We help IT Professionals succeed at work.

When server behavior Log In User fails, do what?

Agent909
Agent909 used Ask the Experts™
on
I am using the DW Log In User behavior.  When the login fails, it redirects to another page.  This means I have to write a duplicate of the login page that displays a message to the user that the login failed.

Is it possible to redirect back to the same page and then display a message?  If so, what is the syntax and where should it go in the code?  

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jason C. LevineDon't talk to me.

Commented:
You can just add a check for failure in the code and set the message in a variable and echo the variable in the HTML.  

Author

Commented:
What is the code (syntax) for checking for failure?  Sorry, but I'm new to this!
Jason C. LevineDon't talk to me.

Commented:
Post your PHP code.

Author

Commented:
Here's the code for the page.
<?php
if (!isset($_SESSION)) {
	session_start();
}    
?>

<?php require_once('Connections/connTT.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

// *** Redirect if username exists
$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
  $MM_dupKeyRedirect="step-1b.php";
  $loginUsername = $_POST['user_name'];
  $LoginRS__query = sprintf("SELECT user_name FROM customer WHERE user_name=%s", GetSQLValueString($loginUsername, "text"));
  mysql_select_db($database_connTT, $connTT);
  $LoginRS=mysql_query($LoginRS__query, $connTT) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);

  //if there is a row in the database, the username was found - can not add the requested username
  if($loginFoundUser){
    $MM_qsChar = "?";
    //append the username to the redirect page
    if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
    $MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."requsername=".$loginUsername;
    header ("Location: $MM_dupKeyRedirect");
    exit;
  }
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO customer (user_name, user_password) VALUES (%s, %s)",
                       GetSQLValueString($_POST['user_name'], "text"),
                       GetSQLValueString($_POST['user_password'], "text"));

  mysql_select_db($database_connTT, $connTT);
  $Result1 = mysql_query($insertSQL, $connTT) or die(mysql_error());

  $insertGoTo = "step-1.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO customer (user_name, user_password) VALUES (%s, %s)",
                       GetSQLValueString($_POST['user_name'], "text"),
                       GetSQLValueString($_POST['user_password'], "text"));



  mysql_select_db($database_connTT, $connTT);
  $Result1 = mysql_query($insertSQL, $connTT) or die(mysql_error());

  $insertGoTo = "step-1.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
body {
	background-image: url(images/background-3.gif);
}
.directions {
	color: #00F;
}
</style>
</head>

<body>
<img src="images/grass-2.jpg" width="968" height="119" alt="grass" />
<div id="heading">
  <h1>TrikleTrade.com</h1>
</div>

<div id="join">
  <h2>Join Today!</h2>
</div>
<form action="<?php echo $editFormAction; ?>" id="form1" name="form1" method="POST">
  <table width="590" border="2">
    <tr>
      <td width="125">User name</td>
      <td width="154"><input type="text" name="user_name" id="user_name" /></td>
      <td width="287">Enter a unique user name.</td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input type="password" name="user_password" id="user_password" /></td>
      <td>Limited to 12 characters, must be at least 6.</td>
    </tr>
  </table>
  <p>
    <input type="submit" name="submit" id="submit" value="Submit" />
  </p>
  <input type="hidden" name="MM_insert" value="form1" />
</form>
</body>
</html>

Open in new window

Jason C. LevineDon't talk to me.

Commented:
That's not the login behavior, that's the add username behavior...is that what you want to check?

Author

Commented:
Oh, that's right.  I am actually doing both... username behavior and the login behavior.  Here's the code for the login behavior.  I think that if I can understand how to check the login behavior, that I can apply the same or similar code to the username behavior.
<?php session_start(); ?>

<?php require_once('Connections/connTT.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_connTT, $connTT);
$query_getCustomer = "select * from customer;";
$getCustomer = mysql_query($query_getCustomer, $connTT) or die(mysql_error());
$row_getCustomer = mysql_fetch_assoc($getCustomer);
$totalRows_getCustomer = mysql_num_rows($getCustomer);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['user_name'])) {
  $loginUsername=$_POST['user_name'];
  $password=$_POST['user_password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "main.php";
  $MM_redirectLoginFailed = "signin_failed.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_connTT, $connTT);
  
  $LoginRS__query=sprintf("SELECT user_name, user_password FROM customer WHERE user_name=%s AND user_password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $connTT) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>TrikleTrade.com Login</title>
<style type="text/css">

body {
	background-image: url(images/background-3.gif);
	font-family: Verdana, Geneva, sans-serif;
	width: 968px;
}
#failed {
	color: #C60;
	font-weight: bold;
	visibility: visible;
}
</style>
</head>

<body>
<img src="images/grass-2.jpg" width="968" height="119" alt="grass" />
<div id="heading">
  <h1>TrikleTrade.com</h1>
</div>
<form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
  <table width="357" border="1">
    <caption>
      Login
    </caption>
    <tr>
      <td width="127">User name:</td>
      <td width="214"><input name="user_name" type="text" id="user_name" size="35" /></td>
    </tr>
    <tr>
      <td>Password:</td>
      <td><input name="user_password" type="password" id="user_password" size="35" /></td>
    </tr>
  </table>
<p>
    <input type="submit" name="submit" id="submit" value="Login" />
</p>
</form>
</body>
</html>
<?php
mysql_free_result($getCustomer);
?>

Open in new window

Don't talk to me.
Commented:
So for the login, here's the faliure block and redirect:

  else {
    header("Location: ". $MM_redirectLoginFailed );
  }

You would just change that to:

  else {
    $error = "<h1>You suck at logins</h1>";
  }

And in your HTML you would have:

<?php if(isset($error)) { echo $error; } ?>

whereever you want it to show up.

Author

Commented:
Thanks again, Jason!