Want to restrict Joomla 1.5 site logins to users with current CiviCRM memberships?
This Joomla 1.5 Authentication plugin does this:
- Use the Joomla user table to authenticate against and then
- check that that user has a current CiviCRM membership record
- Download the plugin zip file to your local system
- In the Joomla 1.5 backend system select [Extensions] [install/uninstall] from the menu
- Enter your ftp credentials if required.
- Browse to the package file you saved in step one, click [Upload File & Install]
- The plugin should report installation success.
- Goto [Extensions] [Plugin Manager] from the menu and edit the Authentication - CiviCRM plugin
- Enable the plugin
- modify the params as follows:
- is current = the highest value of civicrm_membership_status.id which relates to a valid current membership. You will need to use phpMyAdmin to look at the civicrm_membership_status table to find the highest ID which relates to a valid current membership status.
- Old Membership = a relative URL (eg index.php?option=com_content...) to redirect users who have a contact match but do not have a valid membership. You can use this to redirect the user to a civicontribute form maybe. This is not currently tested - feedback required.
- Bad Password = a relative URL to redirect users whoes password does not match. This should generally be the same as the following option for secuity reasons.
- No Match = a relative URL to redirect users who do not appear to have a joomla registration.
- You may have multiple authenication plugins and Joomla will work though them sequentially to find a valid login. It is recommended that all other authentiction plugins are disabled, otherwise non members may gain access to your site. It is vital that your admin user has a corresponding CiviCRM membership or you will be locked out of your Joomla Admin. If you are locked out then you'll need to go into PMA and toggle the relevant published fields in jos_plugins.(fixed in v1.0.1)
- You may want to change the Login Redirection Page parameter in mod_login for users with successful logins.
To uninstall this plugin:
- publish the Authentication - Joomla Plugin
- unpublish the Authentication - CiviCRM Plugin
- Uninstall it from the [Extensions] [install/uninstall] dialog
If you do not unpublish it first then the unistallation will remove it from the Joomla plug tables but leave the files in place thus making a reinstall fail until you have manually removed the files.
Notes on using this plugin
- the civicrm_membership_status_calc() function does not handle admin status overrides (is this an oversight?)
- not tested with multiple memberships per contact
- For Joomla 1.5 only
v1.0.0 First version
v1.0.1 Added Joomla Superadmin bypass of CiviMember authentication. This means that you do not have to have a membership for your superadmin and will not get locked out of the backend.
v1.0.2 Added check to ensure a contact has a CiviMember record. If no membership record exist redirect them using the "Old Membership" redirect.
v1.0.3 Fixed a problem where a user was being refused access if he did not have an entry in the civicrm_uf_match table.