| 10 reasons for using DBSP® |
| DBSP® FAQs |
| DBSP® Versions |
 |
| 10 reasons for using DBSP® |
| DBSP® FAQs |
| DBSP® Versions |
|
 |
 |
|
| Home I Company I Services I Documentation I Downloads I E-Support |
| home -> documentation -> environment guide -> Granting access to the user: LOGIN tag | ||||||||||||||||||||||||||||||||||||||||||||
|
First of all we need to build the login SQL statement based in some table structure. So we need to create or use a table suitable for this purpose. Imagine the following table: Table Name: USERS
Based on this structure and data, a valid login query would be:
where TXTUSER and TXTPASSWORD are variables of type string. The authentication will work on this way:
Each user that access to a DBSP site implicitly creates a session object linked to its browser. This session object is responsible for the storage of information relative to the actual session: session ID (A uniquely identification string for the session) , IP address, browser name, time of last request, etc. But the session object has another interesting feature: all the column values selected in the login query will be automatically stored in the session object. For example: Suppose that the TXTUSER and TXTPASSWORD contains the "aheart" and "angiehart" values. The login SQL statement will return the values:
USRID = 3 So, after the authentication has been performed (and the query executed), the session object will automatically store all this values:
If you want to know more about the session object, click here.
Now, let's create the DBSP page that will request the login information. As the first step of the authentication scheme states, it is necessary to have a login page. This page will collect the user credentials and send it back to the server. The LOGIN tag will indicate to the server that the user is trying to create a valid session into the system. We will generally use this element in conjunction with an HTML form with the post type method. The syntax is very simple:
Here, anALIAS is the alias referring to the database where the user information is contained (the users table database alias). AQuery is the SQL sentence that will be used to validate the credentials of the user. The rest of the properties are optional but useful in some circumstances. The QueryIDlog is a reference to SQL sentence that will be executed after a successful login has been made (this means that after the execution of the SQL Sentence referred in the QueryID property, the sentence return at least one record). This property could be used to create an access log. Finally, the DOC property will force some document to be always displayed after a successful login. This will alter the normal flow of the system. Remember that the login page is displayed when a private page has been requested and no valid session exists for the current user. So, after a successful authentication, the original requested page will be displayed. By using the DOC property instead, you will ignore the original requested page, and you will always display the indicated page. This could be useful for example, when the system has a main menu, and displaying this menu is a must. The following code shows you an example of how to create a login form. The SESSION.LOGINFAILED variable is explained after the example.
As you can see in the example, there is a variable named LOGINFAILED inside the SESSION object. This variable holds an integer number and appears where the login could not be performed for these reasons:
|
