DLG_LOGIN Dialog Component
Description
The DLG_LOGIN dialog component contains two text box controls and two buttons.
Discussion
The DLG_LOGIN dialog component accepts user name and password to support the login process. Event code checks into the customer and user_names tables to see if the user is known. If the answer is yes, the code sets the user's access rights and saves them in a cookie using the RESPONSE.ADD_COOKIE() method.
Containers
LOGIN.A5W, LOGINUSERDATA.A5W
Notable Grid Control Property Settings
Notable Component Property Settings
Submit/Reset Buttons > Submit button label
Changed from "Submit" to "Login"
Submit/Reset Buttons > Reset button label
Changed from "Reset" to "Clear"
Event Code
This Validate event code tests the user name and password for both "public" and "internal" users. The script first tests to see if the user name and password exist in the customer (public) table, then in the internal user_names table. In the case a true customer, his or her email address is the user name. All users, public and internal, have a minimum user level of 1. Customers are type "C" and internal users are type "I". This script computes the value of login_val, which is saved in a session cookie. The value of login_val is defined as: id number + | + type + | + user level. For example: "00001|I|2". The script first tests the values in the dialog's controls. If either is NULL, the script sets the currentform.has_error variable to TRUE (.T.), sets the error message, and exits. Otherwise, the script DIMs working variables and sets login_val to NULL.
if user_name = "" .or. password = "" then currentform.has_error = .t. currentform.error_message = " User name or password cannot be blank." else dim customer_values as C dim internal_values as C dim login_val as C login_val = ""
Next, the script looks into the customer and user_names tables for matches for the user_name value.
customer_values = lookup("PathAlias.ADB_Path\customer", "email =" + quote(user_name), "alltrim(password) + \"|\" + alltrim(customer_id)") internal_values = lookup("PathAlias.ADB_Path\user_names", "user_name=" + quote(user_name), "alltrim(password) + \"|\" + user_id + \"|\" + level")
If the customer user name value matches, the script computes the value of login_val and displays INDEX.A5W. The access level is initially set to 1. If there is no match in the customer table, the script next checks the user_names table and checks for a match. If a match is found, the script computes login_val. In this case the user's specific access level is inserted into login_val and displays ASWINDEX.A5W. If no match is found, the script generates an error message.
if word(customer_values, 1, "|") = password then login_val = alltrim(word(customer_values, 2, "|") ) + "|C|1" Currentform.RedirectTarget = "index.a5w" elseif word(internal_values,1,"|") = password then login_val = alltrim(word(internal_values, 2, "|") ) + "|I|" + alltrim(word(internal_values, 3, "|") ) session.targetURL = "" Currentform.RedirectTarget = "aswindex.a5w" ELSE currentform.has_error = .t. currentform.error_message = " Invalid user name or password." CurrentForm.Controls.password = "" end if
Finally, if the script has found a valid user entry in either table, it writes a cookie named login that contains login_val.
if login_val <> "" response.add_cookie("login", login_val, 0) end if end if
The AfterValidate event returns the user to the prior page. The session.targetURL variable is only used for public pages. Its value will be blank for an internal logon.
if eval_valid("session.targetURL") = .T. then if session.targetURL <> "" then CurrentForm.RedirectTarget = session.targetURL end if end if
See Also