ansaurus

Question

Answer 1

+1 A:

I believe this accomplishes what you're trying to do.

/**
 * Implementation of hook_user
 * lock out without the 'log in' permission
 */
function odp_user($op, &$edit, &$account, $category = NULL) {
    if ($op == 'login' && ! user_access('log in')) {
        drupal_set_message("You don't have permission to log in");

        //prevent login
        header("Location: http://www.example.com/?q=logout");
        // header("Location: http://www.example.com/logout"); if using clean URLs
    }
}

This logs the user out and displays a message. If I remember right, hook_user with $op login fires AFTER the user logs in, so this would immediately log them right back out - essentially making it so they can't log in.

McAden 2009-09-03 16:53:10

is there a way to do this user drupal_goto() instead of header()? If my base path changes, this code would become problematic.

Rosarch 2009-09-03 16:56:26

drupal_goto actually uses header() in that manner. Go ahead and use it instead of header() directly.

ceejayoz 2009-09-03 16:59:17

Source code: http://api.drupal.org/api/function/drupal_goto

ceejayoz 2009-09-03 17:00:29

and this code doesn't seem to work. it sets the message just fine, but people can still log in.

Rosarch 2009-09-03 17:00:34

I'm assuming you changed "example.com" to your site?

McAden 2009-09-03 17:07:54

Answer 2

A:

I don't have a Drupal instance to test this on ATM, but I think you want this:

/**
 * Implementation of hook_user
 * lock out without the 'log in' permission
 */
function odp_user($op, &$edit, &$account, $category = NULL) {
    if ($op == 'login' && ! user_access('log in')) {
        global $user;
        $user = drupal_anonymous_user();
        drupal_set_message("You don't have permission to log in");

    }
}

That deletes their user info and replaces it with the anonymous user instead.

mabwi 2009-09-03 17:08:46

ansaurus

tags:

views:

answers:

Drupal6: User Access to Deny Login

related questions