Admin login server behavior is failing

Hi,

Several years ago someone on your tech support team created a login server behavior for me called MySQLi Log Out User, which I use on two pages, one for a member login and one for an admin login to our site (it has a member/admin toggle). The one on the member login page is working great. But for some reason, the one on the admin login page has stopped working, and I discovered yesterday it is allowing any invalid login to access protected pages. What it is supposed to do, is check for accurate email address, password, and whether a person is an admin or not.

I attach the file in question. Let me know what other info you need, and thank you.

Gail

You haven't added any filters to the authentication server behavior. Double click on it in the Server Behaviors window and add the comparisons for the email and password from the form and type in the required admin field value on the "Find Record" tab.

When I open up the server behavior, the email and password are there under the Form POST dropdown menu (along with login). I do not see a Filter tab whatsoever. What I do see is Cookie, Session, URL, Server Variables, WA Cookies, and SecurityAssist. That's it.

Delete lines 3-18 and re-apply the Server Behavior: WebAssist->MySQLi->User Authentication->MySQLi Log In User. Make sure to name the login "Admin" to match your other pages.

OK it's been quite a while since I've done this. In the design view, I am clicked OUTSIDE the form, correct? I tried it once while inside the form and it messed everything up

In the server behavior, under Trigger, I use "any form post"? or "Rule: Administrator"? Finally, under Find Record, how do I make sure that when I select the field admin_priv, I make sure it only selects those which have the "y" character in them for successful login?

It shouldn't matter where your cursor is when you apply the Server Behavior.

The trigger should probably be set to the button press of the submit button on the page.

On the "Find Record" tab, just enter "y" for the admin_priv column filter.

As I've said, I don't see a Filter tab. I'm using Dreamweaver CS6. All I see is code. So maybe you can tell me where in this string I should insert "y" or "true":

<?php echo (((isset($_POST[""]))?$_POST[""]:"")); ?> should it be.....

<?php echo (((isset($_POST["admin_priv"]))?$_POST["y"]:"")); ?> ??

for the email field this is what I see:

<?php echo (((isset($_POST["email"]))?$_POST["email"]:"")); ?>

1) Delete lines 3-18
2) apply the Server Behavior: WebAssist->MySQLi->User Authentication->MySQLi Log In User. Make sure to name the login "Admin" to match your other pages.

I see the tab is named "Find Record", not "Filter"... sorry for the confusion.

I did all those things before. I finally understand what you meant as to where to enter the "y" character. Sorry, I thought this field was going to look the same for all three - email, password, and admin_priv.

All is working again. Thank you so much for your help, once again!

Gail