close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Need different Keep me logged in and Remember me for visitors side and admin side

Thread began 5/08/2013 5:33 am by mrs | Last modified 5/30/2013 8:24 am by mrs | 1491 views | 6 replies |

mrs

Need different Keep me logged in and Remember me for visitors side and admin side

I am being asked to by my client provide different settings for the visitors Remember Me and Keep me logged in option to that of the same options in the admin section. Currently one overwrites the setting of the other

I ran the visitors log in/registration based on the double opt-in tutorial and all is fine with that, but when the administrators try to log in to the admin area after using the visitors log in, their admin remember me options are wrong because they've been overwritten visitors log in options.

Admin access uses a different DB table to that of registered users, so I assume the code produced should be different, so what's gone wrong in my scenario?

Many thanks.

Sign in to reply to this post

Jason ByrnesWebAssist

the remember me and auto login options are controlled by cookies, you will need to edit the set cookie values behaviors on the admin login to change the names of the cookies that get created, then edit the second authenticate user behavior to change the login to use the new cookie names.


Setting it up this way, using 2 separate tables and separate login pages is not necessary though. I don't recommend this set up.

It would be better to use one table and use User Level Authentication.

Add a column to the table for user level, set the default value for that column to 1. Then edit the Authenticate user behavior to store the user level in a session.

Use the user level session in access rules to create a Basic User level rule:

User Level Session is = to 1

and an admin rule:
User Level Session is = to 2

for users that should be admins, edit the databases to set the user level column to 2

Sign in to reply to this post

mrs

Yes, I know using separate tables for users and admins is possibly not the best method for a number of reasons, but I am doing this because I have numerous levels of of users, and numerous levels of admins. So each will only have access to a certain part of the website to be able to edit or use, and due to the admin side consistently changing access levels (decisions by committee), I found it easier to handle it this way.

Anyways... I am trying to edit the 'WA Set Cookie Values' for the four items in the server behaviours panel by double-clicking them and then naming them accordingly, but it doesn't seem to be changing anything. So I thought I'd do it by hand and just wanted to double-check that I am changing everything needed.

Here's the code created by the security assist wizard:

if ((isset($_POST["UserUpdate_submit"])&&(isset($_COOKIE["RememberMeUN"]))&&(isset($_POST["User_Update_group_Username"])) && $_POST["User_Update_group_Username"] != "")) {
setcookie("RememberMeUN", "".((isset($_POST["User_Update_group_Username"]))?$_POST["User_Update_group_Username"]:"") ."", time()+(60*60*24*30), "/", "", 0);

Could you confirm the code I need to change is:

$_COOKIE["RememberMeUN"] to $_COOKIE["AdminRememberMeUN"]

and

setcookie("RememberMeUN" to setcookie("AdminRememberMeUN"

Is there anything else I need to change?

Thanks.

Sign in to reply to this post

Jason ByrnesWebAssist

yes, that looks correct.


There are a few places you will need to make the change

1) Change the code that sets the cookie values

2) Edit the code for the Authenticate user server behavior that is used for auto login.

you will need to edit the trigger for the server behavior to reference the correct cookie names, and the code that passes the cookie values to the database.

Sign in to reply to this post

mrs

OK, so to ensure that I pick up all instances, I have done a site wide search with dreamweaver for 'RememberMePWD' and found it in a few files, one of them is called fc_login_default.xml. I've done a site wide search for this filename, but it doesn't seem to be used anywhere.

What is this file for, and do I edit it? If I edit it and it's required by other pages, then I assume I will break the pages I need for the other login pages, so do I duplicate the code here and add my changes to the file to allow for all instances of usage?

It contains code like this:


<wa_form_line>
<wa_form_group_reference label="" continueLine="false">
<wa_field_group name="">
<wa_field_line>
<wa_field_column>
<wa_field_set_validation>Please enter a value.</wa_field_set_validation>
<wa_field_reference src="password_large.xml" label="Password" defaultvalue="%3C?php%20echo%20((isset($_GET%5B%22failedLogin%22%5D)%20||%20isset($_GET%5B%22invalid%22%5D))?%22%22:((isset($_COOKIE%5B%22RememberMePWD%22%5D))?$_COOKIE%5B%22RememberMePWD%22%5D:%22%22));%20?%3E" validation="{ required: true, isConfirm: false, regEx: null, minAlphaChars: null, maxAlphaChars: null, minNumbers: null, maxNumbers: null, minUpperAlphaChars: null, maxUpperAlphaChars: null, minSpecialChars: null, maxSpecialChars: null, minChars: 6, maxChars: 500, isRequired: true }" serverValidation="required|entrylength" spryValidation=", { minChars:6, maxChars:500, isRequired:true }" continueLine="false"></wa_field_reference>
</wa_field_column>
</wa_field_line>
</wa_field_group>
</wa_form_group_reference>
</wa_form_line>

Sign in to reply to this post

Jason ByrnesWebAssist

that file is used by the Form Builder wizard, do not edit it.

Sign in to reply to this post

mrs

Ha ha... that was a pretty urgent and decisive response ;)

Thanks for your advice Jason, I think I have it all working now... just testing it before I upload to the live server

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...