close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Secure page

Thread begun 11/19/2012 5:32 pm by thehalpeen319342 | Last modified 11/20/2012 9:21 am by Jason Byrnes | 1386 views | 3 replies |

thehalpeen319342

Secure page

Dear Jason, I've created a Registration Page with CSS Form Builder and used DataAssist Insert Record to bind it to the Database table. The password is encrypted using MD5.

After registration, the user is brought to a login page. This login page has an email, password and a submit button and I used WebAssist Authenticate User. After logging in the user is brought to a Welcome.php page.

However, when I try to 'secure' the welcome.php page with SecurityAssist, I get a message 'no rules defined'. Do I have to create a rule and if yes is there guidance on how to create the rule?

Note: In Dreamweaver, I would normally use 'User Authenticatio'n to secure pages using 'Log in User' and 'Restrict Access to Page'. It seems more complicated with WebAssist - but maybe I'm missing something obvious.

In addition, I then tried to built secure pages using the Security Assist Wizard, but this proved problematic as well. I built the pages, with the intention of only using, logon.php, logout.php and forgotpassword.php. But again this didn't perform the tasks I expected, so I gave up - the logon page was validating the password - expecting a certain mix of characters, etc - I didn't know how to remove the validation.

Which is the best route to take if I want (1) an independent registration page designed in CSS Form Builder and binded/bound using WebAssist 'Insert record' and using an encrypted password (2) a logon page and (3) several secure pages - welcome page, report page (thanks to you, I now know how to do a report page that pulls data from two tables and which has search capabilities), etc.

I can prepare all the above security in Dreamweaver, but I'd prefer to have the ability to do it with WebAssist, because of its ability to create sessions, and it seems more powerful, - unfortunately I've been unable to harness this power on this occasion.

Sign in to reply to this post

Jason ByrnesWebAssist

If you create the pages manually, you will need to configure the Access rules manually as well.


In the Authenticate user behavior, the sessions tab allows you to select columns to store in a session on login.

the default is to store the ID column, use that session as the basic access rule.

In the Access rules manager, create a Logged in rule, For the Value, select the ID session variable. for the Criteria, select "<>" (Not Equals), leave the Compare to section blank.

this is a basic rule that will allow access if the user ID session is not empty. you can create more complex rules for user level authentication if you like as well. On the security Assist support page, there is a user level authentication tutorial in the Archived documentation section. It was written for v1, but the concept is still the same.

if you run the wizard, you can edit the validation after the pages are created. the validation will use server validation and spry. to edit the Spry validation settings for an element:

Select the element in Design view, notice the Blue Bounding box that denotes the field as a spry field, click the Blue bounding box, this will trigger the spry settings in the property inspector.

to edit the server validation:

Open the server behaviors panel and double click the Server Validation server behavior. Select a validation form the list and click the edit button.

Sign in to reply to this post

thehalpeen319342

Thanks Jason, that sorted out the issue. I'm getting there with this registration form. Two things would put the icing on the cake.

1 - At the moment, if I create a manual login page using CSS Form Builder and WebAssist User Authentication, I would normally redirect the user to fail.php (which has message to try again), if they enter wrong login details. How do I add that nice code 'login.php?failedLogin=1' to a manual login page - it's a lot neater than passing the user to a different page.

2 It would be nice to have Ajax on the email field if someone who is already registered tries to register again with the same email. I have used a server behaviour you gave me in the past which checks a username, but this only checks when you press submit.

I have some code a friend gave me who was helping me with the design of the form - see attached. He was wondering where one would insert this on the registration page, or if you have something similar?

Sign in to reply to this post

Jason ByrnesWebAssist

1) Open the bindings page and click the plus button, select URL Variable and name it "failedLogin"

in the access rules manager, create a failed login rule. for the value, click the lightning bolt icon, set the Criteria to = and the Compare to to 1

Add your failed login message to the page, then use the security assist show region behavior wit the failed login rule.


2) we don't offer ajax for validating the email address, you would need to add that manually. The instructions in that text file say to add the code in the head of the document.

the $(document).ready(function() { function code needs to be placed in a script tag.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...