Drupal coder

Display login form for anymous users when 'access denied'

When a user requests a page he's not allowed to see, he gets an 'Access denied' page with the message 'You are not authorized to access this page. '.

Sometimes the user has access to the page but he hasn't logged in yet. So to make the user's life easier, you provide him with a login form on the 'access denied' page so he can login immediately and gets redirected to the page he requested originally.

How do you do this?

Start by creating a new Page (node of type Page). Set the input format for the body to 'PHP code'. Start typing the message you want to give to the user, something like 'This page is restricted to logged in users. Please provide your credentials below.'.

You then display the login form my typing the following code below your message (or anywhere you want to put the login form):

<?php
print drupal_get_form('user_login');
?>

If you also want the 'Create new account' and 'Request new password' links under your form you can use the login block by typing the following code instead of the previous:

<?php
print drupal_get_form('user_login_block');
?>

Voila, your page is done. But you won't be able to see it since you are logged in right now. So to test your page log out and go to your page. If you don't know the drupal path of your page, go to Administer > Content Management > Content to find it.

To finish setting up your page, you have to tell Drupal to use your new page as the 'Access denied' page. You can do this by going to Administer > Site configuration > Error reporting and providing the drupal path of your new page for the 403 page.

February 05, 2008Drupal, error reporting

Comments

thedel — November 17, 2011 at 12:48.

Can I replace the text with an image to the logging/register page. I don't want to appear the 'Access denied' page with the message 'You are not authorized to access this page to the users. I prefer an image. I am trying that with a similar way as you describe but nothing happens. It appearw the same message again... What's wrong?

Thx a lot! :)

tinker — May 08, 2011 at 17:02.

Most of these posts assume that the user gets an "Access Denied" page because they are logged out. It therefor makes sense to redirect them to a login page or display the form on the access denied page. No one seems to have thought about what happens if the user IS logged in and gets and "Access Denied"? Most of the suggestions here, including the original post, will cause a looped condition where the user is requested to login, but is logged in, and gets and access denied page, rinse and repeat. LoginToboggan addresses this issue.

Meat Slicers — December 31, 2010 at 22:46.

If setup correctly, it should lead the user right back on the page they didn't have access to after logging in.
http://api.drupal.org/api/function/drupal_goto/5

PamBoandFeeda — November 21, 2010 at 19:08.

How many IBL has, does it have spam on it and other this kind of things.
But if the directory is clean and your link is not to far from the directory root your link will count as a normal one.
Many people are saying that directories are dead and we should avoid them, that is wrong a link is a link no matter where you get it.

Wogrannopay — November 11, 2010 at 18:01.

hi, every one. i am new here

------------------------
[url=http://www.itunesblog.com]itunes[/url]

peach - all drupal themes — February 26, 2010 at 13:15.

Thanks, worked great!

I added a warning message too:

<?php
drupal_set_message('Sorry, you are not authorized to access this page','warning');
print drupal_get_form('user_login');
?>

Markus — June 26, 2009 at 19:32.

I was using this solution for quite some time and then found out that this is only working if the user in not logged in at all.
What happens if the user is logged in but does not have the right to access the site he will end up in a loop.
Do you have a solution on this?

Regards
Markus

Anonymous — June 03, 2009 at 03:52.

Alternatively you can just go to Administer > Site configuration > Error reporting and set the 'Default 403 (access denied) page' to: user/login

Rimian — April 28, 2009 at 10:01.

Append ?destination=url where url is the drupal path of your destination (not the absolute address)

Anonymous — August 03, 2008 at 17:52.

The "Login toboggan" module has an option that allows you choose the login block to be shown on the access denied page. If the user logs in, they will be redirected to the page they were originally attempting to reach (assuming their role has access to that page).

The module also has a number of other enhancements to the login process, all of which can be turned on or off.

Alex — July 17, 2008 at 03:36.

Can you provide some more information on going about redirecting users after a successful logon from a custom access denied page as described in this post?

Thanks,
Alex

Alex — July 17, 2008 at 03:25.

This page was great in helping me create the login block for the access denied page. Now how do I add to the code so that upon logon the user is directed to the page he originally requested?

Thanks,
Alex

Steve Oliver — July 17, 2008 at 01:56.

Thanks, Davy.

-Steve

Marcin Pajdzik — May 19, 2008 at 03:28.

Alternatively you can just go to Administer > Site configuration > Error reporting and set the 'Default 403 (access denied) page' to: user/login

dvessel — February 07, 2008 at 20:59.

You can also use "drupal_goto('user', drupal_get_destination())" within an access check. Adding a nice touch with drupal_set_message() indicating that they are not authorized to view the page would be cool too.

If setup correctly, it should lead the user right back on the page they didn't have access to after logging in.

http://api.drupal.org/api/function/drupal_goto/5

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options