 |
 |
 |
 |
|
|
Date: 10/28/99
- Next message: Kristian Koehntopp: "Re: [PHPLIB] index.php3 test page error..."
- Previous message: Sam C. Nicholson !!: "[PHPLIB] making an auth that uses LDAP"
- In reply to: LeafWind: "Re: [PHPLIB] Would like to see Examples of User Self-Registration?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi All:
Regarding the user self-registration, I am glad to see other
developers were wondering the same. Before I received the
example from Mr. Masserelli, I pushed through with my own
code to get the same effect. But I am not confident that I
worked entirely with the flow of how things are done in PHPLIB,
so I am eager to review Mr. Masserelli's work.
Here's how I (ahem) "solved" it for our particular application:
(1) We already had routines to register information
on "customers" (using a different table than
the PHPLIB user object does). In one of these
routines, I do the following:
<?php
require( "../include/nbdcPhpLib-7/php/prepend.php3" );
page_open( array( "sess" => "nbdcSession",
"auth" => "nbdcAuth",
"perm" => "nbdcPerm" ) );
?>
<?php
// We do more stuff, and we include a file with this
// code inside its "createInitialAccount(...) routine.
?>
<?php
// Inside the utilityTblCustomers.inc file, we call
// this createInitialAccount(...) routine:
function createInitialAccount( $strTestLID, // Login ID
$strTestPWD, // Password
$strTestReminder )
{
global $bDebug;
global $nbdcSession;
global $sess;
if ( $bDebug )
{
print( "\n<BR>Entering createInitialAccount..." );
echo "\n<BR>nbdcSession=$nbdcSession";
echo "\n<BR>strTestLID=$strTestLID";
echo "\n<BR>strTestPWD=$strTestPWD";
echo "\n<BR>strTestReminder=$strTestReminder";
}
// $u_id = md5( uniqid( $nbdcSession ) );
$u_id = $nbdcSession;
// Assume the proposed op will fail!
$bIsValid = FALSE;
if ( testUniqueLID( $strTestLID, 0 ) == TRUE )
{
// String-ify (and eliminate spurious quotes in) the SQL fields:
$fieldUID = s( $u_id );
$fieldLID = s( $strTestLID );
$fieldPWD = s( $strTestPWD );
$fieldReminder = s( $strTestReminder );
$fieldPerm = s( "user" );
// Deal with the fact that we might be *modifying*
// an account (especially if the user is clicking a
// back button to perform a "re-do" on their info.
if ( testUniqueUID( $nbdcSession, 0 ) == TRUE )
{
// Setup the query:
$strQuery = "INSERT INTO auth_user VALUES ( ";
$strQuery .= " $fieldUID ";
$strQuery .= ", $fieldLID ";
$strQuery .= ", $fieldPWD ";
$strQuery .= ", $fieldReminder ";
$strQuery .= ", $fieldPerm ";
$strQuery .= " )";
}
else
{
$strQuery = "UPDATE auth_user SET ";
$strQuery .= " password = $fieldPWD";
$strQuery .= ", reminder = $fieldReminder";
$strQuery .= " WHERE username = $fieldLID";
}
// Prolog: Prepare for upcoming SQL calls!...
openDBConnection();
// NB: Ensure closeDBConnection() gets called!
// NB This is a local routine, *not* PHPLIB code!
// Output a pre-query diagnostic Trace in HTML:
if ( $bDebug )
{
echo( "\n<P>Query = " ); echo( "\"$strQuery\"...<BR>" );
}
// Run the freakin' query, already!
$result = doQuery( $strQuery );
if ( $result )
{
$bIsValid = TRUE;
$nResultingCustID = a( mysql_insert_id() );
// Output a post-query diagnostic Trace in HTML:
if ( $bDebug )
{
printf( "\n<BR>...created Customer ID: %d", $nResultingCustID );
}
// Make a new auth object so the newly
// created username/password will NOT
// be forced to re-login. Note that we're
// we push the expiration time forward
// by a minute to avoid being invalidated.
// This whole section needs review to
// make sure it's being done the "best"
// way for working within PHPLIB!...
global $auth;
$auth = new nbdcAuth;
$auth->auth["uname"] = $fieldLID;
$auth->auth["uid"] = $fieldUID;
$tsNewTime = time() + 600;
$auth->auth["exp"] = $tsNewTime;
$auth->auth["perm"] = "user";
$sess->register("auth");
}
else
{
print "\n<BR>Could not initiate creation of customer account!";
}
// Epilogue: Close the connection AFTER the table is displayed
closeDBConnection(); // Equiv. to: mysql_close();
} // end of re-test for testUniqueLID(...)
if ( $bDebug )
{
print( "\n<BR>...Exiting createInitialAccount." );
}
return $bIsValid;
} // end of function createInitialAccount(...)
?>
Also, more thought need to be given to users who "go back"
in their page sequences to "correct" things. For example,
at our site, we pre-validate the proposed login ID by checking
it against existing usernames. Well, if the user decides to
click back, then our local testUniqueLID(...) routine will fail.
This is easily corrected with a parallel routine
function createInitialAccount( $strTestLID, // Login ID
$strTestPWD, // Password
$strTestReminder )
that makes a call to test for the existing (hopefully)
singleton Login ID, namely:
if ( testUniqueUID( $nbdcSession, 1 ) == TRUE )
...instead of:
if ( testUniqueUID( $nbdcSession, 0 ) == TRUE )
Hopefully, we'll get to that soon.
If anyone would like details, I could make it available within
a few more days (as soon as the site I am working on this
for is done with its "shake down" of the initial development
phase)?
But actually, I am hoping to re-do this in a more "elegant"
manner, once I understand PHPLIB better (in other words,
I feel like I brute-forced it instead of finessing it!).
Thanks to everybody for the help they provided. My thoughts?
PHPLIB is pretty damn "Kewel" (as we say out here on the
west coast of California).
Uhhhhh, that's a good thing! :-)
-- Daniel Cunningham
DPC Technology Corporation
http://www.dpc-tech.com/service
At 10:06 PM 10/27/1999 -0400, you wrote:
>I was about to post the very same question, for an example of User
>Self-Registration. I am new to PHP and newer to PHPLIB, and though I've
>customized Session, Auth, and Perm to work the way I want, I really need
>some kind of example to get me started with setting up user
>self-registration.
>
>Daniel Cunningham, could you please forward me any examples you receive? It
>would be greatly appreciated.
>
>Massimilano Masserelli, you have a very nicely designed site at
>www.danigi.com, and I would be very grateful for any code you could send
>that would help me in setting up something similiar.
>
>Thanks everyone,
>
>Leah Penney
>LeafWind Web Design
>http://www.leafwind.com
>
>> On Wed, Oct 27, 1999 at 03:14:47AM -0700, Daniel Cunningham wrote:
>>
>> DC> I'd like for my users to be able to push a button and go to another
>> DC> form and setup a username/password for their account. In other words,
>> DC> self-registration, using a form, and overrides of the
>> DC> auth_registerform() and auth_doregister() methods.
>>
>> Have a look at www.danigi.com. Select "login" from home page and see if
>> this is what you want. I can provide you that example.
>>
>> Bye.
>> --
>> Massimiliano Masserelli | URL: http://www.interim.it/
>> Internet Images S.r.l. | Tel: +39-051-3390671
>> vicolo Viazzolo, 3 | Fax: +39-051-557890
>> 40124 - Bologna - Italy |
>> --------------------------------------------------------------------------
>-----
>> Dinner suggestion #302 (Hacker's De-lite):
>> 1 tin imported Brisling sardines in tomato sauce
>> 1 pouch Chocolate Malt Carnation Instant Breakfast
>> 1 carton milk
>> -
>> PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
>> To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
>> the body, not the subject, of your message.
>>
>
>-
>PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
>To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
>the body, not the subject, of your message.
-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.
- Next message: Kristian Koehntopp: "Re: [PHPLIB] index.php3 test page error..."
- Previous message: Sam C. Nicholson !!: "[PHPLIB] making an auth that uses LDAP"
- In reply to: LeafWind: "Re: [PHPLIB] Would like to see Examples of User Self-Registration?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]