Set Up forgot Password with multiple tables

Hi ray,

We have the login set up with three Authenticates to allow users to log in from different tables and it is working fine. What i completely forgot about was the forgot password section. Is it possible to do something similar with forgot password?

Are you doing password encryption? It might be a little more difficult for the forgot password section, but it should be possible. I'd need more details to come up with a solution.

Thanks Ray, I think for the time being I'll let that one go in favor of a more pressing problem. I have pages on the website that are only accessible with login. As you may recall I have three separate member tables and using three User Authentications on the login page anyone can log in with no issues. The three are Members, Exec and Admin. Once logged in the pages are available for viewing. It's working great and I thank you for your help.

Where the problem is occurring is if someone tries to access the page without logging in first. This brings up the login window. It is at this point where it fails. I have been able to resolve it on the pages for Exec and Admin by including a secondary login file. Where I'm having the problem is on pages for everyone. The rule on these pages is:

<?php
if (!WA_Auth_RulePasses("Logged in to members")){
WA_Auth_RestrictAccess("member-login.php");
}
?>

If I try logging in as member it works fine but not for the other two. Trying to log in as Admin or Exec does not work. While I don't really need admin since admin should log in first anyway I would like to add Exec to be allowed to login.

A lot of my rules you manually created so I'm not really sure how to go about adding the other two to this.

Thanks

I'd need to see your login page and your helpergrouprules.php file to see how it works to suggest how to fix it. You could probably just update the logged in to members rule to allow execs as well.

Yes I realized that myself.

You are bringing up two separate issues. I'd like to handle one at a time. If you have an issue with your login page and not being able to use a shared page for login to the three tables, then I'd need to see the three login pages to try to determine the difference.

For the original issue, I think you can just create a new rule from Webassist->Security Assist->Manage Site Access->Access Rules Manager

Create a rule "Logged in to exec or members" with the conditions:
1) ALLOW if $_SESSION['SecurityAssist_Exec_id'] != ""
2) ALLOW if $_SESSION['SecurityAssist_Member_id'] != ""

It looks like your rule for "Logged in to members" should allow access to all groups since the rule is:
2) ALLOW if $_SESSION['SecurityAssist_FirstName'] != ""

And all three of your logins save that session variable. So that rule should allow access to any logged in user as it stands.

Hi Ray, I was just testing the pages from the work done yesterday and wanted to check on what would happen if someone entered the wrong password. I tried logging into an admin only page. I ended up getting the following message repeated three times at the top of the screen.three times probably because there are 3 separate logins

Notice: Undefined property: WA_MySQLi_Auth::$FailRedirec in C:\xampp\htdocs\songwriters\webassist\mysqli\authentication.php on line 319

This is the code starting at line 319.

if ($this->FailRedirec) $this->redirect($this->FailRedirect);
}
break;
case "restrict":
@session_start();

This is the code you added to the authenticate.php page to fix the login problem we were having with login.

Not sure how big a deal this is to fix but probably shouldn't have that particular message appearing every time someone enters the wrong login information.

It is missing a 't'. It should be FailedRedirect

That did the trick, thank you very much.