Known Participant

Question

How and where to add code to login page

Forum|Forum|16 years ago
September 29, 2009
3 replies
2756 views

I have a login page which uses the Dreamweaver Login Behavior. I want to add code to:

Check the status of the person loging in (status is the last field in the mySQL authentication table).

a. If the person is already logged in, display an error message, and reject the attempt.

b. If the person is NOT currently logged in, set his status accordingly, and log him in.

Since the behavior is generated code, and well above my head, I don't know what code to enter, and where to enter it. Here's the code for the form:

<?php require_once('Connections/login.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }
  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "WOTCPg1.php";
  $MM_redirectLoginFailed = "loginerror.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_login, $login);
  
  $LoginRS__query=sprintf("SELECT UserID, Password FROM authentication WHERE UserID=%s AND Password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $login) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;       
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; 
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascript">
function setFocus()
{
document.getElementById("username").focus();
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Log-in to IOD</title>
<style type="text/css">
<!--
#apDiv3 {
 position:absolute;
 left:5px;
 top:101px;
 width:760px;
 height:612px;
 z-index:2;
 font-family: Arial, Helvetica, sans-serif;
 font-size: 14pt;
 font-style: normal;
 line-height: normal;
 font-weight: normal;
 font-variant: normal;
 text-transform: none;
 color: #009;
 text-align: center;
 background-image: url(images/grid_gray.gif);
 border: medium ridge #009;
}
#apDiv1 {
 position:absolute;
 left:94px;
 top:227px;
 width:629px;
 height:282px;
 z-index:3;
 font-family: Arial, Helvetica, sans-serif;
 font-size: 14pt;
 font-style: normal;
 line-height: normal;
 font-weight: bold;
 font-variant: normal;
 text-transform: none;
 color: #009;
 text-align: center;
}
#apDiv2 {
 position:absolute;
 left:178px;
 top:248px;
 width:564px;
 height:254px;
 z-index:3;
 font-family: Arial, Helvetica, sans-serif;
 font-size: 14pt;
 font-style: normal;
 line-height: normal;
 font-weight: bold;
 font-variant: normal;
 text-transform: none;
 color: #009;
 text-align: left;
 border: medium groove #036;
}
#apDiv4 {
 position:absolute;
 left:178px;
 top:245px;
 width:566px;
 height:242px;
 z-index:3;
 border: medium groove #009;
 text-align: center;
 font-family: Arial, Helvetica, sans-serif;
 font-size: 14pt;
 font-style: normal;
 line-height: normal;
 font-weight: bold;
 font-variant: normal;
 text-transform: capitalize;
 color: #009;
}
.SubmitButton {
 color: #009;
}
-->
</style>
</head>
<body onLoad="setFocus()" >
<span style="position:absolute; left:3px; top:2px; width:758; height:89;"><img src="sitebuilder/preview/sitebuilder/clipart/bars/regular/horizontal/sleekLines_blue.gif" width="760" height="90" alt="" /></span>
<div id="e2" style="position:absolute; left:13px; top:14px; width:670px; height:32;"><span class="text"><b><span style="font-size: 22px"><font color="#FFFFFF">Sign-in to Information On Demand</font></span><font color="#FFFFFF" size="4"><span style="font-size:22px;line-height:26px;"><br soft="soft" />
</span></font></b></span></div>
<div id="apDiv3">
  <p><span style="text-align: center; text-decoration: underline; color: #009; text-transform: capitalize; font-variant: normal; font-weight: bold; line-height: normal; font-style: normal; font-size: 18pt; font-family: Arial, Helvetica, sans-serif;">Customer Sign-In</span><span style="position:absolute; left:12px; top:23px; width:151px; height:65;"><img src="sitebuilder/images/redInfoOnDemandLogo-150x65.jpg" width="149" height="65" alt="" /></span></p>
</div>
<div id="apDiv4">
<form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">
    <p>     </p>
    <p>User Name:<br /><input name="username" type="text" id="username" tabindex="1" size="30" maxlength="30" />
    </p>
    <p>User's Password:<br />
      <input type="password" name="password" id="password" tabindex="2" />
    </p>
    <p>
      <input name="submit" type="submit" class="SubmitButton" id="submit" tabindex="3" style="color:#009; font-weight:bold" value="Sign-in" />
   <input type="reset" name="reset" id="reset" value="Reset" tabindex="4" style="color:#009; font-weight:bold">
    </p>
  </form>
</div>
<br />
</div>
</body>
</html>

Here's the code for the script "included" in the first line of the page:

<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_login = "localhost";  // Change to "mysql" when uploaded to Yahoo
$database_login = "infoondemand";
$username_login = "root";   // Change to "creacontech" when uploaded to Yahoo
$password_login = "raisin4312";
$login = mysql_pconnect($hostname_login, $username_login, $password_login) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

Could someone help me with this? I'd very much appreciate any assistance.

Server side applications

This topic has been closed for replies.

creacontechAuthor

Known Participant

There's no sense in beating a dead horse. We've pretty much chased this problem as far as it can go, so thanks everyone for the help

Lon_Winters

Inspiring

I guess I'm not clear on why a database field needs to be checked to see if the user is logged in or not. This can be done very easily just by checking for the existence of the session variable that DW created when someone logs in using the standard behavior. What am I missing?

creacontechAuthor

Known Participant

I should have warned you ealier that I don't know PHP very well, but if I can help nail down the process then hopefully one of the PHP experts can jump in.

I'm still a little fuzzy on what is going on. If Susie and Rodunda both have their own UserIDs and Passwords, then they can both be logged in at the same time, insert records til their hearts content and there will be abolutely no confict at all. The only issue here that may present a problem is if one of them attameps to update a record while the other one is looking at it, or getting ready to make their own modifications.

Also, if Susie and Rodunda have their own user accounts with their own credentials, how is it that one would try to log in using the others' credentials?

At any rate, and hopefully to get closer to a solutions for you, When a user is successfully authenticated, the session variable MM_Username is created. So, simpy by checking for the existence of this session variable can tell you if that use is logged in or not. This check can be placed before any of the login script so that it doesn't interfere with the behavior generated code. And you can choose what to do depending on the condition that exists - such as redirecting immediately to another page, or displaying or hiding a certain region on the page.

Keep in mind that when the page first loads, thel login code is placed in an IF statement that checks the form action, so at first it's ignored and loads the form. When the form is submitted, the IF conditino is met and the code executes. To update the database with a "Logged in or out" value, you first have to place a recordset just after the IF statement that checks the form action, wirte another IF statement to check the value of the field, and then redirect to a logout page or continue with the login.

If you continue with the login, you'll need an Update statement to change the field in the database just before the successful redirect. If you've redirected to a log out page, you'll also need s similar update statement there.

To write the recordset code, you can use DW's wizard and just move the code to where it needs to go. But the DW's update code depend on predeifned recordsets and form actions, so you'll need to find a script or hand code it, I wouldn't recommend trying to use DW's code and then modify it.

So, what do you think, are we getting closer?

YUP! We're getting a lot closer, but I guess I used a poor example. And maybe it's my 50 years experience giving me a tendency toward paranoia. I think, for want of a better example, maybe here's more like what I had in mind, Susie and Rodunda are working away. Susie gets up to go to the ladies room, leaving here computer logged in. So Betty Broadbeam, who doesn't have her own login, but decides to help out, and sign in with Susie's information. I know it's kind of far fetched, but while I can't remember the actual events, I can remember cases where this protection wasn't afforded and people ended up having the same record updated by two different people, and the last one in wins.

That said, thank you again for your input; it's most appreciated, and you did, in fact, put a blessing on where I was sort of figuring that the code should be. You mentioned, however, about using DW's wizard for writing the code; where is this guy, and how do I find him?

creacontechAuthor

Known Participant

PLEASE, someone help me with this problem. The "authentication" table also has a customer id field "CustID", that I need to pass via session variables, to the succeeding pages, in order for them to access the customer and applicant tables. I've tried to add code to the (DW Generated code) above, but every time I do, the Dreamweaver "Server Behaviors" panel duplicates the behavior, and I get error messages indicating that DW can't tell which one to use. For example:

First, I added CustID to the SELECT line as follows:

  $LoginRS__query=sprintf("SELECT UserID, Password, UserLevel, CustID FROM authentication WHERE UserID=%s AND Password=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

and that didn't cause any problems yet. But then when I added a line to fetch the field:

    $loginStrGroup  = mysql_result($LoginRS,0,'UserLevel');
 $custid   = mysql_result($LoginRS,0,'CustID'); // this is the line that I added

the server behavior panel showed duplicate "Log In User" entries, and I got the error message. I also tried other code, such as:

  $arrLogin=mysql_fetch_assoc($LoginRS);
  $custid  = $arrLogin[CustID];

but that gave me the same result. I then tried to edit the behavior, but when I selected that from the behavior panel plus sign drop menu, the "Server Behaviors" box was empty, and wouldn't accept anything, and the "Edit" & "Remove" buttons were greyed out.

What can I do to make this work?

bregent

Participating Frequently

>I've tried to add code to the (DW Generated code)

>above, but every time I do, the Dreamweaver "Server

>Behaviors" panel duplicates the behavior, and I get

>error messages indicating that DW can't tell which

>one to use.

That's the problem with server behaviors. Once you modify them, it can confuse DW. The server behaviors usually don't provide enough functionality for me to be really useful, and modifying them causes problems. So I usually code by hand.

creacontechAuthor

Known Participant

That's the problem with server behaviors. Once you modify them, it can confuse DW.

Well that answers a lot of questions in my mind, and removes a lot of my confusions.

The server behaviors usually don't provide enough functionality for me to be really useful, and modifying them causes problems. So I usually code by hand.

I could agree with that if I were experience enough to correctly write the manual code. The fact that I'm a dunce learner entices me to use generated code when it's available.

The fact is that when DW started giving me these problems, I tried to code it myself and failed miserably. I cut an pasted code I found on various helpful websites, such as w3schools, homeandlearn, html-form-guide and others. I must have tried dozens of these, but non of them worked.

In any event, after correcting some glaring errors, now when I run the login page, everything seems to work OK in the browsers, so I guess it doesn't matter that the behavior panel is screwy.

Thanks for the reply, however. At least you've put a blessing on what's happening, and I appreciate it.

creacontechAuthor

Known Participant

My discovered solution to my "Rock and Hard Place" question partly answered this one as well. However, I still need to know where, what kind & how to add code to change the status field in my login database from "Out" to "In" on login, so that someone else can't login with the same user/password until the one loged in logs out. Then, of course visa versa on logout.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded