close ad
Install the LAtest Updates to Work with CC 2017 and CC 2018
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Show If question

Thread began 1/04/2011 5:33 pm by Sally | Last modified 1/05/2011 4:54 pm by Jason Byrnes | 1684 views | 15 replies |

Sally

Show If question

I recently did this with an asp site which I'm redoing now as php since everyone tells me php is better. It worked in asp but I can't get it to work now.

I am trying to show the password field on a details page only if it is your record. My rule (If Self) says to show the field if the Session ID = the detail recordset ID. I've put dynamic fields in to verify that they both are the same, but my field still won't show.

My code is:

<?php if(WA_Auth_RulePasses("If Self")){ // Begin Show Region ?>
<tr>
<th>Password:</th>
<td><input type="text" class="WAATKTextField" name="txtpassword" id="txtpassword" value="<?php echo(str_replace('"', '&quot;', $row_rs_directory_detail['txtpassword'])); ?>" size="50"/></td>
</tr>
<?php } // End Show Region ?>

Any help would be appreciated. Thank you.

Update:
I've been working on this and have a more complete picture of what I'm trying to do. Basically there is a detail page of info that if it is the info of person signed in, they will see one version which they can update, except for the Group field which only the Admin can see and edit. The Admin can also see and update all their other data.

If it's not your data, you see a non-editable version which excludes password and group data.

What's happening is that no matter if who you're signed in as, you're seeing the non-editable version of the data.

I realize that's a bit complicated so I've attached a zip of the detail page and HelperGroupsRulesPHP.php so you can see how my rules are.

Thanks for any help. I'm stuck!

Attached Files
directory_detail2.zip
Sign in to reply to this post

Jason ByrnesWebAssist

using recordset data in rules can be tricky.

the recordset needs to be created before the rule is created for the recordset value to be available.


this code at line 7 attaches the WA_SecurityAssist/Helper_PHP.php

<?php require_once( "WA_SecurityAssist/Helper_PHP.php" ); ?>


This also attaches the HelperGroupsRulesPHP.php and defines the access rules. Since this code is before the recordset code, the recordset value is not available when the rules are created.

you need to move the recordset code to be before the the require once line at line 7

Sign in to reply to this post

Sally

Thank you, Jason. That makes sense. But two followup questions.

First, I selected the record set and moved it after line 6
<?php require_once('Connections/residents_unix.php'); ?> and before what used to be line 7
<?php require_once( "WA_SecurityAssist/Helper_PHP.php" ); ?>

but now I get the error:
Fatal error: Call to undefined function getsqlvaluestring() in /data/25/2/98/45/2424045/user/2657060/htdocs/test/directory_detail2.php on line 13

Line 13 is
$query_rs_directory_detail = sprintf("SELECT * FROM Residents WHERE ID = %s", GetSQLValueString($colname_rs_directory_detail, "int"));

Not sure what to do now.

The second thing I will need to know to get this to work properly, is how to have the first group of data Show If the "If Self" OR the "If Admin" rules are met. I'm not sure how to string those together in php. Can I do it by

<?php if(WA_Auth_RulePasses("If Self") OR WA_Auth_RulePasses("If Admin")){ // Begin Show Region ?>

And can I still have a second Show If Admin within that group that will only show the Group field if you are Admin?

I've attached the file if it helps.
Thank you.

Attached Files
directory_detail2.zip
Sign in to reply to this post

Jason ByrnesWebAssist

this code needs to be before the recordset:

php:
if (!function_exists("GetSQLValueString")) {

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}





use the following syntax to chck if either condition is true:
<?php if(WA_Auth_RulePasses("If Self") || WA_Auth_RulePasses("If Admin")){ // Begin Show Region ?>

Sign in to reply to this post

Sally

I think I've done everything you said, but it still is only showing me the second - display only - table. This is set to Show If Other and should only show for non-Admin viewing a record other than their own.

I also have admin priv so I should see the first table, with editable fields, along with the Group field. But no matter who's record I select (even my own), I only see the display only table.

I've attached the latest version of the file.

Thanks for your patience.

Sign in to reply to this post

Jason ByrnesWebAssist

there is no attachment to your post.

lets back up a bit though and simplify things.


You dont need to use recordset values in your rules, this is one thing that may be causing confusion.

for the admin rule, edit the authenticate user behavior on the login page. On the third step of the wizard, you can select user table columns to store in a session variable, select the txtgroup column so that the user group is stored at login time, this way you dont hav to look it up, you can use the already existing session variable.


for the if self rule, you are just filtering thje recordset on the ID query string:
$_GET['ID']

why not use that in the rule rather than the recordset value?

Sign in to reply to this post

Sally

I didn't realize I could do the Admin rule that way, and have changed the rule to be based on a session variable. Thanks for the tip.

As far as the If Self rule, I'm not sure I understand exactly. There is a data grid of people. When you click on a record, if it's yours, you will see a editable table where you can update your info. If it's not yours, you will see the info (minus Password & Group) as display only. The Admin should be able to see and edit all info.

The recordset that populates directory_detail.php (rs_directory_detail) is built on the URL ID passed by clicking on a grid row. I don't understand how to use your $_GET['ID'] idea. What I have is if your session ID is equal to the rs_directory_detail ID, then the If Self rule is met.

I'm not very experienced at this so I'm very open to learning a better way.

I've attached the details and rules files now, if it helps.

Thanks again.

Attached Files
HelperGroupsRulesPHP.zip
directory_detail2.zip
Sign in to reply to this post

Jason ByrnesWebAssist

go to the bindings panel, and click the plus button.

Select URL Variable and name it ID

In the if self rule, set it to use the ID URL Variable instead of the recordset.



your code at line 129 is not correct:
<?php if(WA_Auth_RulePasses("If Self") OR WA_Auth_RulePasses("If Admin")){ // Begin Show Region ?>


it needs to be changed to:
<?php if(WA_Auth_RulePasses("If Self") || WA_Auth_RulePasses("If Admin")){ // Begin Show Region ?>



in PHP || is the OR separator for an if statement. use && for AND


Again, lets simplify though. Does it work if you only use the if self rule:
<?php if(WA_Auth_RulePasses("If Self")){ // Begin Show Region ?>

how about if you use the if admin rule:
<?php if(WA_Auth_RulePasses("If Admin")){ // Begin Show Region ?>


make sure it works as expected individually before combining them

Sign in to reply to this post

Sally

Oh man, Jason, this is great - two of the three rules are working now AND I've learning some great things! Thank you!

The only rule that doesn't seem to be working is the If Admin. Maybe I set it up wrong too. I have it where if the Session variable txtgroup = Admin then Allow. My dynamic text is showing me as Admin but the Group field is not showing (which is not a combined rule) and the <?php if(WA_Auth_RulePasses("If Self")|| WA_Auth_RulePasses("If Admin")){ // Begin Show Region ?> rule is also not working as I'm seeing the non-editable display.

Did I set up the Admin rule wrong?

Thank you so much for your patience and help.

Sign in to reply to this post

Jason ByrnesWebAssist

keep in mind that php is a case sensitive language.

add the following code to the page to output the session variable value:

php:
<?php

if(!session_id()) Session_start();
echo(
"Session txtgroup is equal to: |".$_SESSION['txtgroup']."|");
?>




I put the pipe character around the output to check for trailing or leading spaces. What does this print to the page? is it Admin with capitol A or lower case a? make sure to get the case correct in your rule.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...