Members section needed: With members signup and verification before gaining access

I’m, thinking Siteloick is the boyo here, but I’ve never used it.

I’ve got a gig to build a B2B section for a distributor. The way it will work is dealers hit up the site and will go thru the signup process; name, email, business name, password, etc. These applications for access then need to be “stored” in a holding area, with an email sent to the admin, who will verify the application and then grant access.

Once access is granted the dealer will need to be sent an email telling them they are now allowed in.

The system will need a “forgot password” facility and the admin will need to be able to revoke access easily.

The page(s) this system needs to protect is most likely going to be a Foundry Alloy page, so need to ensure there is no issues on that front.

Am I right, is Sitelock the boy for the job? Hoes does it work?


@steveb It seems like SiteLok will do all you need, but I’m not 100% sure as I haven’t needed to do all the things on your list. @vibralogix will be able to confirm/deny.

Sitelok works perfectly with Foundry (or any other theme). You set up a dedicated Sitelok location that has it’s own page (non RW) for managing everything. This is installed by Sitelok. Easy to set up multiple groups each with their own passwords/conditions.

I always end up adding Sitelok to new course websites at the last moment: my bad. But in those cases, when adding to 40 pages, I do find Joe’s Sitelok stacks helpful. But realistically, when installed on fewer pages and with a more relaxed time schedule, using the snippets that Sitelok provides is just fine. (The actual snippet changes a bit depending on where the page is relative to the home page of a site: that’s where I screw up when doing a lot of these at once.)

1 Like

This is exactly how I use Sitelok for a radio club member area on the website. The applicant fills in the online Sitelok form, the application comes to me and the applicant gets an acknowledgement email explaining that their membership will be checked etc.

The application email that comes to me has an ‘approve’ link in it as part of the Sitelok form. I check the membership database and if their subscription is current, I just click on the ‘approve’ link in the mail and their account is activated in the Sitelok database and they get their login details mailed to them. If they are not a current member, I can chase them down manually - although thinking about it I could have another action link setup to send them a ‘you are not a current member’ email.

The registration form does have a forgotten password link and I also have a Sitelok ‘update details’ form that they can access from the member area once they have the login details.

I set the membership period to 365 days then it expires just so I can keep an eye on who still has paid up for the year :)

The payment side is not part of my Sitelok setup, that’s all snail mail.

Also, Adrian of Sitelok provides excellent and very quick support.

1 Like

Perfect. Sounds like the job. Only thing niggling me is Alloy. I know you say it works with Foundry, but I’d to check it and Alloy play nicely together.

I wonder if anyone knows?

Final question… Is it really only €40? That seems to be the price if I stick it in the basket, but it seems far too cheap. I’m wondering if I need to factor is some other aspects, or mayb Sitelok addons or summit?

@steveb Yes, I’ve used it with Alloy. Super simple. Alloy has it’s own password/login system. But I just layered Sitelok on top of that. Sitelok to get access to the page. Alloy to get access to editing tools.

Yes, 40. 20 for additional copies for new domains. And 20 when you upgrade. You don’t need to upgrade every year: that’s your choice. So upgrade, and pay 20, when there are new features/fixes relevant for your needs.

Excellent. I wouldn’t need to protect the editor page with Sitelok, only the public facing pages.

Another question: I’ve just watched the video on the Sitelok page… Anyone know if some areas of the dashboard section can be restricted for admins?

What I mean is… I’d want access ot it all, as I’ll be designing the forms etc. The client for whom I’ll be building the site really only needs access to the members lists and the email bit. I’d rather block them from things like the designer pages etc. as they’ll just mess things up!

So what I’\m really asking is can you setup super admins (access to everything in the admin dashboard), and regular admins who only have access to the stuff in the admin dashboard that hte super admin has allowed them access to?

EDIT: And that’s cheap!

I think you can do what you want re: differential access, but not positive. Never had a need to set this up, or try. @vibralogix can answer this easily enough: hopefully he’ll be able to respond to you later today.

1 Like

Awesome stuff, thanks.

I just need to try and get an idea of how complex/time-consuming it is to set it all up, so I can work out the price to the client.

Hi Steve,

Thanks to everyone for their replies. From what I have read Sitelok should be able to do what you need. With regards to admin access there is a sub-admin level that has less access (mostly blocking configuration etc) but not sure if that is what you need. Contact me via the site and we can look further at that.

If it helps I can install Sitelok for you on your server.


1 Like

Steve, the Sitelok manual is very good (yes there is a manual - ha!) and Adrian is very open to creating one-off solutions if you get in touch with him.

I do ‘renew’ my Sitelok annual support subscription as I really do think that Adrian deserves support and recognition for what he has achieved. I’m not connected with Sitelok in any way other than being a very satisfied customer.

1 Like

Manuals? Not 18hr videos staring a ginger gimp? What a crazy idea! ;)

I’ll get a copy bought to use as a test bed on my own site. Then if it works out I’ll get another for the client.

Thanks all.

1 Like

Thanks, but all sorted. It’s about as easy to setup as it can be.

Question for folk, although I’m sure I’ll get the answer as I work thru the manual, but…

I’ve setup a sub-domain: and fired the SL folders/files into its root. So,, which raises my first question…

  1. Can I change this folder name from slpw to something else? I never like using the default folder names for things like this for security reasons.

  2. Can I fire the RW site straight into the same subdomain? So for instance, if I have a page called /private/ the URL will be Obviously, I won’t be naming any pages slpw or members!

EDIT: Got a little members site setup, all really easy to do and very intuitive. So far, beyond using the manual to install the script I’ve not had to use it.

Another question though…

  1. Logout links. Can these be setup so you don’t see them if logged out?

Thanks for that.

You can rename the slpw folder. Just make sure you adjust that in Tools - Configuration - Install paths as well .

RW itself can be setup to create sites on subdomains so that should be fine.

You can show and hide contend based on various conditions. If you are using Joe’s Sitelok stacks you can use the Visilok stack with the ‘Display when not logged in’ setting to do that.

If you are using snippets you can use

<?php if ($slpublicaccess) { ?>

before the content


<?php } ?>

after the content

Joe has a free stack called Enclosure which makes adding code snippets before and after content really easy. I have found it very useful over the years.

1 Like

Thanks @vibralogix I’ll look into that.

After an hour or so last night, and the same again this morning, a really rough, but functioning little demo site is built out and I think, doing pretty much everything I’ll need for this client. As yet, I’ve not had to use the manual, so testament (for me at least) of a very intuitive system.

I’ll demo this to the client next week and should get the go-ahead.

One thing that does niggle me a bit right now is I can’t work out how to use the login page I’ve created instead of the default one, when someone attempts to log in to a protected page. I did scan the manual for that, but couldn’t find it. I’m sure it’s there, just need to work out the right search term. Any pointers?

Two more questions for you…

1 Do messages sent via the contact form get stored in the database, or do they simply pass-thru Sitelok, so to speak?

  1. Do I just use the contact form on the site to gain additional licences?

Thanks so much to everyone for all the help on this, it’s been way faster to get my head around this than I thought, everyone has been a great help.

Glad it’s going smoothly.

Messages sent via the contact form are only emailed on and not stored in the database.

For extra licenses you just need to make sure you are logged in to and add Sitelok to the cart. You should see the discounted price then.

In RW this is the best way to replace the default login form with a page on your site where you have added a custom login form.

  1. In Tools - Configuration - Pages & templates - No access URL

enter the URL to your login page with ?redirect=page appended. So for example


Once set when you try to access a secured page it will show your login page. After login the user is returned to the page they tried to access. GIve it a try and let me know if you have any problems.

1 Like

Got that, thanks.

Regarding SUBADMINS… Is there a reason why I don’t seem to be able to make someone already registered a sub admin?

If I try to change the underground of someone already registered as a user to SUBADMIN, it says usergroup doesn’t exist.