rado
Posts: 221
|
| Posted: 04/15/2009, 2:47 PM |
|
I have page that contains just one files (user_login). The user has to enter his/her login name (which is actually email address) and clicking submit button I will send the user's password by email. What I need is to verify that entered user_login is registered in database and proceed with request. If user doesn't exist I will redirect to separate page with message that user is not registered. Here is what I did in order to verify that user exist, but it doesn't work.
========================================================================
$u_login = $Container->user_login->GetValue();
$db = new clsDBinternet();
$SQL = "SELECT * FROM users WHERE user_login ='$u_login'";
$db->query($SQL);
$Rresult = $db->next_record();
$Rlogin = $db->f(0);
$db->close();
if(!$Rresult){
global $Redirect;
$Redirect= "no_user_msg.php";
}
==========================================================================
Thanks for help.
Rado
|
 |
 |
Gena
Posts: 591
|
| Posted: 04/15/2009, 2:55 PM |
|
try
$SQL = "SELECT * FROM users WHERE user_login ='" . $u_login . "'";
_________________
Gena |
|
|
|
datadoit
|
| Posted: 04/15/2009, 3:03 PM |
|
Also recommend getting used to using CCToSQL() to help avoid SQL injections.
$SQL = "SELECT * FROM users WHERE user_login = " .
CCToSQL($Container->user_login->GetValue(), ccsText);
While it doesn't necessarily apply here, if your mind is programmed to
always use it, then you'll not worry so much about it.
Another tip: If you're using $Redirect, recognize that code that occurs
-after- the $Redirect will still run until you reach the end of the
function (Before Show, Before Build Select, etc.). Hence I'd suggest using
header("Location:..."); exit;
instead.
|
|
|
|
rado
Posts: 221
|
| Posted: 04/15/2009, 3:08 PM |
|
Thanks Gena,
No it doesn't work. By the way I'm using "On click" Submit button event (custom code). Is that correct, or I should use something else.
Rado
|
|
|
|
rado
Posts: 221
|
| Posted: 04/15/2009, 3:16 PM |
|
Datadoit
Thanks for reply. Since I never did before something that you explained (Second tip), are you able, based on my code here to give me an example. I would like to know this since my funcion "On click" contains 4 custom codes and all of them will be executed (as you said).
Rado
|
|
|
|
Gena
Posts: 591
|
| Posted: 04/15/2009, 3:17 PM |
|
I use OnValidate event. Look below my code "Send new password", so user needs to enter his email address and press button.
emailrecord_OnValidate
global $Redirect;
$db = new clsDBxxx();
$EMAIL=$emailrecord->email->GetText();
$SQL = "SELECT user_login, user_password, user_id "
."FROM users "
."WHERE email=" . $db->ToSQL($EMAIL,ccsText);
$db->query($SQL);
if($db->next_record())
{
$userid = $db->f("user_id");
SetNewPassword($userid);
$Redirect = "LostPasswordOK.php";
} else {
$Redirect = "LostPasswordNO.php";
}
$db->close();
_________________
Gena |
|
|
|
rado
Posts: 221
|
| Posted: 04/15/2009, 4:09 PM |
|
Gena,
If I use your example, my "submit" button shouldn't have any additional event? Is that correct?
Instead of adding "on click" event to Submit button , I should set custom code for "On validate" event for my record (not for field itself) Is this correct?
Rado
|
|
|
|
Gena
Posts: 591
|
| Posted: 04/15/2009, 4:13 PM |
|
yes
and
yes, on validate for the whole Record
_________________
Gena |
|
|
|
rado
Posts: 221
|
| Posted: 04/15/2009, 7:49 PM |
|
Gena
What "SetNewPassword($userid);" suppose to do? When I run page I got this error:
"Fatal error: Call to undefined function: setnewpassword() in ........."
Thanks,
Rado
|
|
|
|
rado
Posts: 221
|
| Posted: 04/15/2009, 8:32 PM |
|
Thanks,
I solved this by creating new variable which value will be user_password returned from SQL query.
Rado
|
|
|
|
Gena
Posts: 591
|
| Posted: 04/15/2009, 10:37 PM |
|
I have posted just an example of my procedure, SetNewPassword() is my own function.
Of course you need to accomodate this code for your needs.
_________________
Gena |
|
|
|
damian
Posts: 838
|
| Posted: 04/16/2009, 2:40 AM |
|
i use an external file to do this:
http://forums.codecharge.com/posts.php?post_id=85761&s_...forgot+password
_________________
if you found this post useful take the time to help someone else.... :)
|
|
|
|
rado
Posts: 221
|
| Posted: 04/16/2009, 5:34 AM |
|
Hi Damian,
How did you use external file. I'm wondering more generally. Did you have an empty page in CCS and then inserted whole file that you mentioned as "custom code". I just assume.???
How does it work - using external script with CCS?
Thanks,
Rado
|
|
|
|
damian
Posts: 838
|
| Posted: 04/16/2009, 6:43 AM |
|
I add a label in my ccs page - called {password} in this example and add
BeforeShow->CustomCode as follows:
$output = implode("", file("http://mywebsite.com/password.php?email=".$email));
$password->SetValue($output);
_________________
if you found this post useful take the time to help someone else.... :)
|
|
|
|
rado
Posts: 221
|
| Posted: 04/16/2009, 7:08 AM |
|
Thanks Damian,
Rado
|
|
|
|
