clients to be able to view. 0 Quote Link to comment Share on other sites More sharing options...
javacodemonkey Posted December 10, 2020 Share Posted December 10, 2020 @Brain!, You were right. The inclusion of that filename allowed the page to stop redirecting but now it won't redirect to the login page. It will go there naturally when selected, but not when the I select other pages (like store, announcements, etc.). I'm a developer but these hooks confuse me beyond belief. 0 Quote Link to comment Share on other sites More sharing options...
steven99 Posted December 10, 2020 Share Posted December 10, 2020 What about checking URL? if $_SERVER['REQUEST_URI'] != '/login' then redirect to login. if not register.php, redirect. If not /password/reset, reset. Etc, etc . 0 Quote Link to comment Share on other sites More sharing options...
javacodemonkey Posted December 11, 2020 Share Posted December 11, 2020 I ended up doing something similar by checking the URL and sending to the login page with an if/else statement. I'll share it here so that others may use it as needed. <?php if (!defined("WHMCS")) die("This file cannot be accessed directly"); function hook_ForceEveryoneToLogin($vars) { $clientID = intval($_SESSION['uid']); $adminID = intval($_SESSION['adminid']); // Create the link for the incoming URL. $link = "https"; $link .= "://"; $link .= $_SERVER['HTTP_HOST']; $link .= $_SERVER['REQUEST_URI']; if ($adminID===0){ if (!in_array($vars['filename'], array("index")) && $clientID===0){ // Check if the link is accurate. if($link != "https://billing.dang-designs.com/index.php?rp=/login"){ header("Location: login.php"); exit; } } else if($clientID===0){ // Check if the link is accurate. if($link != "https://billing.dang-designs.com/index.php?rp=/login"){ header("Location: login.php"); exit; } } } } add_hook("ClientAreaPage", 1, "hook_ForceEveryoneToLogin"); 0 Quote Link to comment Share on other sites More sharing options...
JerettP Posted June 16, 2021 Share Posted June 16, 2021 Is there away to have this but allow the direct store links to work or at least the direct to product link to work? Path I am looking for - Order page on my site (not whmcs) / click purchase / direct product link to purchase / once complete then access to the client area 0 Quote Link to comment Share on other sites More sharing options...
Starfiniti Posted December 4, 2021 Share Posted December 4, 2021 I'm on 8.3.1 and none of this hooks works for me. I get an error to many redirects. Did anyone find a solution for new version? 0 Quote Link to comment Share on other sites More sharing options...
Saulo Magno Posted November 12, 2022 Share Posted November 12, 2022 On 12/4/2021 at 12:45 PM, Starfiniti said: I'm on 8.3.1 and none of this hooks works for me. I get an error to many redirects. Did anyone find a solution for new version? Same problem here... Is there a fresh code to use for it? Many thanks in advance... 0 Quote Link to comment Share on other sites More sharing options...
brianoz Posted November 13, 2022 Share Posted November 13, 2022 18 hours ago, Saulo Magno said: Same problem here... Is there a fresh code to use for it? Many thanks in advance... There are a bunch of possible reasons; first thing I'd check is whether the login page URL has changed, or whether the hook has changed. 0 Quote Link to comment Share on other sites More sharing options...
Saulo Magno Posted November 14, 2022 Share Posted November 14, 2022 I try to reply many times and have 403 error here.. is about "How to restrict ALL pages to logged in users only" and no one code works. When works, a redirection error happens 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.