Name: Easy Content Restriction (ECR)
Version: 5.2.0.0-PRO (Joomla! 5) / 4.3.1.1-PRO (Joomla! 4) / 3.7.8.0-PRO (Joomla! 3)
Type: Plugin
License: GPLv3
Description: Protects content in articles with a special syntax from specified user groups or a password.
Download: ECR - Easy Content Restriction Downloads
Protects content in articles with a password or only displays it to approved user groups
With this plugin you can hide text in your articles with a password or from specified user groups with a simple syntax call directly in the articles. Special features are the unusual syntax use (square brackets) and the Safe Mode to avoid hidden text to be showed in other components (e.g. search component). Because the typical plugin syntax is removed in calls from the outside, the plugin does not use curly brackets. In the Safe Mode the whole article is replaced with an empty string if ECR detects a call from outside the content component of an article which uses the plugin.
Features
- Global Password Protection (PRO)
- Protection for frontend, backend or both (PRO)
- Protects content in articles (FREE) / Protects content on the entire website (PRO)
- Password Mode - Protect your content with a password! No user account required to load the content - just the correct password
- Remember successful password inputs - Entries are stored in the user's session, and the password does not have to be entered again (PRO)
- Easy syntax to call the plugin:
[ecr]YOUR TEXT[/ecr]
- Safe Mode: Content protection not only in the article view
- Blur Mode: Shows a blurred version of the original text as a preview (PRO)
- Specify the allowed or disallowed user groups
- Specify allowed users using their IDs
- Set an individual replacement text
- Languages: English and German
Installation
Install the plugin in the backend, then adjust and publish it in System -> Plugins -> Content - ECR - Easy Content Restriction.
Content Protection
Confirmation Mode
In this mode, you can request confirmation from the visitor to load the content. This is especially useful if you want to load external sources concerning data privacy, e.g. Iframes of YouTube videos or Google Maps, which do not have to be additionally protected by a password.
[ecr|confirmation]<iframe ....></iframe>[/ecr]
You may overwrite the default confirmation headline and text by adding a third and fourth parameter to the syntax (see example in the Password Mode) or by language overrides for the language constants PLG_SYSTEM_EASYCONTENTRESTRICTION_CONFIRMATION_HEADLINE
and PLG_SYSTEM_EASYCONTENTRESTRICTION_CONFIRMATION_TEXT
.
Password Mode
In this mode you can protect the content with a password, no user account is required to load the content - just the correct password.
[ecr|password=XXX]Hidden text[/ecr]
Replace XXX with a self-defined password, e.g. asdf?!*#123
In password mode, you may set an individual heading with the help of a third parameter::
[ecr|password=XXX|Please enter the password here]Hidden text[/ecr]
(PRO)
Use the following syntax to enable the multiple passwords functionality. Define the passwords in the settings of the plugin.
[ecr|multiple]Hidden text[/ecr]
(PRO)
Standard Mode
In the standard mode only global parameters from the settings are used in the execution of the plugin.
[ecr]Hidden text[/ecr]
In this mode, the content can be password protected by pre-defined rules with a unique hash. The plugin loads the replacement content from an assigned, unpublished article.
[ecr]HASH[/ecr]
(PRO)
Override Mode
IDs for groups which are allowed to access the hidden text
[ecr=8,5,3]Hidden text[/ecr]
You can also toggle the permission rights! IDs for user groups which are not allowed to access the hidden text
[ecr=8,5,3|toggle]Hidden text[/ecr]
The replacement text for groups with no permission can also be set individually
[ecr|You have to login to see the text!]Hidden text[/ecr]
Of course you can use all parameters together at once
[ecr=8,5,3|toggle|You have to login to see the text!]Hidden text[/ecr]
Note: Use plg_content_easycontentrestriction in the free version instead.
Pages Protection (PRO)
This option protects certain pages from being accessed with a password. The content of such protected pages is loaded only after entering the correct password. You can specify the pages to be protected via internal parameters. These parameters can be determined using the integrated debug mode.
Global Password Protection (PRO)
You may enable global protection for the complete website. In this mode, the plugin stops the execution of the application and shows a password input field. Visitors have to enter the global password to be able to load the content of the website.
Changelog
Latest release
Version 5.2.0.0-PRO - 2025-01-07
- + Increased technical requirements for Joomla! 5: Increasing Technical Requirements 2025 - Core & PHP for Joomla! Pro Extensions
- + Optimising code to meet new requirements can enhance its quality, performance, and security.
Version 5.2.0.0-PRO - 2025-01-07
- + Increased technical requirements for Joomla! 5: Increasing Technical Requirements 2025 - Core & PHP for Joomla! Pro Extensions
- + Optimising code to meet new requirements can enhance its quality, performance, and security.
Version 5.1.1.0-PRO - 2024-05-13
- + Improved Pro Security Token validation check. The Pro package contains a token file with an individual security token linked to the user account that is checked against the validation server for authenticity. If the file is missing or the token is invalid, you cannot edit the settings and use the extension. The Pro Security Token field has been extended to handle incorrect tokens and blocked accounts. If you encounter an error message related to the token, download the Pro version with your Pro subscription from the linked download page and install it again!
- Attention: The Pro extension will not work correctly if the token file or custom field is missing or modified. Never edit or remove the files to ensure correct functionality.
Version 5.1.0.0-PRO - 2024-04-17
- + Subscriber Interface: The plugin has been rewritten to utilise the subscriber interface, enhancing its integration and performance capabilities.
Version 5.0.2.0-PRO - 2024-04-10
- + Added Allowlist for GET parameters option for the Global Password Protection feature. With this option, you may bypass the global protection with a self-defined token or allow third-party services to execute commands even if the global protection is enabled. Input example:
token=123!?S3Cr3T
oroption=com_remotemonkey,task=api.process,format=raw
. Thanks to Christian G. for requesting this feature! - # Improved the way how the text object properties are processed and manipulated. Thanks to Schlossgarde for reporting the issue!
Version 5.0.1.1-PRO - 2024-03-09
- # Fixed "Read more" function handling in category view. Thanks to Mr. Fifteen for reporting this issue!
Version 5.0.1.0-PRO - 2023-11-21
- + Added the Remember successful password inputs for pages option to save successfully entered passwords for Pages Protection to the session, so they don't have to be re-entered on each page load.
- ^ Bypassed a deprecated call in the calendar field provided by the Joomla! core.
- ^ Rewrote the usage of the session namespace to avoid the logging of a deprecated message.
- # Fixed an issue with the multiple password feature where a message was incorrectly displayed stating that the password was entered incorrectly even though no password was entered at all.
Version 5.0.0.0-PRO - 2023-10-31
- + First Pro release for Joomla! 5.x based on ECR Pro version 4.2.0.0-PRO
- + The plugin "Behaviour - Backward Compatibility" is not required. The extension only uses supported classes in Joomla! 5.
Version 4.3.1.1-PRO - 2024-04-10
- # Improved the way how the text object properties are processed and manipulated. Thanks to Schlossgarde for reporting the issue!
Version 4.3.1.0-PRO - 2024-03-14
- + Added Allowlist for GET parameters option for the Global Password Protection feature. With this option, you may bypass the global protection with a self-defined token or allow third-party services to execute commands even if the global protection is enabled. Input example:
token=123!?S3Cr3T
oroption=com_remotemonkey,task=api.process,format=raw
. Thanks to Christian G. for requesting this feature!
Version 4.3.0.1-PRO - 2024-03-14
- # Fixed a format issue in the option "Password expiration time". Thanks to n1mdas for reporting this issue!
Version 4.3.0.0-PRO - 2024-03-08
- Increased technical requirements for Joomla! 4: Increasing Technical Requirements 2024 - Core & PHP for Joomla! 4 Pro Extensions.
- # Fixed "Read more" function handling in category view. Thanks to Mr. Fifteen for reporting this issue!
Version 4.2.1.0-PRO - 2023-11-21
- + Added the Remember successful password inputs for pages option to save successfully entered passwords for Pages Protection to the session, so they don't have to be re-entered on each page load.
- ^ Bypassed a deprecated call in the calendar field provided by the Joomla! core.
- ^ Rewrote the usage of the session namespace to avoid the logging of a deprecated message.
- # Fixed an issue with the multiple password feature where a message was incorrectly displayed stating that the password was entered incorrectly even though no password was entered at all.
Version 4.2.0.0-PRO - 2023-09-22
- + Added Remember Confirmations option. Confirmations are stored in the user's session, and the confirmation does not have to be consented again as long as the session is active. Thanks to Ufuk A. for requesting this feature!
- + Improved Installation Script. Updated the installation script to check for the highest compatible version of Joomla automatically! This feature aims to prevent issues that may arise from using incompatible core versions, thereby ensuring a smoother installation process.
Version 4.1.4.0-PRO - 2023-04-26
- + Added Password expiration time option for Password Protection Rules. The password expiration time option is a helpful feature for keeping your content secure. However, if you prefer not to use this feature, leave the field blank, and the password will not expire. Thanks to Svetoslav Slavkov for requesting this feature!
Version 4.1.3.0-PRO - 2023-03-15
- + Added Brute Force Protection - IP Address Blocking feature. Thanks to Svetoslav Slavkov for requesting this feature!
- + Added Activate IP blocking for password inputs option. With this option, the plugin blocks IP addresses from accessing the protected content if they exceed the allowed number of submission attempts. All password requests from restricted IP addresses are blocked directly by the plugin. After the specified block time, the IP addresses are removed from the lock list and can enter the password as usual again.
- + Added Number of allowed submission attempts option. The maximum number of submission attempts until the IP lock is triggered and the form cannot be bypassed anymore, even with the correct password.
- + Added Blocking time in seconds option. Blocks the IP address for the selected time span. Default value: 3600 seconds (corresponds to 1 hour).
Version 4.1.2.0-PRO - 2023-03-09
- + Added Disable replacement in editor option. With this option, you may disable replacing the syntax in editor view in the front end for signed-in users. Use this option if you are working on articles in the front end and the syntax is being removed due to the wrong context in the edit view. Note: This option is only available for signed-in users from the allowed group list and if the safe mode is disabled. Thanks to Freddy B. for requesting this feature!
- ^ Optimised the syntax removal functionality from version 4.1.1.0-PRO. If the safe mode is enabled, the removal is always triggered. Additionally, added user status and editor checks.
Version 4.1.1.0-PRO - 2023-01-20
- + Improved the syntax removal if the content was not loaded in the content context, e.g. feed or search. Thanks to Haven for reporting it!
Version 4.1.0.0-PRO - 2023-01-06
- Increased technical requirements for Joomla! 4: Increasing Technical Requirements - Core & PHP for Joomla! 4 Pro Extensions
- + Added
Password Protection Rules feature. This option protects the replacement text with a password by pre-defined rules with a unique hash. The replacement text is loaded from an assigned, unpublished article. A hash is generated to map the password rule in the article, which protects sensitive data even if the article is loaded directly from the database (e.g. via a third-party extension). The password cannot be derived from the hash. You may use the following syntax to load the password form at the desired position in the article:
[ecr]HASH[/ecr]
- ^ Code optimisations
Version 4.0.7.0-PRO - 2022-11-16
- + Added Confirmation Mode. In this mode, you can request confirmation from the visitor to load the content. This is especially useful if you want to load external sources concerning data privacy, e.g. Iframes of YouTube videos or Google Maps, which do not have to be additionally protected by a password.
[ecr|confirmation]<iframe ....></iframe>[/ecr]
- You may overwrite the default confirmation headline and text by adding a third and fourth parameter to the syntax (see example in the Password Mode) or by language overrides for the language constants
PLG_SYSTEM_EASYCONTENTRESTRICTION_CONFIRMATION_HEADLINE
andPLG_SYSTEM_EASYCONTENTRESTRICTION_CONFIRMATION_TEXT
. - Thanks to Ufuk A. for suggestion this feature!
Version 4.0.6.0-PRO - 2022-09-04
- + Added Pro Security Token validation check. The Pro package contains a token file with an individual security token linked to the user account and checked against the validation server for authenticity.
- ^ Multiple internal code optimisations.
Version 4.0.5.0-PRO - 2022-01-07
- + Added Remember successful password inputs option - Successful password entries are stored in the user's session, and the password does not have to be entered again as long as the session is active. You can use this to protect dynamic content, such as forms.
Version 4.0.4.0-PRO - 2022-01-05
- + Blur mode - The blur mode shows a blurred version using CSS instructions of the original text instead of removing it entirely. The text is replaced with random characters on the server and is never recoverable in the browser.
- + Allowed HTML tags in blur mode - The tags entered are retained; all others are automatically removed with the entire content. It is helpful for links, images or other media files that you do not want to disclose.
- # Full article text is created and used in the category context
Version 4.0.3.1-PRO - 2021-12-06
- ^ "Safe Mode" functionality is only applied in the frontend, not in the backend anymore. Thanks to Christoph W. for reporting it!
Version 4.0.3.0-PRO - 2021-11-27
- + Added third parameter in Password Mode to allow individual headings. Thanks to Elisa F. for requesting it!
Version 4.0.2.0-PRO - 2021-11-15
- + Added the built-in Download Key Manager support to enter your Pro Update ID without installing the update helper plugin.
Important: Please copy your personal Pro Update ID using the second copy button in the Pro ID Manager and enter the key in System - Update - Update Sites - Select the entry of the Pro extension and enter the ID into the Download Key field. - ^ Code optimisations
Version 4.0.1.0-PRO - 2021-09-24
- ^ Added Multiple passwords option. With this option, you may define multiple passwords for content protection. Use the following syntax to enable the multiple passwords functionality: [ecr|multiple]Hidden text[/ecr]. Thanks to Huibert de J. for requesting it!
Version 4.0.0.1-PRO - 2021-09-07
- ^ Added the the generic context "text" for the onContentPrepare event. Thanks to M.Nick for reporting it!
Version 4.0.0.0-PRO - 2021-08-22
- + First Pro release for Joomla! 4.x based on ECR Pro version 3.7.3.0-PRO
- ^ Updated template files to Bootstrap 5 syntax
- ^ Changed event trigger for the debug output from onBeforeCompileHead to onBeforeRender
- ^ Added a fallback to retrieve required parameters for the pages protection
Version 3.7.8.0-PRO - 2022-11-16
- + Added Confirmation Mode. In this mode, you can request confirmation from the visitor to load the content. This is especially useful if you want to load external sources concerning data privacy, e.g. Iframes of YouTube videos or Google Maps, which do not have to be additionally protected by a password.
[ecr|confirmation]<iframe ....></iframe>[/ecr]
- You may overwrite the default confirmation headline and text by adding a third and fourth parameter to the syntax (see example in the Password Mode) or by language overrides for the language constants
PLG_SYSTEM_EASYCONTENTRESTRICTION_CONFIRMATION_HEADLINE
andPLG_SYSTEM_EASYCONTENTRESTRICTION_CONFIRMATION_TEXT
. - Thanks to Ufuk A. for suggestion this feature!
- ^ Multiple internal code optimisations.
Version 3.7.7.0-PRO - 2022-01-05
- + Added Remember successful password inputs option - Successful password entries are stored in the user's session, and the password does not have to be entered again as long as the session is active. You can use this to protect dynamic content, such as forms.
Version 3.7.6.0-PRO - 2022-01-04
- + Blur mode - The blur mode shows a blurred version using CSS instructions of the original text instead of removing it entirely. The text is replaced with random characters on the server and is never recoverable in the browser.
- + Allowed HTML tags in blur mode - The tags entered are retained; all others are automatically removed with the entire content. It is helpful for links, images or other media files that you do not want to disclose.
- ^ "Safe Mode" functionality is only applied in the frontend, not in the backend anymore. Thanks to Christoph W. for reporting it!
- # Full article text is created and used in the category context
Version 3.7.5.0-PRO - 2021-11-26
- + Added third parameter in Password Mode to allow individual headings. Thanks to Elisa F. for requesting it!
Version 3.7.4.0-PRO - 2021-09-22
- + Added Multiple passwords option. With this option, you may define multiple passwords for content protection. Use the following syntax to enable the multiple passwords functionality: [ecr|multiple]Hidden text[/ecr]. Thanks to Huibert de J. for requesting it!
Version 3.7.3.1-PRO - 2021-09-07
- ^ Added the the generic context "text" for the onContentPrepare event. Thanks to M.Nick for reporting it!
Version 3.7.3.0-PRO - 2021-07-23
- + Pages Protection - This option protects certain pages from being accessed with a password. The content of such protected pages is loaded only after entering the correct password. You can specify the pages to be protected via internal parameters. These parameters can be determined using the integrated debug mode. Thanks to BaseTrix for requesting this feature!
Version 3.7.2.1-PRO - 2021-07-11
- # Optimised system cache handling (Global Configuration - System - System Cache - Conservative/Progressive Caching)
Version 3.7.2.0-PRO - 2021-06-14
- ^ Maintenance release
- ^ Changed the version number specification. The first number stands for the supported major Joomla! version. The following three numbers follow the Semantic Versioning Specification (SemVer), as it used to be previously.
- ^ Updated custom field
- ^ Code optimisations
Version 3.7.1-PRO - 2021-02-10
- ^ Added some additional type checks for core trigger events since many 3rd party extensions call them incorrectly with wrong types, leading to errors as ECR uses strict types internally.
Version 3.7.0-PRO - 2021-01-25
- + Global Syntax Protection - With this option, the content syntax is checked in the complete HTML output code, not only in the content component. Thus you may protect parts of the content on the entire website, e.g. in 3rd party components or modules.
Version 3.6.1-PRO - 2021-01-07
- ^ Maintenance release
- ^ Updated language files and custom field
- ^ Code optimisations
Version 3.6.0-PRO - 2020-03-11
- First release with increased technical requirements: Increasing Technical Requirements - Joomla! Core & PHP for Pro & Free Extensions
- + Global Password Protection - You may enable global protection for the complete website. In this mode, the plugin stops the execution of the application and shows a password input field. Visitors have to enter the global password to be able to load the content of the website.
- + New option: Global password
- + New option: Execution location - Enables the password protection in the frontend, backend or both
- ^ Changed plugin type from "content" to "system"
Version 3.5.2-PRO - 2019-09-22
- + New option: Allowed Groups - Password Mode - User groups that are allowed to access the hidden text without a password if the Password Mode is used. Thanks for the request to Meschkam!
Version 3.5.1-PRO - 2019-08-16
- + Multilingual Replacement Text - You may use a language override constant to allow a multilingual output in the option "Replacement Text"! Enter a self-defined constant into the option field in the settings of the plugin and then create your translations for this constant in Joomla!'s Language Manager. Thanks to Stefan O. B. for this suggestion!
Version 3.5.0-PRO - 2019-04-28
- + First Pro release based on ECR version 3.4.2
Version 3.6.0.1-FREE - 2022-04-20
- # Fixed incorrect reference to the content plugin group. Thanks to Josef K. for reporting it!
Version 3.6.0.0-FREE - 2022-04-12
- ^ Maintenance release
- ^ Changed plugin type from "content" to "system". Please uninstall the content plugin manually if installed previously!
- ^ Changed the version number specification. The first number stands for the supported major Joomla! version. The following three numbers follow the Semantic Versioning Specification (SemVer), as it used to be previously.
- ^ Updated custom field
- ^ Added the the generic context "text" for the onContentPrepare event
- ^ Code optimisations
- # Optimised system cache handling (Global Configuration - System - System Cache - Conservative/Progressive Caching)
Version 3.5.0-FREE - 2020-03-12
- First release with increased technical requirements: Increasing Technical Requirements - Joomla! Core & PHP for Pro & Free Extensions
- + Multilingual Replacement Text - You may use a language override constant to allow a multilingual output in the option "Replacement Text"! Enter a self-defined constant into the option field in the settings of the plugin and then create your translations for this constant in Joomla!'s Language Manager.
- + New option: Allowed Groups - Password Mode - User groups that are allowed to access the hidden text without a password if the Password Mode is used.
- ^ Code Optimizations
- ^ Updated Language Strings
- ^ Updated Custom Fields
Version 3.4.3 - 2019-06-23
- + Custom Field - Pro Button
- ^ Updated project page URL
Version 3.4.2 - 2018-07-26
- ^ Changed replacement function to improve performance and avoid limit error "regular expression is too large at offset x" if the article text is too long - Thanks to Kirstin G. for reporting it!
- ^ Updated Custom Field
- ^ Code Style Optimization
Version 3.4.1 - 2017-08-14
- ^ Updated custom field krtitle to 3.3.0
- # User group ID was not handled properly which could lead to a wrong behavior under certain circumstances (if access right was set to guest or public in the global settings) - Thanks to Laurents M. for reporting it!
Version 3.4.0 - 2016-08-21
- + Notification Message - If the password is incorrect, then a notice message is displayed to inform the user.
Version 3.3.0 - 2016-07-22
- + Password Mode - Protects the content with a password! No user account required to load the content - just the correct password.
- ^ Code optimizations
- ^ Custom Field
Version 3.2.0 - 2015-07-31
- + Donation Code Validation Process - Improved the validation process with a new server (HTTPS request) plus an independent, separated fallback server (HTTP request).
https://check.kubik-rubik.de/
http://check.kubik-rubik.eu/
https://downloads.kubik-rubik.de/
Version 3.1.0 - 2015-06-30
- + Project page - Added project page on the official website for this extension
- + Update Server - Added the Joomla! core functionality for the update checks
- + Some code optimizations
- ^ Semantic versioning - Switched to semantic versioning, see http://semver.org/ for more details. Please update manually since the core update server functionality will not recognize the new version!
- ^ Updated Donation Code field - Uses the HTTP API for the requests and calls the check script via HTTPS
- ^ Links in the language files - Updated outdated links to the JED (Joomla! Extensions Directory)
- ! Removed Version Check field
Version 3-2 - 2014-07-03
- + Special treatment of @ character - the @ character can be used in the hidden text
Version 3-1 - 2013-12-14
- + First free, public version for Joomla! 3.x
Version 2.5-2 - 2014-07-03
- + Special treatment of @ character - the @ character can be used in the hidden text
Version 2.5-1 - 2013-12-14
- + First free, public version for Joomla! 2.5
Version 2.5-1 DEV-2013-10-04
- + Toggle selection - with the toggle function you may toggle the ID selection. It means that the selected groups are not allowed to see the hidden text. This is for example very useful if you want to show a advertising banner or some extra information for visitors who are not in a specified user group (e.g. VIP users). Please read the description in the plugin how to use the toggle as a parameter in the syntax call!
- ^ Optimized the user group determination - removed the loading of inherited groups
- ^ Updated version check, donation code and krtitle fields
Version 2.5-1 DEV-2013-06-07
- + This is the first public test release. The language files are incomplete, also the description is very minimal but the functionality is fully implemented. Check the short description to see how to use the plugin. In fact, it is very simple: enter the described syntax in your articles to hide text from unauthorized groups. The plugin uses the unusual syntax with square brackets, not curly brackets, due to security reasons. Extensions, like the search component, remove plugin calls before they call the trigger. If the syntax is removed, the plugin can not be executed and the hidden text could become visible. Square brackets are not recognized as the typical plugin syntax and the plugin also works in these cases. The replacement text can be entered in the settings or via the override feature in the syntax. You may use HTML tags (e.g. to set a link to the registration page etc.). There is also a safe mode which completely hides the text when the article is not called from the content component (e.g. search component or modules). Use the options of the plugin to set global settings and the override functionality to set local settings. Additionally, you may allow access to the hidden text passages to certain users by adding their user IDs into the settings. Enter the IDs separated by commas. Please report any bugs or send me your feature request via the contact form!
Download
Overview of all downloads of the extension: ECR - Easy Content Restriction Downloads