Allowing only a logged in user to run php script in Joomla

Question

I recently installed joomla 3x with 'simple file upload' module. I modified the module php script so that a user can input variables such as $title, $artist, etc. within a form. The form post the variables to another php files (make-page.php) that renders the inputs into a nice html page ... that works fine.

But when I use defined('_JEXEC') or die('Restricted access'); at the top of the make-page.php to prevent a non logged in user to access and run the script, the logged in user can no longer access the script him/her self ?

I have looked at the answers for similar _JEXEC situations, but no luck so far... Can somebody point me in a good direction?

Thanks many time.

[_JEXEC doesn't check if a user is logged in](https://docs.joomla.org/JEXEC) — Epodax, Mar 30 '16 at 13:07
I believe it checks for a direct access... Shouldn't a logged in user accessing a local script be granted access? If not then what would be the way to do it? Again, thank you. — Dan, Mar 30 '16 at 13:21

score 1 · Answer 1 · answered Mar 30 '16 at 14:35

1

_JEXEC is not a function to check if a user is logged in or not.

To perform this check, you can use the following:

$user = JFactory::getUser();

if (!$user->guest)
{
    // Run the PHP script
}
else
{
    echo 'Sorry, you must be logged in';
}

answered Mar 30 '16 at 14:35

Lodder

19,758
10
59
100

Allowing only a logged in user to run php script in Joomla

1 Answers1