Administration pages! Need help!

Hi

I've created a registration page with security assist where a user can apply for membership and when done an email is sent to me for confirmation. The user only fills in his personal data like email, name, address etc. No username or password. This data is inserted correctly into my mysql database users table leaving the password and username field blank as wanted. I have initially set password field with SHA1 encryption when created all the pages from wizard in Securityassist. Now I have also created a set of admin pages with Dataassist. There I want to be able to update the record for the user and insert a username which I choose and a temporary password that I want to be sent to the user by email when I confirm on change in update file. The temp password which I insert should be encrypted with SHA1. When the user recieves his username and temp password by email he/she should be able to login and change only the temporary password to his/her choice from the update page initially created with Security Assist wizard. The registration process with confirmation mail sent to user works fine. How do I accomplish the update/insert of username and password (SAH1 encryption) from the admin pages when a new user is inserted in users table. Also how can I implement that an email will be sent to the user, containing the username and password that I insert from admin update page? I really need help on this! Is there a guide available to show how to do this? Could someone please point me in the right direction in how to solve this!

Regards,
Martin Johannesson

Short explanation on what I want to accomplish:

This is the code present in the Update Record (users) server behaviour for the password field:

<?php echo ((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:""); ?>

This field is empty from the start when a user is applying via a registration form and a record is inserted in mysql database tabel "users".
When I go to the update page created from Dataassist wizard I want to be able to insert a passowrd for the users record and SAH1 encrypt it on submit (Update record).
I also would like to have the created password (encrypted but show in plain text to user of course) sent to the user by email when I submit the change in update page.

In the update record behavior, select the password field, and click the lightning bolt next to value. From the bindings panel, select the password form element, and from the form list, select SHA1 encryption. This will format the entered password to use SA1 encryption in the database.

in the email, you can add the binding for the password field to send the plain text password that was entered.

Thanks Jason! That worked fine! So simple I feel stupid! ;=) Im all new to this so its great to be able to get some pro help through this wonderful forum! Your products are great and I will soon update to the Super suite package.

I have since yesterday changed my mind about the register/login functionality and changed everything so the user will have email as username instead. I have succeeded so far to make the registration work. The user entered data in registration is inserted in database and I have also got all the login functionality working with limited login attempts and password recovery where user can update his password. Emails sent back and fort works fine so now I only have one problem that I cant get right!

I have created a column in my user database named UserLevel and set that field to tinyINT, lenght 1 and as entered 1. I would like to have 3 user levels, 1= guest, 2= registered user and 3= admin. For all guests applying for account through reg. form a value of 1 is inserted in that database field initially. Then I want to be able to restrict login so that a user who applied wont be able to log in until I change that value to 2 in the database. That is assigning the user a registered status. That I would like to do from the update user form in admin created by DataAssist wizard.

- How do I restrict user access on login allowing only users for whom I changed the value in the UserLevel column to Registered user (value 2 in database column) status?
I understand that I have to set up access groups somehow but I havent been able to do that successfully.

/Martin J.

see the "User Level Authentication" tutorial in the archived documentation section of the security assist support page for details:
securityassist/

Thanks Jason

I have missed that guide probably because it was in the archived section! Will check that tomorrow!

/Martin J.

That worked like a charm! :=)
Your guides are very well done and simple enough for a beginner like me! Keep them coming!
Thanks for fast support replies!

/Martin J.

Jason, I've got one more problem here! I set up all the rules according to the guide and it works. The problem is that I previously assigned a limited logins rule (Max logins) that will pass a user entering the wrong email or password twice to the forgotpassword page. How do I combine this rule with the other rule I set up named "Admins and Students" which restrict access to users other than those with UserLevel 2 (approved Students) and 3 (Admin) status? I want a user who initially after registration is assigned UserLevel (1) Visitor in database (Which I will change from administration pages after I approve them) not to be able to login at all initially! Best would be if the user not yet approved would see a messege on top of the login box reading they are not yet approved. Users with level 2 and 3 (Students and Admin) should be passed to forgotpassword after 2 unsuccessful attempts to login or be logged in with correct email and password. That is working fine but I can't figure out how to incorporate the access level rule in the max logins rule or how to have both of their functionallity according to my needs?

I solved the problem myself!