Agent909
asked on
When server behavior Log In User fails, do what?
I am using the DW Log In User behavior. When the login fails, it redirects to another page. This means I have to write a duplicate of the login page that displays a message to the user that the login failed.
Is it possible to redirect back to the same page and then display a message? If so, what is the syntax and where should it go in the code?
Thanks
Is it possible to redirect back to the same page and then display a message? If so, what is the syntax and where should it go in the code?
Thanks
Jason C. Levine
You can just add a check for failure in the code and set the message in a variable and echo the variable in the HTML.
ASKER
What is the code (syntax) for checking for failure? Sorry, but I'm new to this!
Post your PHP code.
ASKER
Here's the code for the page.
<?php
if (!isset($_SESSION)) {
session_start();
}
?>
<?php require_once('Connections/connTT.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
// *** Redirect if username exists
$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
$MM_dupKeyRedirect="step-1b.php";
$loginUsername = $_POST['user_name'];
$LoginRS__query = sprintf("SELECT user_name FROM customer WHERE user_name=%s", GetSQLValueString($loginUsername, "text"));
mysql_select_db($database_connTT, $connTT);
$LoginRS=mysql_query($LoginRS__query, $connTT) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
//if there is a row in the database, the username was found - can not add the requested username
if($loginFoundUser){
$MM_qsChar = "?";
//append the username to the redirect page
if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
$MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."requsername=".$loginUsername;
header ("Location: $MM_dupKeyRedirect");
exit;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO customer (user_name, user_password) VALUES (%s, %s)",
GetSQLValueString($_POST['user_name'], "text"),
GetSQLValueString($_POST['user_password'], "text"));
mysql_select_db($database_connTT, $connTT);
$Result1 = mysql_query($insertSQL, $connTT) or die(mysql_error());
$insertGoTo = "step-1.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO customer (user_name, user_password) VALUES (%s, %s)",
GetSQLValueString($_POST['user_name'], "text"),
GetSQLValueString($_POST['user_password'], "text"));
mysql_select_db($database_connTT, $connTT);
$Result1 = mysql_query($insertSQL, $connTT) or die(mysql_error());
$insertGoTo = "step-1.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
body {
background-image: url(images/background-3.gif);
}
.directions {
color: #00F;
}
</style>
</head>
<body>
<img src="images/grass-2.jpg" width="968" height="119" alt="grass" />
<div id="heading">
<h1>TrikleTrade.com</h1>
</div>
<div id="join">
<h2>Join Today!</h2>
</div>
<form action="<?php echo $editFormAction; ?>" id="form1" name="form1" method="POST">
<table width="590" border="2">
<tr>
<td width="125">User name</td>
<td width="154"><input type="text" name="user_name" id="user_name" /></td>
<td width="287">Enter a unique user name.</td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="user_password" id="user_password" /></td>
<td>Limited to 12 characters, must be at least 6.</td>
</tr>
</table>
<p>
<input type="submit" name="submit" id="submit" value="Submit" />
</p>
<input type="hidden" name="MM_insert" value="form1" />
</form>
</body>
</html>
That's not the login behavior, that's the add username behavior...is that what you want to check?
ASKER
Oh, that's right. I am actually doing both... username behavior and the login behavior. Here's the code for the login behavior. I think that if I can understand how to check the login behavior, that I can apply the same or similar code to the username behavior.
<?php session_start(); ?>
<?php require_once('Connections/connTT.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
mysql_select_db($database_connTT, $connTT);
$query_getCustomer = "select * from customer;";
$getCustomer = mysql_query($query_getCustomer, $connTT) or die(mysql_error());
$row_getCustomer = mysql_fetch_assoc($getCustomer);
$totalRows_getCustomer = mysql_num_rows($getCustomer);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['user_name'])) {
$loginUsername=$_POST['user_name'];
$password=$_POST['user_password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "main.php";
$MM_redirectLoginFailed = "signin_failed.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_connTT, $connTT);
$LoginRS__query=sprintf("SELECT user_name, user_password FROM customer WHERE user_name=%s AND user_password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $connTT) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>TrikleTrade.com Login</title>
<style type="text/css">
body {
background-image: url(images/background-3.gif);
font-family: Verdana, Geneva, sans-serif;
width: 968px;
}
#failed {
color: #C60;
font-weight: bold;
visibility: visible;
}
</style>
</head>
<body>
<img src="images/grass-2.jpg" width="968" height="119" alt="grass" />
<div id="heading">
<h1>TrikleTrade.com</h1>
</div>
<form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
<table width="357" border="1">
<caption>
Login
</caption>
<tr>
<td width="127">User name:</td>
<td width="214"><input name="user_name" type="text" id="user_name" size="35" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="user_password" type="password" id="user_password" size="35" /></td>
</tr>
</table>
<p>
<input type="submit" name="submit" id="submit" value="Login" />
</p>
</form>
</body>
</html>
<?php
mysql_free_result($getCustomer);
?>ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks again, Jason!