alfonso
Posts: 121
|
| Posted: 08/20/2008, 2:38 AM |
|
Hi!!
Iīve got a problem with the login page.
I was create a column in my table users, called activation (boolean field, 1->activated, 0->not activated).
I need login page check if the users have activated their account. What i need to do?
thanks.
|
 |
 |
wkempees
Posts: 1679
|
| Posted: 08/20/2008, 4:39 AM |
|
If you do not want to change any of the common login functions:
Login Form redirects to a landing page,
on the tanding page you could CCGetUserID() the logged in user_id
and then CCDLookup() that account,
check for value of field acitvation
and if not activated redirect to
a logout page with text on it explaining what is the matter
You could do this 'earlier' but this is the easier method.
Walter
.
_________________
Origin: NL, T:GMT+1 (Forumtime +9)
CCS3/4.01.006 PhP, MySQL .Net/InMotion(Vista/XP, XAMPP)
if you liked this info PAYPAL me: http://donate.consultair.eu
|
|
|
|
alfonso
Posts: 121
|
| Posted: 08/20/2008, 12:31 PM |
|
Thanks wkempees.
Itīs too hard do it earlier, in the login page?
|
|
|
|
wkempees
Posts: 1679
|
| Posted: 08/21/2008, 5:57 AM |
|
No it is not too hard.
The earliest possible way to do this is to edit the "Common.php".
In your Project Explorer click to expand Common Files.
DoubleClick Common.php (be careful not to edit anything unintentionaly)
Find : //CCLoginUser
Should look something like this:
function CCLoginUser($login, $password)
{
session_unset();
$db = new clsDBInternetDB();
$SQL = "SELECT user_id, group_id, user_password FROM users WHERE user_login=" . $db->ToSQL($login, ccsText) . " AND user_password=" . $db->ToSQL($password, ccsText);
$db->query($SQL);
$Result = $db->next_record();
if ($Result) {
CCSetSession("UserID", $db->f("user_id"));
CCSetSession("UserLogin", $login);
CCSetSession("GroupID", $db->f("group_id"));
}
return $Result;
}
//End CCLoginUser
You will have to change this line
$SQL = "SELECT user_id, group_id, user_password FROM users WHERE user_login=" . $db->ToSQL($login, ccsText) . " AND user_password=" . $db->ToSQL($password, ccsText);
into
$SQL = "SELECT user_id, group_id, user_password FROM users WHERE user_login=" . $db->ToSQL($login, ccsText) . " AND user_password=" . $db->ToSQL($password, ccsText) AND activation=1;
Close/save Common.php and make sure you Publish (F9) all files.
This should work, but you have to pay attention to always having this code in Common.php.
The next earlier method is in the event code of the Button_doLogin.
Using event code you could test for the activation being 1 or 0 and in case it is 0 you could do a logout.
I agree that both this method and the method I described earlier in this topic, first allow login and then decide to logout the user, while the Common.php method will never allow login.
It is therefore more safe.
Walter
_________________
Origin: NL, T:GMT+1 (Forumtime +9)
CCS3/4.01.006 PhP, MySQL .Net/InMotion(Vista/XP, XAMPP)
if you liked this info PAYPAL me: http://donate.consultair.eu
|
|
|
|
alfonso
Posts: 121
|
| Posted: 08/21/2008, 7:08 AM |
|
Ok thanks, but i do my own solution and this is the code:
In the login events on click:
//Login @4-DE10C29C
global $CCSLocales;
global $Redirect;
$error="CCS_LoginError";
//Aqui miramos si el usuario está activado
$user=$Container->login->Value;
$DB= new clsDBcon_todasoria();
$SQL="SELECT activate FROM miembros WHERE miem_user= '".$user."' LIMIT 1";
$DB->query($SQL);
$DB->next_record();
$var=$DB->f("activate");
//Si no hay nada entonces ponemos 2 para que no entre
if ($var=="")$var=2;
if ($var==0)
{
$Container->Errors->addError($CCSLocales->GetText("CCS_LoginErrorActivation"));
$Container->password->SetValue("");
$Login_Button_DoLogin_OnClick = 0;
//ponemos el error en blanco para que no salga lo del usuario pass incorrectos si hemos entrado aqui
$error="";
}
if ( !CCLoginUser( $Container->login->Value, MD5($Container->password->Value))) {
$Container->Errors->addError($CCSLocales->GetText($error));
$Container->password->SetValue("");
$Login_Button_DoLogin_OnClick = 0;
}
else {
global $Redirect;
$Redirect = ("./index.php");
$Login_Button_DoLogin_OnClick = 1;
}
//End Login
A good reason for use this solution is that you can say why the user canīt loggin, (not activated or login error)
|
|
|
|
wkempees
Posts: 1679
|
| Posted: 08/21/2008, 7:20 AM |
|
Very good,
$DB= new clsDBcon_todasoria();
$SQL="SELECT activate FROM miembros WHERE miem_user= '".$user."' LIMIT 1";
$DB->query($SQL);
$DB->next_record();
$var=$DB->f("activate");
You could change to:
$DB= new clsDBcon_todasoria();
$var = CCDLookUp('activate','miembros', 'miem_user= '.$DB->ToSQL($user, ccsText) .' LIMIT 1', $DB);
Free and friendly advise.
Walter
_________________
Origin: NL, T:GMT+1 (Forumtime +9)
CCS3/4.01.006 PhP, MySQL .Net/InMotion(Vista/XP, XAMPP)
if you liked this info PAYPAL me: http://donate.consultair.eu
|
|
|
|
alfonso
Posts: 121
|
| Posted: 08/21/2008, 11:43 AM |
|
thanks a lot wkempees, i didnīt know so much about function CCDLookUP, iīm going to use it. 
|
|
|
|
wkempees
Posts: 1679
|
| Posted: 08/21/2008, 1:23 PM |
|
Alfonso,
Also take a close look at the ToSQL(), you need it.
Walter
_________________
Origin: NL, T:GMT+1 (Forumtime +9)
CCS3/4.01.006 PhP, MySQL .Net/InMotion(Vista/XP, XAMPP)
if you liked this info PAYPAL me: http://donate.consultair.eu
|
|
|
|
|
