| home -> documentation -> language reference -> LOGIN tag |
 Description
The LOGIN tag is used to grant user access to a private site. Moreover, this element is a fundamental piece in the control mechanism of access privileges. When you include a LOGIN element in your code, the tag is replaced with a link that contains the necesary information to authenticate the user. This information is encrypted with the site key defined in the DBSP Configuration application for the corresponding site.
Syntax
|
<#LOGIN ALIAS="AliasName" QUERYID="QueryNumber" [DOC="DocName"] [QUERYIDLOG="QueryNoLog"]/>
|
| ALIAS |
This property defines in wich database
the sentence will be executed. The database is referenced by the alias
name. This alias name must be previously configured
with the DBSP Configurator application. |
| QUERYID |
This is the reference to a SQL sentence that is used to validate the user credentials. When the query is executed
and returns at least one record, the access is granted. Otherwise (no records), the access is denied.
|
| DOC |
Define in DOC the page that you want to display allways after a successful login.
|
| QUERYIDLOG |
Specify in QUERYIDLOG the id of a SQL sentence to execute after a successful login. This feature is commonly used for building access logs.
|
|
Note: After the LOGIN has been successful (the query retuns at least one record) all the information retreived by the query is stored on the SESSION object.
This information could be later used while the session remains active.
|
When login fails
After the LOGIN fails, a reason code is stored in the variable LOGINFAILED inside the SESSION object. Here are the SESSION.LOGINFAILED possible codes:
| 11001 |
Invalid username/password combination. The SQL Statement specified in the LOGIN tag did not return any row. In this case, you must notify the user that the authentication data provided is invalid. |
| 11002 |
Session expired. In this case, the user was previously authenticated but the server has not received activity from the user in more time than the specified in the site TIMEOUT setting. So the DBSP engine has killed the session for security reasons and the user must provide his authentication information again. You can change the time out setting using the DBSP Configuration tool. |
| 11003 |
Could not login into the system. This error occurs if the site is not configured properly. Make sure that: 1) Your site is pointing out to the right directory and the site configuration settings are correct. 2) Your web server have been restarted after the changes has been made. |
|
Note: Particularly in Microsoft IIS, virtual paths are incompatible with the DBSP security model. We recommend creating a new site instead using virtual paths.
|
References
LOGOUT
USERLIST
SESSION object
Applications
The LOGIN tag is used for private sites where access control is a requirement.
This tag performs the authentication of the user and logs him into the system. If you
want to know more about private sites, please go to the Enviroment Guide in the section: Building private sites.
Examples
Example 1. A snippet from the DBSPTech site.
Here you have the login snippet extracted from DBSPTech site default page. However, it has been modified for the example purposes.
 Source code
File: examples/login.dbsp
<form method="post" name="frmLoginPage" action="<#LOGIN ALIAS=DBSPTECH QUERYID=1>">
<#IF EXPRESSION="(SESSION.LOGINFAILED!=UNDEF)">
<#CASE>
<#OPTION EXPRESSION="SESSION.LOGINFAILED=11001">
<span class="required"><b>Invalid session or account inactive!</b></span>
<#/OPTION>
<#OPTION EXPRESSION="SESSION.LOGINFAILED=11002">
<span class="required"><b>Your session has expired! Please log in again.</b></span>
<#/OPTION>
<#/CASE>
<#/IF>
<div align="right"><br><B>e-mail</B>
<input type="text" name="txtEMAIL" maxlength="64" size="25"></div>
<div align="right"><B>password</B>
<input type="password" name="txtPASSWORD" maxlength="32" size="25"></div>
</form>
|
SQL Sentence: ID=1
|
SELECT USERID, USERFULLNAME
FROM DBSPUSERS
WHERE
USREMAIL= <#TXTEMAIL/> AND
USRPASSWORD = <#txtPASSWORD/>
|
 Test the example using your DBSPTech account!
|
