How to use a user's loginID on subsequent pages?

Great reply David as always, and I'm having the same problem, but . .

I've tried everything I can think of:

When you use DW's Login In User it sets 2 session variables:

    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;

It then brings up the page that you request:

  $MM_redirectLoginSuccess = "UpdateProfile1.php";
  $MM_redirectLoginFailed = "LoginAgain.php";

However, when you get to that page you don't have the password that the user keyed because they didn't save it in a session variable.

Worse yet DW won't let you modify the the PHP to save the UserID (unique based on Email and Password) in a $_SESSION['MM_UserID].  It generates another "Log In User" if you modify the PHP.

Bottom line is when you get to the Success or Failed page you just know the $_SESSION['MM_Username'], whether it was successful or failed and you know $_SESSION['MM_UserGroup'] (which I may never use).

I even tried to capture it on the login form with:

<td><input name="password" type="text" maxlength="25" id="trypw" onchange="setpw()"/></td>

but can't because the Submit takes precedence over the onchange.

I need to know the Password or the UserID but can't get at either.  Help please.

On the success page, you have $_SESSION['MM_Username']. Use it to create a recordset containing all the details of the person who has just logged in. You can do this with the simple recordset dialog box exactly as explained in the FAQ item I pointed to before.

Thanks for the reply David. I'll give it a try in the next couple of days and see if it works.

steve

Thanks for your help David and I finally got it to work. I tried the original instructions you provided and it still wouldn't work although they seemed like they should. That's when I thought that something else must be wrong. After I made several changes, your instructions worked just fine.

Several things I learned to get this to work correctly.

1. The success page needs to have an access restriction placed on it otherwise the session variables don't appear to be available. That's because without restricting access, the session_start() function never executes.

2. I added an echo statement after the initial query is constructed to see what the actual query was. At first, I was seeing all the correct select statements but it was listing where col1=-1 rather than the login name that was collected on the login page. As a result, it was returning nothing since colname=-1 has no value in the table.

3. I decided to change the session path in php.ini and pointed it to C:/temp/ instead of where it was pointing (which was C:/wamp/tmp). I think that it's possible the path should have read C:/wamp/tmp/ (the trailing / was missing). I restarted all the services for the change to take effect.

4. I noticed that when I added the echo statement right after the query statement (mentioned above in item 2) that the record set disappeared from the DW panel although the Restrict Access behavior was still listed in the panel. Didn't realize it, but when inserting any code that was not part of the original record set code DW inserted in the page, it blanks out the recordset name in the panel. Once I removed the echo statement, the behavior reappeared in the panel.

5. After I removed the echo statement to see the original record set in the panel again, I decided to remove it and redo the query from scratch. Then I inserted an echo statement again after the query and this time it showed the correct value for col1. This meant it finally had the session variable from the login page and would work correctly so I removed the echo statement to get the behavior to show back up in the panel.

6. I edited php.ini again and changed the session path back to c:/wamp/tmp/ and restarted all services. Then I tested the page and it worked correctly.

7. I added some code in a div to view the results of the recordset as follows:

<?php echo 'Welcome, ' . $row_clientInfo['first_name'] . ' ' . $row_clientInfo['last_name']; ?>

It worked correctly.

Conclusion:  For sure, your answer to how to solve this problem is correct and was what I needed to do, but after initial testing it still didn't work. I think that it was me pointing the session path to a different place and adding the slash at the end that could have been what allowed your example to finally work. Then again, it could've been removing all the initial recordset query code and redoing it from scratch that could have been the difference. Not sure, but at least it does work.

One thing that I encountered was that when I double-clicked the recordset behavior to edit it to bring back less info (only the first and last name instead of a bunch of other stuff) I noticed that it left the old code still in place so that I had duplicated code. I would think that it should've removed the original query code and replaced it with the changed code rather than leaving both in place. Just an observation.

thanks again David,

Steve

I wrote my own but hate not to use DW's built in functions - - at my stage their's are more bulletproof.

As I (should have) stated earlier UserName is an email address, which in my application may have several users with different passwords.

I have 2 unique keys UserID (auto assigned number) and (UserName, Password)  to access the database and a lot of other profile information.

When the user logs on they only pass UserName back, so if I used DW's Login I would need to make the user rekey Password on the success page to access their profile.

That's why I wrote my own but would gladly back off if DW would set a session variable for UserID.

Thanks again.

NCxplants wrote: When the user logs on they only pass UserName back, so if I used DW's Login I would need to make the user rekey Password on the success page to access their profile. That's why I wrote my own but would gladly back off if DW would set a session variable for UserID.

I don't know how many times I need to repeat this, but all you need to do is use $_SESSION['MM_Username'] on the success page as a filter to create a recordset containing the details of the UserID. As long as the page uses sessions (which it does if you add a Restrict Access to Page server behavior), the session variable will work. Assuming you call the recordset getDetails, all you need to do is add this line after the recordset code:

$_SESSION['UserID'] = $row_getDetails['UserID'];