Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Displaying an error message when login fails + Securing a page fomr unauthorised access

Displaying an error message when login fails + Securing a page fomr unauthorised access

Thread began 4/30/2015 10:18 am by Nathon Jones Web Design | Last modified 5/01/2015 10:15 am by Ray Borduin | 1070 views | 3 replies |

4/30/2015 10:18 am | #1 Nathon Jones Web Design

Displaying an error message when login fails + Securing a page fomr unauthorised access

Is this in the SecurityAssist extension somewhere? I just can't find it or, more likely, it just isn't intuitive enough for the likes of me.

I have set the failed redirect of my SecurityAssist Authenticate User behaviour to include a querystring value indicating failure:
"failRedirect" => "index.php?value=fail",

On my login page I want to display a simple "The username/password combination you've entered is incorrect." message when the user enters incorrect credentials. So I tried this:

<?php if ($_GET["value"] = 'fail') { // Show if column... ?>
<p class="redwarning">The username/password combination you've entered is incorrect.</p>
<?php } // Show if column... ?>

It doesn't work and displays the warning permanently.

I also, for the life of me, can't find a way to secure a page from unauthorised access.

Hope you can help. Thank you.
NJ

4/30/2015 4:24 pm | #2 Ray BorduinWebAssist

You need to use a double equals sign in IF statements... otherwise you are setting the value and not checking it.

Use:

php:

<?php if ($_GET["value"] == 'fail') { // Show if column... ?>

Did this help? Tips are appreciated...

5/01/2015 2:09 am | #3 Nathon Jones Web Design

Thank you Ray. I've had to scrap the whole thing because WebAssist SecurityAssist, whilst it may offer a lot of features, doesn't seem to have an easy way to restrict access to a page - I certainly can't find any documentation on it that doesn't refer to having used the wizard (maybe you can point me in the right direction there?).

How do I change the above to display a button only when a user is successfully logged in? I've reverted to the MySQLi Authentication behaviours, mainly because they are more familiar but also because they are future proof, and I have stored the username and password in a session.

I'm not sure how I detect if a session variable exists as opposed to checking what a session variable is, for example the later...

<?php if ($_SESSION["userID"] == 1) { // Show if column... ?>

Hope you can help. Thank you.
NJ

5/01/2015 10:15 am | #4 Ray BorduinWebAssist

Use:
<?php echo(isset($_SESSION["userID"])?:$_SESSION["userID"]""); ?>
"not equal to"
leave the value field blank

Did this help? Tips are appreciated...

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.