Security Assist

Applied Security Assist Rule, Logged in to pcms2_users, to several pages. On both Firefox and Chrome when I click "Ready to order? Just click here to proceed to the order page" on the home page at www.diybyphill.com, it goes to products_results, not to login.

Security Assist Rule
Logged in to pcms2_users
Allow If:
Value: <?php echo $_SESSION['SecurityAssist_UserID']; ?>
Criteria: =
Compare to : 1

And then when I click on Checkout in the cart page I get the error: Parse error: syntax error, unexpected '<' in /data/20/1/125/115/1940604/user/2116827/htdocs/diybyphill/checkout.php on line 2

You don't have the "Restrict Access to Page" server behavior applied on the products_results.php page.. You need to apply that server behavior on any page you want restricted to force someone to log in before viewing it.

The checkout page had html code on the top of the page in the php area. I've moved it down on the page so it should be corrected.

I tried adding Security Assist Restrict Access to Page - logged into pcms2_users to products_results. Did not work. So made a new rule - not logged into pcms2_users

Security Assist Rule
Not Logged in to pcms2_users
Allow If: clicked on Restrict button
Value: <?php echo $_SESSION['SecurityAssist_UserID']; ?>
Criteria: =
Compare to : 1

I also had the not logged into pcms2_users rule go to registration.php thinking that if they aren't registered they should.

If this is a duplicate post please excuse me.

The rule you set up would only allow people to see the page if their UserID was = 1. I think you would want <> and leave the compare to blank so that any userid would be allowed not just the one.

I reset all pages in Access Page Manager to go to registration.php if access denied.

Logged in to pcms2_users
Allow If: allow if checked
Value: <?php echo $_SESSION['SecurityAssist_UserID']; ?>
Criteria: <>
Compare to : left blank

On both Firefox and Chrome when I click "Ready to order? Just click here to proceed to the order page" on the home page at www.diybyphill.com, it now goes to registration.php. (My thinking is if your name cannot be found in the database you will be directed to the registration page.)

Having an issue with registration form, Last Name error says Please enter a value. Have tried entering characters and digits. Changed the Last Name column in the pcms2_users table from varchar to char. Still getting error. jpg attached

You have a confirm="" attribute on that field which requires that field to match another. Remove the confirm="Registration_group_3_Confirm" attribute from that field.

To make the form fill out without error I changed the Last name validation field from:

<?php
if (ValidatedField('registration','registration')) {
if ((strpos((",".ValidatedField("registration","registration").","), "," . "6" . ",") !== false || "6" == "") || (strpos((",".ValidatedField("registration","registration").","), "," . "7" . ",") !== false || "7" == "")) {
if (!(false)) {
?>

to

<?php
if (ValidatedField('registration','registration')) {
if ((strpos((",".ValidatedField("registration","registration").","), "," . "6" . ",") !== false || "6" == "")) {
if (!(false)) {
?>

However, when I click on register I get an error message: Invalid information, please check your entries and try again. The form is not populating the pcms2_users table. Any thoughts?

At line 22 you are validating the last name is at least 6 characters long. Perhaps that is where the issue is occurring.

On line 20 I changed:
$WAFV_Errors .= WAValidateEL((isset($_POST["Registration_group_5_Last_Name"])?$_POST["Registration_group_5_Last_Name"]:"") . "",6,100,true,7);
to
$WAFV_Errors .= WAValidateEL((isset($_POST["Registration_group_5_Last_Name"])?$_POST["Registration_group_5_Last_Name"]:"") . "",4,100,true,7);

Onward, thank you.