Thread: [Phplib-users] User Self-Registration
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
phplib-users
|
From: Virilo T. <vi...@su...> - 2003-07-21 21:42:38
|
Some years ago Daniel Cunningham wrote: (this is an extract from the original message: http://marc.theaimsgroup.com/?l=phplib&m=94101973230198 ) > ... > > I'd like for my users to be able to push a button and go to another > form and setup a username/password for their account. In > other words, self-registration, using a form, and overrides of the > auth_registerform() and auth_doregister() methods. > There are great examples of the former ( auth_loginform() and > auth_validatelogin() ) but not the latter ( auth_registerform() > and auth_doregister() ). There are also examples for an admin > type user to add user records, but that's not what we want. > We just want a form with straight-forward self-service non-privileged > "enter your own test username and password" , and once we've > validated the username against other entries in the auth_users table, > we would setup a username/password and priv="user" entry. > And also hopefully synchronize this auth_user entry with the > existing session ID so that the user is not forced to re-login via > the auth_login() and auth_validatelogin() methods. Im interested in the same. Finally he ofers us his own implementation. Has anybody a better solution? anymore about it? Thanks in advance. Sorry for my english, my spanish is better. Virilo Tejedor. Email: vi...@su... (See original message in http://marc.theaimsgroup.com/?l=phplib&m=94116860709576 ) Hi All: Regarding the user self-registration, I am glad to see other developers were wondering the same. Before I received the example from Mr. Masserelli, I pushed through with my own code to get the same effect. But I am not confident that I worked entirely with the flow of how things are done in PHPLIB, so I am eager to review Mr. Masserelli's work. Here's how I (ahem) "solved" it for our particular application: (1) We already had routines to register information on "customers" (using a different table than the PHPLIB user object does). In one of these routines, I do the following: <?php require( "../include/nbdcPhpLib-7/php/prepend.php3" ); page_open( array( "sess" => "nbdcSession", "auth" => "nbdcAuth", "perm" => "nbdcPerm" ) ); ?> <?php // We do more stuff, and we include a file with this // code inside its "createInitialAccount(...) routine. ?> <?php // Inside the utilityTblCustomers.inc file, we call // this createInitialAccount(...) routine: function createInitialAccount( $strTestLID, // Login ID $strTestPWD, // Password $strTestReminder ) { global $bDebug; global $nbdcSession; global $sess; if ( $bDebug ) { print( "\n<BR>Entering createInitialAccount..." ); echo "\n<BR>nbdcSession=$nbdcSession"; echo "\n<BR>strTestLID=$strTestLID"; echo "\n<BR>strTestPWD=$strTestPWD"; echo "\n<BR>strTestReminder=$strTestReminder"; } // $u_id = md5( uniqid( $nbdcSession ) ); $u_id = $nbdcSession; // Assume the proposed op will fail! $bIsValid = FALSE; if ( testUniqueLID( $strTestLID, 0 ) == TRUE ) { // String-ify (and eliminate spurious quotes in) the SQL fields: $fieldUID = s( $u_id ); $fieldLID = s( $strTestLID ); $fieldPWD = s( $strTestPWD ); $fieldReminder = s( $strTestReminder ); $fieldPerm = s( "user" ); // Deal with the fact that we might be *modifying* // an account (especially if the user is clicking a // back button to perform a "re-do" on their info. if ( testUniqueUID( $nbdcSession, 0 ) == TRUE ) { // Setup the query: $strQuery = "INSERT INTO auth_user VALUES ( "; $strQuery .= " $fieldUID "; $strQuery .= ", $fieldLID "; $strQuery .= ", $fieldPWD "; $strQuery .= ", $fieldReminder "; $strQuery .= ", $fieldPerm "; $strQuery .= " )"; } else { $strQuery = "UPDATE auth_user SET "; $strQuery .= " password = $fieldPWD"; $strQuery .= ", reminder = $fieldReminder"; $strQuery .= " WHERE username = $fieldLID"; } // Prolog: Prepare for upcoming SQL calls!... openDBConnection(); // NB: Ensure closeDBConnection() gets called! // NB This is a local routine, *not* PHPLIB code! // Output a pre-query diagnostic Trace in HTML: if ( $bDebug ) { echo( "\n<P>Query = " ); echo( "\"$strQuery\"...<BR>" ); } // Run the freakin' query, already! $result = doQuery( $strQuery ); if ( $result ) { $bIsValid = TRUE; $nResultingCustID = a( mysql_insert_id() ); // Output a post-query diagnostic Trace in HTML: if ( $bDebug ) { printf( "\n<BR>...created Customer ID: %d", $nResultingCustID ); } // Make a new auth object so the newly // created username/password will NOT // be forced to re-login. Note that we're // we push the expiration time forward // by a minute to avoid being invalidated. // This whole section needs review to // make sure it's being done the "best" // way for working within PHPLIB!... global $auth; $auth = new nbdcAuth; $auth->auth["uname"] = $fieldLID; $auth->auth["uid"] = $fieldUID; $tsNewTime = time() + 600; $auth->auth["exp"] = $tsNewTime; $auth->auth["perm"] = "user"; $sess->register("auth"); } else { print "\n<BR>Could not initiate creation of customer account!"; } // Epilogue: Close the connection AFTER the table is displayed closeDBConnection(); // Equiv. to: mysql_close(); } // end of re-test for testUniqueLID(...) if ( $bDebug ) { print( "\n<BR>...Exiting createInitialAccount." ); } return $bIsValid; } // end of function createInitialAccount(...) ?> Also, more thought need to be given to users who "go back" in their page sequences to "correct" things. For example, at our site, we pre-validate the proposed login ID by checking it against existing usernames. Well, if the user decides to click back, then our local testUniqueLID(...) routine will fail. This is easily corrected with a parallel routine function createInitialAccount( $strTestLID, // Login ID $strTestPWD, // Password $strTestReminder ) that makes a call to test for the existing (hopefully) singleton Login ID, namely: if ( testUniqueUID( $nbdcSession, 1 ) == TRUE ) ...instead of: if ( testUniqueUID( $nbdcSession, 0 ) == TRUE ) Hopefully, we'll get to that soon. If anyone would like details, I could make it available within a few more days (as soon as the site I am working on this for is done with its "shake down" of the initial development phase)? But actually, I am hoping to re-do this in a more "elegant" manner, once I understand PHPLIB better (in other words, I feel like I brute-forced it instead of finessing it!). Thanks to everybody for the help they provided. My thoughts? PHPLIB is pretty damn "Kewel" (as we say out here on the west coast of California). Uhhhhh, that's a good thing! :-) -- Daniel Cunningham |
|
From: Nathaniel P. <np...@te...> - 2003-07-22 16:46:22
|
----- Original Message ----- From: "Virilo Tejedor" <vi...@su...> To: <php...@li...> Sent: Monday, July 21, 2003 2:41 PM Subject: [Phplib-users] User Self-Registration > Some years ago Daniel Cunningham wrote: > > (this is an extract from the original message: > http://marc.theaimsgroup.com/?l=phplib&m=94101973230198 ) > > > ... > > > > > I'd like for my users to be able to push a button and go to another > > form and setup a username/password for their account. In > > other words, self-registration, using a form, and overrides of the > > auth_registerform() and auth_doregister() methods. > > > There are great examples of the former ( auth_loginform() and > > auth_validatelogin() ) but not the latter ( auth_registerform() > > and auth_doregister() ). There are also examples for an admin > > type user to add user records, but that's not what we want. > > > We just want a form with straight-forward self-service non-privileged > > "enter your own test username and password" , and once we've > > validated the username against other entries in the auth_users table, > > we would setup a username/password and priv="user" entry. > > > And also hopefully synchronize this auth_user entry with the > > existing session ID so that the user is not forced to re-login via > > the auth_login() and auth_validatelogin() methods. > > Im interested in the same. Finally he ofers us his own implementation. Has > anybody a better solution? anymore about it? > > > Thanks in advance. Sorry for my english, my spanish is better. > > Virilo Tejedor. Email: vi...@su... > If all you are doing is wanting to use the same form for both user login and user registration, it should be fairly straightforward. In your Auth subclass, you would set the $mode to 'reg', setup auth_registerform() to display the registration form (if this is the same as the normal login form, you could probably just have it in turn call auth_loginform() to display it), then you would set up auth_doregister() to first check to see if the login name and password provided are valid, and if they aren't, then go ahead and register the user in the system. The code might look something like this. ExampleAuth extends Auth { //...other settings variables go here var $mode = 'reg'; function auth_registerform() { //code to display the registration form goes here; usually you can just copy //and modify the code for auth_loginform() to suit your purposes. } function auth_doregister() //validate the login... you can probably use the existing //auth_validatelogin to do this if (!$uid = $this->auth_validatelogin()) { //A valid uid wasn't returned, so go ahead and register the user. //...registration code goes here; be sure to set the uid and perms for the new //user ... $uid = (something); $this->auth['perm'] = 'user'; } return $uid; //return the uid to PHPlib so that it recognizes the user as valid. } function auth_validatelogin() { //Code to login a user goes here return $uid; } ... } I have also found in working with the Auth class that this flow chart has helped me immensely: http://www.drostan.org/Application/webdev/uod/auth_phplib.php P.D. Si necesita algu'n explanacio'n en espan~ol, puedo intentar clarificar lo que dije. Quizas tendre' que buscar mi diccionario. :) _________________________________ Nathaniel Price <np...@te...> Webmaster |
|
From: Virilo T. A. <vi...@su...> - 2003-07-22 18:47:34
|
Thanks for your help. I've already seem the scheme ( http://www.drostan.org/Application/webdev/uod/auth_phplib.php ). It's so explanatory. My problem is that im using default authentication -all users begin being user: nobody- and I want allow users register/login when they prefer. In this manner you can visit the page without login, and you arent forced to register/login as first step. I've understood that I'm supposed to write a register form, and a register script (that I would like to auto login user as the new identity -like Daniel Cunningham example-) without the necessity to write doregister() function. Perhaps I will have to do the same with login form. In other words, i haven't seen in the scheme the path using reg mode and default authentication at the same time (there is no scheme for default authentication). I think that this escapes to the normal way to use phplib authentication with 'reg' mode. I would like to be mistaken! Thanks again. Virilo Tejedor. Email: vi...@su... ----- Original Message ----- From: "Nathaniel Price" <np...@te...> To: "Virilo Tejedor" <vi...@su...>; <php...@li...> Sent: Tuesday, July 22, 2003 6:51 PM Subject: Re: [Phplib-users] User Self-Registration > > ----- Original Message ----- > From: "Virilo Tejedor" <vi...@su...> > To: <php...@li...> > Sent: Monday, July 21, 2003 2:41 PM > Subject: [Phplib-users] User Self-Registration > > > > Some years ago Daniel Cunningham wrote: > > > > (this is an extract from the original message: > > http://marc.theaimsgroup.com/?l=phplib&m=94101973230198 ) > > > > > ... > > > > > > > > I'd like for my users to be able to push a button and go to another > > > form and setup a username/password for their account. In > > > other words, self-registration, using a form, and overrides of the > > > auth_registerform() and auth_doregister() methods. > > > > > There are great examples of the former ( auth_loginform() and > > > auth_validatelogin() ) but not the latter ( auth_registerform() > > > and auth_doregister() ). There are also examples for an admin > > > type user to add user records, but that's not what we want. > > > > > We just want a form with straight-forward self-service non-privileged > > > "enter your own test username and password" , and once we've > > > validated the username against other entries in the auth_users table, > > > we would setup a username/password and priv="user" entry. > > > > > And also hopefully synchronize this auth_user entry with the > > > existing session ID so that the user is not forced to re-login via > > > the auth_login() and auth_validatelogin() methods. > > > > Im interested in the same. Finally he ofers us his own implementation. Has > > anybody a better solution? anymore about it? > > > > > > Thanks in advance. Sorry for my english, my spanish is better. > > > > Virilo Tejedor. Email: vi...@su... > > > > If all you are doing is wanting to use the same form for both user login and > user registration, it should be fairly straightforward. In your Auth > subclass, you would set the $mode to 'reg', setup auth_registerform() to > display the registration form (if this is the same as the normal login form, > you could probably just have it in turn call auth_loginform() to display > it), then you would set up auth_doregister() to first check to see if the > login name and password provided are valid, and if they aren't, then go > ahead and register the user in the system. > > The code might look something like this. > > ExampleAuth extends Auth { > //...other settings variables go here > var $mode = 'reg'; > > function auth_registerform() { > //code to display the registration form goes here; usually you can > just copy > //and modify the code for auth_loginform() to suit your purposes. > } > > function auth_doregister() > //validate the login... you can probably use the existing > //auth_validatelogin to do this > if (!$uid = $this->auth_validatelogin()) { > //A valid uid wasn't returned, so go ahead and register the > user. > //...registration code goes here; be sure to set the uid and > perms for the new > //user > ... > $uid = (something); > $this->auth['perm'] = 'user'; > } > return $uid; //return the uid to PHPlib so that it recognizes the > user as valid. > } > > function auth_validatelogin() { > //Code to login a user goes here > return $uid; > } > > ... > } > > I have also found in working with the Auth class that this flow chart has > helped me immensely: > http://www.drostan.org/Application/webdev/uod/auth_phplib.php > > P.D. Si necesita algu'n explanacio'n en espan~ol, puedo intentar clarificar > lo que dije. Quizas tendre' que buscar mi diccionario. :) > > _________________________________ > Nathaniel Price <np...@te...> > Webmaster > > > > ------------------------------------------------------- > This SF.net email is sponsored by: VM Ware > With VMware you can run multiple operating systems on a single machine. > WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the > same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users |
|
From: Nathaniel P. <np...@te...> - 2003-07-22 20:00:40
|
Hmmm... I don't personally use default authentication much in any of my apps, and haven't yet done anything with it that involves self-registration, but, as far as I can tell, 'reg' mode with default auth works just like 'log' mode with default auth. In other words, it shouldn't matter what mode you use with default auth, logging in should work just the same with either. As with 'log' mode, you will still need to make sure there is a link or something to allow the user to start the login/registration process when s/he is on a page with default auth, but that should work exactly the same in either case. You'll want to experiment with it to see what works, of course, but I don't see any reason why it shouldn't. Hope that helps... _________________________________ Nathaniel Price <np...@te...> Webmaster ----- Original Message ----- From: "Virilo Tejedor Aguilera" <vi...@su...> To: "Nathaniel Price" <np...@te...>; <php...@li...> Sent: Tuesday, July 22, 2003 11:46 AM Subject: Re: [Phplib-users] User Self-Registration > Thanks for your help. > I've already seem the scheme ( > http://www.drostan.org/Application/webdev/uod/auth_phplib.php ). It's so > explanatory. > > My problem is that im using default authentication -all users begin being > user: nobody- and I want allow users register/login when they prefer. In > this manner you can visit the page without login, and you arent forced to > register/login as first step. > > I've understood that I'm supposed to write a register form, and a register > script (that I would like to auto login user as the new identity -like > Daniel Cunningham example-) without the necessity to write doregister() > function. Perhaps I will have to do the same with login form. > > In other words, i haven't seen in the scheme the path using reg mode and > default authentication at the same time (there is no scheme for default > authentication). > > I think that this escapes to the normal way to use phplib authentication > with 'reg' mode. I would like to be mistaken! > > Thanks again. > > Virilo Tejedor. Email: vi...@su... > > > ----- Original Message ----- > From: "Nathaniel Price" <np...@te...> > To: "Virilo Tejedor" <vi...@su...>; > <php...@li...> > Sent: Tuesday, July 22, 2003 6:51 PM > Subject: Re: [Phplib-users] User Self-Registration > > > > > > ----- Original Message ----- > > From: "Virilo Tejedor" <vi...@su...> > > To: <php...@li...> > > Sent: Monday, July 21, 2003 2:41 PM > > Subject: [Phplib-users] User Self-Registration > > > > > > > Some years ago Daniel Cunningham wrote: > > > > > > (this is an extract from the original message: > > > http://marc.theaimsgroup.com/?l=phplib&m=94101973230198 ) > > > > > > > ... > > > > > > > > > > > I'd like for my users to be able to push a button and go to another > > > > form and setup a username/password for their account. In > > > > other words, self-registration, using a form, and overrides of the > > > > auth_registerform() and auth_doregister() methods. > > > > > > > There are great examples of the former ( auth_loginform() and > > > > auth_validatelogin() ) but not the latter ( auth_registerform() > > > > and auth_doregister() ). There are also examples for an admin > > > > type user to add user records, but that's not what we want. > > > > > > > We just want a form with straight-forward self-service > non-privileged > > > > "enter your own test username and password" , and once we've > > > > validated the username against other entries in the auth_users > table, > > > > we would setup a username/password and priv="user" entry. > > > > > > > And also hopefully synchronize this auth_user entry with the > > > > existing session ID so that the user is not forced to re-login via > > > > the auth_login() and auth_validatelogin() methods. > > > > > > Im interested in the same. Finally he ofers us his own implementation. > Has > > > anybody a better solution? anymore about it? > > > > > > > > > Thanks in advance. Sorry for my english, my spanish is better. > > > > > > Virilo Tejedor. Email: vi...@su... > > > > > > > If all you are doing is wanting to use the same form for both user login > and > > user registration, it should be fairly straightforward. In your Auth > > subclass, you would set the $mode to 'reg', setup auth_registerform() to > > display the registration form (if this is the same as the normal login > form, > > you could probably just have it in turn call auth_loginform() to display > > it), then you would set up auth_doregister() to first check to see if the > > login name and password provided are valid, and if they aren't, then go > > ahead and register the user in the system. > > > > The code might look something like this. > > > > ExampleAuth extends Auth { > > //...other settings variables go here > > var $mode = 'reg'; > > > > function auth_registerform() { > > //code to display the registration form goes here; usually you can > > just copy > > //and modify the code for auth_loginform() to suit your purposes. > > } > > > > function auth_doregister() > > //validate the login... you can probably use the existing > > //auth_validatelogin to do this > > if (!$uid = $this->auth_validatelogin()) { > > //A valid uid wasn't returned, so go ahead and register the > > user. > > //...registration code goes here; be sure to set the uid and > > perms for the new > > //user > > ... > > $uid = (something); > > $this->auth['perm'] = 'user'; > > } > > return $uid; //return the uid to PHPlib so that it recognizes the > > user as valid. > > } > > > > function auth_validatelogin() { > > //Code to login a user goes here > > return $uid; > > } > > > > ... > > } > > > > I have also found in working with the Auth class that this flow chart has > > helped me immensely: > > http://www.drostan.org/Application/webdev/uod/auth_phplib.php > > > > P.D. Si necesita algu'n explanacio'n en espan~ol, puedo intentar > clarificar > > lo que dije. Quizas tendre' que buscar mi diccionario. :) > > > > _________________________________ > > Nathaniel Price <np...@te...> > > Webmaster > > > > > > > > ------------------------------------------------------- > > This SF.net email is sponsored by: VM Ware > > With VMware you can run multiple operating systems on a single machine. > > WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the > > same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 > > _______________________________________________ > > Phplib-users mailing list > > Php...@li... > > https://lists.sourceforge.net/lists/listinfo/phplib-users > > > > ------------------------------------------------------- > This SF.net email is sponsored by: VM Ware > With VMware you can run multiple operating systems on a single machine. > WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the > same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 > _______________________________________________ > Phplib-users mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phplib-users > |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X