I block access to joomla administrator catalog with htaccess file. Set additional password required.
The problem is that stateselector.js from administrator catalog is needed by flexicontent not only in back-end. If I set htaccess to required a password, then in front-end all the time appear window to login.
I copy this stateselector.js to catalog outside administrator folder, and change path in flexicontent.helper.php. Now, it work great.
But it is possibble to disable loading stateselector.js from administrator catalog in front-end? In components/com_flexicontent/assets/js/ is another stateselector.js (a little different than in administrator catalog).
PS. Joomla 2.5.6 & Flexicontent RC5 (didn't test on RC6, but I see, that have the same flexicontent.helper.php for administrator catalog).
There are a few other backend files used in frontend, not only just this file
-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the
FLEXIcontent JED listing
with a 5-star...
i agree with braern: it would really be very neat if we could use htaccess for the BE.
just had the same problem and was forced to take down the extra security again. (stateselector.js from teh admin folder was loaded. don't think i need it, and didn't find it where braern described it.)
Question the Flexicontent Team. Is there a chance you release an update with /no/ depencies on backend files?
that would be so great! Thanks you in advance!
-- the problem are ONLY the references to backend files that are inside the HTML returned by FLEXIcontent frontend views, and not including files from the backend folder
these are only a few,
so i will move the common files to frontend,
and thus you will be able to limit access to the backend via a web server directive (.htaccess file)
Also, inside FLEXIcontent code there are some references to the backend that are hard-code to using folder name administrator:
- I will correct all such references, so that JPATH_ADMINISTRATOR is used instead.
Thus you should be able to also rename the administrator folder too (there is Joomla extension that does this)
or maybe instead protect the folder with an extra security step like htpassword
or use a cookie solution:
forum.joomla.org/viewtopic.php?f
... 0#p1801566
-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the
FLEXIcontent JED listing
with a 5-star...
about stateselector.js , we could move it to frontend and load it from there,
but i see that also form.php have backend references to js scripts and css files, thus changing the location of these files would break all existing FLEXIcontent template form overrides, i am not sure for this one.
-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the
FLEXIcontent JED listing
with a 5-star...
-- Flexicontent is Free but involves a big effort on our part.
Like the our support? (for a bug-free FC, despite having a long list of functions) Like the features? Like the ongoing development and future commitment to FLEXIcontent?
-- Add your voice to the
FLEXIcontent JED listing
with a 5-star...
