Login form fails after login

Issues related to the Login tools of WYSIWYG Web Builder.
Forum rules
PLEASE READ THE FORUM RULES BEFORE YOU POST:
viewtopic.php?f=12&t=1901

MUST READ:
http://www.wysiwygwebbuilder.com/login_basics.html
http://www.wysiwygwebbuilder.com/login_tools.html

TIP:
A lot of information about the login tools can be found in the help/manual.
Also checkout the demo template that is include with the software.
Post Reply
User avatar
alex4orly
 
 
Posts: 632
Joined: Mon Jan 20, 2014 8:17 am
Location: Australia
Contact:

Login form fails after login

Post by alex4orly »

Hello,

I have used it in the past but trying to use it again, it fails.

I have a Login form, and depending on the user visiting the first time, I am trying to redirect them to the Edit profile page to force them to change the password.

Here is partial code of the login form, followed by the partial code of editprofile.php, in RED is the section the causes it to fail, why?

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['form_name']) && $_POST['form_name'] == 'loginform')
{
$success_page = './PreviousNewsletters.php';
$error_page = './editprofile.php';
$database = './memberslogin.php';
$crypt_pass = md5($_POST['password']);
$found = false;
$fullname = '';
$session_timeout = 600;
if(filesize($database) > 0)
{
$items = file($database, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($items as $line)
{
list($username, $password, $email, $name, $active) = explode('|', trim($line));
if ($username == $_POST['username'] && $active != "0" && $password == $crypt_pass)
{
$found = true;
$fullname = $name;
}
}
}

And here below is the editprofile.php - it fails on this : if (!isset($_SESSION['username'])) - as if it doesn't know about the variable username.
I tried even adding at the top of the page : <?php echo $username; ?>, that didn't help me either...

<?php
if (session_id() == "")
{
session_start();
}
if (!isset($_SESSION['username']))
{
$accessdenied_page = './denied.html';
header('Location: '.$accessdenied_page);
exit;
}
User avatar
Pablo
 
Posts: 21575
Joined: Sun Mar 28, 2004 12:00 pm
Location: Europe
Contact:

Re: Login form fails after login

Post by Pablo »

Note that $_SESSION['username'] is only valid when the user has successfully logged in.
User avatar
alex4orly
 
 
Posts: 632
Joined: Mon Jan 20, 2014 8:17 am
Location: Australia
Contact:

Re: Login form fails after login

Post by alex4orly »

OK, I want to force the user to change the password
So - if I direct hem to a Failed page, if I try to call in that page through a button click the Edit Profile form
When I try editing the details of that user - it tells me that a username is already in the database, so how can I edit that user?
User avatar
Pablo
 
Posts: 21575
Joined: Sun Mar 28, 2004 12:00 pm
Location: Europe
Contact:

Re: Login form fails after login

Post by Pablo »

There is no standard solution for this functionality, you will need to modify the script yourself.
Unfortunately I cannot help you with programming because for me it may also take several hours to implement this.
User avatar
alex4orly
 
 
Posts: 632
Joined: Mon Jan 20, 2014 8:17 am
Location: Australia
Contact:

Re: Login form fails after login

Post by alex4orly »

Hello again,

I followed your hint and redirected the user in the first visit after successfully logging in with initial password.
I redirected him to the Edit profile page and that works fine now, but when clicking the "Save" the form shows an error - username already exists, but it saves the changes I made successfully - it seems a contradiction here?
User avatar
Pablo
 
Posts: 21575
Joined: Sun Mar 28, 2004 12:00 pm
Location: Europe
Contact:

Re: Login form fails after login

Post by Pablo »

Maybe you have edited the code of 'Edit Profile' and made a mistake?
When implementing advanced functionality like this it is important to fully understand how the code works. Even the smallest modification can have a major effect on the behavior of the script.
User avatar
alex4orly
 
 
Posts: 632
Joined: Mon Jan 20, 2014 8:17 am
Location: Australia
Contact:

Re: Login form fails after login

Post by alex4orly »

Hello,

I have two forms, login.php and editprofile.php.
When I use them out of the box, all works just fine, but - I want to force the user on their first visit to change the initial password I have assigned to them.

So, on onClick of the button in login form, I call a JS function (see listing below). It follows the function and brings up a pop-up message telling the user to change his details, but instead of redirecting him to the editprofile.php page it brings up the failed screen

Why? you can see it at : http://www.semac.org.au/login.php - use 61178 for both input fields

<script type="text/javascript">
function checkPassword()
{
if (loginform.username.value != loginform.password.value)
{
window.location.href='http://www.semac.org.au/PreviousNewsletters.php';
}
else
{
if (loginform.username.value == loginform.password.value)
{
alert('The Password you used is just for first time visitors\rPlease change it and fill in the other details.\r Once you Submit changes - Log in again');
window.location.href='http://www.semac.org.au/editprofile.php';
}
}
}
</script>
maxime
 
 
Posts: 117
Joined: Sat Apr 02, 2011 6:15 pm
Contact:

Re: Login form fails after login

Post by maxime »

use 61178 for both input fields
do not work we have a wrong password message on a denied page.
User avatar
alex4orly
 
 
Posts: 632
Joined: Mon Jan 20, 2014 8:17 am
Location: Australia
Contact:

Re: Login form fails after login

Post by alex4orly »

Hello,

Sorted it out - the following is how I changed the PHP code and it works fine

Thanks for trying to help me

if (md5($_POST['username']) == $crypt_pass)
{
header('Location: '.$editpage);
exit;
}
else
{
header('Location: '.$success_page);
exit;
}
Post Reply