Restrict page access to authorized MODx managers only

A while ago I needed to create a private zone with documentation, accessible only by the MODx managers (I’m talking about MODx Evolution here). In order to restrict access I wrote a simple snippet, which you can now use as well.

Snippet name: ManagersOnly
Description: Restrict access to managers only.

if (!isset($_SESSION['mgrValidated']))
{
	header('Location: '.$modx->makeUrl($modx->config['unauthorized_page']));
	exit;
}
else
{
	$modx->setPlaceholder('manager_name', $_SESSION['mgrShortname']);
}

Usage: add [[ManagersOnly]] in the beginning of the page or in a template. In case the visitor is authorized as a manager, the snippet will also return the placeholder [+manager_name+] (MODx manager’s “short name”), so you can greet them. Please note that the placeholder will not work correctly with cached pages.

This entry was posted in Programming, Releases and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *