close ad
Databridge V2 with MySQLi support IS Now Available!
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Create security pages not working

Thread began 11/19/2018 7:54 pm by mrs | Last modified 12/31/2018 2:58 pm by Ray Borduin | 177 views | 8 replies |

mrs

Create security pages not working once created

I've run the create security pages but none of the resultant pages seem to be working. When I first ran it, the wizard told me it didn't have rights to write the relevant table, so I had to copy the sql file it created and add it manually.

Anyway, now I've got login.php and registration.php (the only two pages I've been able to test so far). I have also got userupdate.php, forgotpassword.php and logout.php.

I click register from here http://brandchampion.co.uk/rental-furniture-detail.php?furniture=2 and have added a username and password, but they are not entering into the DB. Once I have submitted the registration page I am pushed back to the home page which has a URL ending in ?invalid=true. That's the first part of the problem.

The next part pertains to retrieving the user date from the DB. Because the registration didn't work, I entered the info manually. I then go to login.php and enter the details, but I get the same ?invalid=true. So log in is not working; that's part two of my problem.

Part three of my problem I guess is related to part two in that I am trying to retrieve the user ID via a session using the SecurityAssist_userID. If the session is not empty, then I will display certain content and hide register login buttons. If it is empty, then I display the register login buttons. I am certain that the session isn't being propulated because I have manually created a session like so $_SESSION['SecurityAssist_userID'] = 1 and have echoed it on the product page and it displays as expected. When I remove the manually populated session code and log in, the echoed '1' disappears.

Basically, I can't enter new user details, and if I manually populate the DB, I can't retrieve the detail to populate a session.

Any thoughts?

Server info in private message.

Thanks.

Sign in to reply to this post

Ray BorduinWebAssist

The invalid=true means that it isn't passing validation... maybe too weak of a password or invalid email address. What are you entering?

Sign in to reply to this post

mrs

Yep, that's it. Thanks Ray.

On that basis, shouldn't the page refresh itself and present the errors? Currently it's going to the home page with the ?invalid=true.

I'm asking because as the person building the site, I wasn't aware of the error and therefore any normal user isn't going to know.

I've resolved it at the moment by adding in registration.php before the ?invalid=true, but was wondering if that wasn't how it's intended to work.

Also, the error message contains @@strengthmessage@@ and was wondering if that is meant to be dynamic in some way referencing code elsewhere pertaining to the minimum limit of characters, or if it was simply there to remind us that we need to change it manually?

Sign in to reply to this post

Ray BorduinWebAssist

There was an issue that has been resolved in a recent build where the page name wasn't included in the failed redirect. You can install the latest version so it doesn't happen in the future. On the pages you have already created just find the line that has "?invalid=true" and add the current page name in front like: "registration.php?invalid=true"

The strength message is a placeholder where you can add text according to your requirements.

Sign in to reply to this post

mrs

Just tried to load the userupdate page and I got a 500 error. Looking at the code I see I have and odd include:

<?php require_once('Connections/conn.php'); ?>
<?php require_once("webassist/form_validations/wavt_scripts_php.php"); ?>
<?php require_once("webassist/form_validations/wavt_validatedform_php.php"); ?>
<?php require_once('@@ConnectionPath@@'); ?>
<?php require_once( "webassist/security_assist/helper_php.php" ); ?>

Not sure if this should be helper file or other WA include file, so I have included all that have been created for you to try to figure out which is missing... if it is.

When I remove <?php require_once('@@ConnectionPath@@'); ?> I get a new error:

SELECT * FROM pcms2_users WHERE UserID = %s
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s LIMIT 0,1' at line 1

Could you tell me what that line of code should be please?

I've looked at another post here, but although it was similar errors, I couldn't see a resolution for that one line.

Thanks.

Sign in to reply to this post

Ray BorduinWebAssist

You can remove that line of code entirely. I think if you re-install the latest version of the extension that issue has been fixed.

The FTP information you provided doesn't work, so I wasn't able to look at the page directly. Can you send updated FTP information or attach a copy of the page itself for me to look at? That would help me diagnose the second error.

Sign in to reply to this post

Sweens

Hi Ray

Having used the 'create security pages' wizard, I'm getting the same spurious code

<?php require_once('@@ConnectionPath@@'); ?>

in my forgotten password page. When I remove it, the form appears works as far as the email process, I think, but then I get 'the page isn't working' and no email is received.

The login page works fine

I'm using 2.3.4 Data Assist

UPDATE; I've 'shown errors' and after submitting the form, I get the error shown in the pm.

Cheers
Chris

Sign in to reply to this post

Ray BorduinWebAssist

Do you have the latest version installed? I thought I had fixed this issue.

The problem is that the wizard didn't create the email include files necessary to send the email. To correct the problem at this point you can:

1) Create a new page (call it temp.php you will end up deleting it later)
2) Apply the Send Email Message server behavior (use dummy content)
3) Upload the webassist/email folder that will now have all of the necessary files
4) Delete your temp.php page, you don't need it anymore

Sign in to reply to this post

Sweens

Thanks, Ray - that all works properly now.

Yes, 2.3.4 installed.

Cheers
Chris

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...