How do I display error messages manually?

When I manually create a login system, how do I get access to standard errors like "username already exists" or "user not active" (WA_Auth_RulePasses("UserActive")). And how do I display them?

Is there an API documentation on all available WA access rule errors?

use the Show Region behaivor.


Create the error message, select it then go to Webassist -> Security Assist -> Show Region.

to see how those rules are defined, go to WebAssist -> Security Assist -> Manage Site Access -> Access Rules Manager.


no, there is no api documentation.

o.k. .. I see ... gives more work but more flexibility.

Now, I have an access rule on the admin-folder with page protection.

If AccessLevel of Session =! 10 redirect to login page. There I put an error message "You don't have access to this page".

This works if I call "website.com/cms/admin" directly without login, so redirect to login page works and the error message appears on the login page.

But the error message also appears, when I just call the login page.

How do I solve this? Thx for any help in advance.

this takes a little hand coding to only show the error if the user is logged in.

look at the Logged into user rule, and make note of the users ID session variable name.

then add another if statement just before the error message. SO if the error is:

"Access level restricted"

change it to:

<?php if(isset($_SESSION['SecurityAssist_UserID']) { ?>Access level restricted<?php } ?>

where SecurityAssist_UserID is the name of the logged into users session.

Jason, what I'd like to do is:

- If user submits form, check userdata, if username is wrong, show error message
- If user submits form, check userdata, if username does not exist, show error message
- If user submits form, check userdata, if username is not active, show error message
- If user submits form, check userdata, if password is wrong, show password error message

But the error messages show up even if the form has not been submitted. It looks like the access rules are not beeing fired.

Maybe my rules are wrong?


Rule:
---
case "UserDataNotCorrect":
$comparisons[0] = array(FALSE, "".((isset($_POST["Email_Address"]))?$_POST["Email_Address"]:"") ."", 2, "".(ValidatedField("index","Email_Address")) ."");
$comparisons[1] = array(FALSE, "".((isset($_POST["Password"]))?$_POST["Password"]:"") ."", 2, "".(ValidatedField("index","Password")) ."");
break;
---
ShowIF

---
<?php if(WA_Auth_RulePasses("UserDataNotCorrect")){ // Begin Show Region ?>
<span class="ERROR">Die eingegebenen Zugangsdaten sind nicht korrekt.</span>
<?php } // End Show Region ?>
---

I still need help on this...

Thx

you wont be able to accomplish this with security assist rules.


you will need to create recordsets to accomplish this.

you will need a separate recordset for each check. you can then use the standard dreamweaver show region behaviors to show the errors if the recordsets are empty.


this is not something i can offer extensive support for, if you need assistance creating this, i would suggest signing up for a premiere ticket where we could work with you in a one on one screen sharing session.

Hi Jason. Thanks for your answer.

Francly speaking, without being able to connect error messages to the SA rules, this extension seems to be half useless or half useful whatever you call it. I mean your extension does check within the SA rule if a username from the form field = database record. Doesn't it? Why can't I get access to this response in order to fire an error message?

the extensions checks the username and password as group.

it creates a recordset to lookup the entered username and password to see if a record exists.

this is not the same as what you are asking to do. you are asking to check the username individually, and then check the password individually. the extensions does not do this, you will need to configure that functionality yourself.

o.k., I see. But how do I set up the correct rule? Do I have to setup both of them together? I'm confused...

But can I connect an individual error message to a SA rule or not? This is the main problem I have, because this seems not to work correctly. The error shows even I haven't submitted the form at all. Here is my (first) problem again:

I have an access rule on the admin-folder with page protection:

"If AccessLevel of Session =! 10 redirect to login page". On the login page, I put an error message "You don't have access to this page" with the corresponding SA rule.

Access protection works: if I call a protected admin page directly - without logging in -, I'm redirected to the login page works and the error message appears on the login page. So good so far.

But the error message also appears, when I just call the login page. Is this a session (cache) problem?