4 Replies Latest reply on Jun 22, 2010 4:05 AM by David_F57

    Log in form, working just need to expand.

    djh88ukwb Level 1

      Hello all,

       

      I have built a flex log in screen, but need to expand it a bit.

       

      At the moment it takes the values from the form (username and password) and looks in a database if those values are their and returns either true or false,  flex then looks at this value and either directs you to a new state or brings an error.

       

      This is all fine,  btu in my database i have added an extra field "level"  so now i have "username" "password" "level"

       

      basically depending on what level you are i want you to see a different state.

       

      Here is my code so far.

       

      <?xml version="1.0" encoding="utf-8"?>
      <s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"
                     xmlns:s="library://ns.adobe.com/flex/spark"
                     xmlns:mx="library://ns.adobe.com/flex/mx" width="1024" height="768">
          <s:states>
              <s:State name="State1"/>
              <s:State name="Logged"/>
          </s:states>
          <fx:Declarations>
              <mx:HTTPService id="loginService" url="login.php" method="POST" result="loginResult(event)">
                  <mx:request xmlns="">
                      <user>{username}</user>
                      <pass>{password}</pass>
                  </mx:request>
              </mx:HTTPService>
          </fx:Declarations>
         
          <fx:Script>
              <![CDATA[
                  import mx.rpc.events.ResultEvent;
                  import mx.controls.Alert;
                 
                  [Bindable] public var username:String;
                  [Bindable] public var password:String;
                 
                  private function tryLogin():void
                  {
                      username = usernameLogin.text;
                      password = passwordLogin.text;
                      usernameLogin.text = "";
                      passwordLogin.text = "";
                      loginService.send();
                  }
                  private function loginResult(evt:ResultEvent):void
                  {
                      if (evt.result.status == true)
                      {
                          currentState='Logged';   
                      }           
                      else
                      {
                          Alert.show("Login failedl", "Failure");
                      }
                  }
              ]]>
          </fx:Script>
         
          <fx:Style source="style.css" />
          <s:Panel x="387" y="242" width="250" height="146" title="Log in" dropShadowVisible="true" borderVisible="true" includeIn="State1">
              <s:Label x="10" y="25" text="Username:" fontFamily="Arial" fontSize="13"/>
              <s:Label x="10" y="55" text="Password:" fontFamily="Arial" fontSize="13"/>
              <s:TextInput x="85" y="20" width="153" restrict="a-z0-9A-Z" fontFamily="Arial" fontSize="13" fontWeight="bold" id="usernameLogin"/>
              <s:TextInput x="85" y="50" width="153" restrict="a-z0-9A-Z" displayAsPassword="true" fontFamily="Arial" fontSize="13" fontWeight="bold" id="passwordLogin"/>
              <s:Button x="168" y="81" label="Login" click="tryLogin()"/>
             
          </s:Panel>
          <s:Label includeIn="Logged" x="101" y="134" text="Welcome"/>
      </s:Application>

       

      and my php script

       

      <?php
      $hostname_conn = "localhost";
          $username_conn = "";
          $password_conn = "";

          $conn = mysql_connect($hostname_conn, $username_conn, $password_conn);

          mysql_select_db("videochat");

          //mysql_real_escape_string POST'ed data for security purposes
          $user = mysql_real_escape_string($_POST["user"]);
          $pass = mysql_real_escape_string($_POST["pass"]);

          //a little more security
          $code_entities_match = array('--','"','!','@','#','$','%','^','&','*','(',')','_','+','{','}','|',':','"','<','> ','?','[',']','\\',';',"'",',','.','/','*','+','~','`','=');
          $user = str_replace($code_entities_match, "", $user);
          $pass = str_replace($code_entities_match, "", $pass);

          $query = "SELECT * FROM usernames WHERE username = '$user' AND password = '$pass'";

          $result = mysql_query($query);

          $logged = mysql_num_rows($result);

          if ($logged == 1)
          {
              echo "<status>true</status>";
          }
          else
          {
              echo "<status>false</status>";
          }
          ?>

       

       

      Now i know i need to epxnad both, so that the php returns their level, but i am getting a bit stuck, any help ?

       

      Thanks

        • 1. Re: Log in form, working just need to expand.
          djh88ukwb Level 1

          Ok, i have expanded on this, but getting an error=[

           

          I have changed my php code to the following

           

          <?php
          $hostname_conn = "localhost";
              $username_conn = "";
              $password_conn = "";

              $conn = mysql_connect($hostname_conn, $username_conn, $password_conn);

              mysql_select_db("videochat");

              //mysql_real_escape_string POST'ed data for security purposes
              $user = mysql_real_escape_string($_POST["user"]);
              $pass = mysql_real_escape_string($_POST["pass"]);

              //a little more security
              $code_entities_match = array('--','"','!','@','#','$','%','^','&','*','(',')','_','+','{','}','|',':','"','<','> ','?','[',']','\\',';',"'",',','.','/','*','+','~','`','=');
              $user = str_replace($code_entities_match, "", $user);
              $pass = str_replace($code_entities_match, "", $pass);

              $query = "SELECT * FROM usernames WHERE username = '$user' AND password = '$pass'";

              $result = mysql_query($query);

              $logged = mysql_num_rows($result);

              if ($logged == 1)
              {
                  echo "<status>true</status>";
                  echo "<level> ".$result['level']." </level>";
              }
              else
              {
                  echo "<status>false</status>";
              }
              ?>

           

          Added a <level> </level> on the echo's, and this is supposed to pull the value in the database under the field "level"

           

          I have also added this to my flex app

           

                      private function loginResult(evt:ResultEvent):void
                      {
                          if (evt.result.status == true && evt.result.level == 'candidate')
                          {
                              currentState='Logged';   
                          }           
                          else
                          {
                              Alert.show("Login failedl", "Failure");
                          }
                      }

           

           

          Although when i try to log in, it brings the failed message =[

           

          ANy reason why ?

          • 2. Re: Log in form, working just need to expand.
            David_F57 Level 5

            hi,

             

            this is an example using zend services

             

            <?xml version="1.0" encoding="utf-8"?>

            <s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"

               xmlns:s="library://ns.adobe.com/flex/spark"

               xmlns:mx="library://ns.adobe.com/flex/mx" minWidth="955" minHeight="600" xmlns:valueObjects="valueObjects.*" xmlns:usersservice="services.usersservice.*">

            <fx:Script>

            <![CDATA[

            import mx.controls.Alert;

            import mx.rpc.events.ResultEvent;

             

            protected function button_clickHandler(event:MouseEvent):void

            {

            checkUserResult.token = usersService.checkUser(email.text,password.text);

            }

             

             

            protected function checkUserResult_resultHandler(event:ResultEvent):void

            {

            if (checkUserResult.lastResult != null)

            {

            currentState="success" ;

            ti.text="welcome back, "+ event.result.UserName;

            }

            else

            currentState="fail";

            }

             

            protected function button1_clickHandler(event:MouseEvent):void

            {

            currentState="State1";

            }

             

            ]]>

             

            </fx:Script>

            <s:states>

            <s:State name="State1"/>

            <s:State name="success"/>

            <s:State name="fail"/>

            </s:states>

             

            <fx:Declarations>

            <valueObjects:Users id="users"/>

            <usersservice:UsersService id="usersService" fault="Alert.show(event.fault.faultString + '\n' + event.fault.faultDetail)" showBusyCursor="true"/>

            <s:CallResponder id="checkUserResult" result="checkUserResult_resultHandler(event)"/>

            </fx:Declarations>

             

            <s:Panel width="350" horizontalCenter="0" verticalCenter="0" title="User Authentification" includeIn="State1">

            <mx:Form defaultButton="{login_btn}" verticalGap="10" width="100%">

            <mx:FormItem label="Email">

            <s:TextInput id="email" width="240"/>

            </mx:FormItem>

            <mx:FormItem label="Password">

            <s:TextInput id="password" width="121"/>

            </mx:FormItem>

            <s:HGroup width="100%" paddingTop="2" paddingLeft="2" paddingBottom="2" paddingRight="2">

            <s:Button label="login" id="login_btn" click="button_clickHandler(event)" width="100"/>

            <mx:Spacer width="100%"/>

            <s:Button label="cancel" id="cancel_btn" click="button_clickHandler(event)" width="100"/>

            </s:HGroup>

            </mx:Form>

            </s:Panel>

            <s:Button includeIn="fail" y="291" label="Go Back" horizontalCenter="0" click="button1_clickHandler(event)"/>

            <s:Label includeIn="fail" y="239" text="No Such User" horizontalCenter="0" fontSize="24" textAlign="center" color="#B11C1C" fontWeight="bold"/>

            <s:TextArea includeIn="success" x="500" y="147" id="ti"/>

            </s:Application>

            php:
            public function checkUser($email,$pass) {
            $stmt = mysqli_prepare($this->connection, "SELECT * FROM $this->tablename where EMail=? and Password=?");
            $this->throwExceptionOnError();
            mysqli_stmt_bind_param($stmt, 'ss', $email, $pass);
            $this->throwExceptionOnError();
            mysqli_stmt_execute($stmt);
            $this->throwExceptionOnError();
            mysqli_stmt_bind_result($stmt, $row->ID, $row->Level, $row->UserName, $row->EMail, $row->Password);
            if(mysqli_stmt_fetch($stmt)) {
                  return $row;
            } else {
                  return null;
            }
            David.

            • 3. Re: Log in form, working just need to expand.
              djh88ukwb Level 1

              Whats the difference between this, and what i was using  ? m

               

              Im sorry ?

              • 4. Re: Log in form, working just need to expand.
                David_F57 Level 5

                hi,

                 

                 

                Its muchness over muchness(except amf is better than http request ), I just return the record and don't have to do much at the client end. I just added the php to show where it fitted in the client side of things.  PLus It was just for a comparison, the only difference that needs to be added is the switch statement for states.

                 

                so on return

                 

                switch(level)

                {

                case 0: currentState = "level0";

                             break;

                case 1: currentState = "level1";

                             break;

                case 2: currentState = "level2";

                             break;

                case 3: currentState = "level3";

                             break;

                default : currentSate ="denyAccess";
                }

                 

                David.