Login Manager – PHP Web Sample - Limnor · Login Manager – PHP Web App Sample Longflow...

Login Manager – PHP Web App Sample ��

Longflow Enterprises Ltd. Page 1

Login Manager – PHP Web Sample

Contents Introduction .................................................................................................................................................. 2

Login Management Framework .................................................................................................................... 3

Windows Form Application Sample .............................................................................................................. 3

PHP Web Sample .......................................................................................................................................... 3

Create Web Project ................................................................................................................................... 3

Create Login Page ..................................................................................................................................... 5

Web UI .................................................................................................................................................. 5

Use Login Manager ............................................................................................................................... 6

Login action ........................................................................................................................................... 7

Protect web pages .................................................................................................................................. 10

Log off ..................................................................................................................................................... 12

Permission Control .................................................................................................................................. 15

Create new account ................................................................................................................................ 17

Web UI ................................................................................................................................................ 17

Input verification ................................................................................................................................. 18

Show verification error ....................................................................................................................... 22

Abort on verification fails .................................................................................................................... 23

Create new account ............................................................................................................................ 25

Create database command ............................................................................................................. 25

Execute database command ........................................................................................................... 26

Set password ....................................................................................................................................... 29

Show error message ........................................................................................................................... 31

Show success message ........................................................................................................................ 33

Test ...................................................................................................................................................... 35

Reset Password – Create reset code ....................................................................................................... 41

Web UI ................................................................................................................................................ 41

Get email address ............................................................................................................................... 42



Set SQL property ............................................................................................................................. 42

Execute query action....................................................................................................................... 43

Use the email address ......................................................................................................................... 45

Hold reset code ................................................................................................................................... 47

Create reset code ................................................................................................................................ 48

Include reset code in email body ........................................................................................................ 52

Send email ........................................................................................................................................... 55

Show error message ........................................................................................................................... 56

Show success ....................................................................................................................................... 58

Test ...................................................................................................................................................... 59

Reset Password – use reset code ............................................................................................................ 61

Web UI ................................................................................................................................................ 62

Input verification ................................................................................................................................. 62

Show error message ....................................................................................................................... 63

Abort on error ................................................................................................................................. 64

Reset password ................................................................................................................................... 65

Show success ....................................................................................................................................... 69

Test ...................................................................................................................................................... 71

ASPX Web Project Sample .......................................................................................................................... 75

Introduction

This is part B2 of Login Manager document. The whole document consists of following files.

• Part A – It is a reference to the Login Management Framework. It can be downloaded from

http://www.limnor.com/support/LoginManagerPartA.PDF

• Part B1 – It contains the first part of a Windows Form Application sample. It can be downloaded

from http://www.limnor.com/support/LoginManagerPartB1.PDF

• Part B2 – It contains the second part of a Windows Form Application sample. It can be

downloaded from http://www.limnor.com/support/LoginManagerPartB2.PDF

• Part C – This file. It contains a PHP web application sample.



• Part D – It contains an ASPX Web Project sample. It can be downloaded from

http://www.limnor.com/support/LoginManagerPartD.PDF

The files for sample projects are long but with little text. Most of contents are screenshots showing step

by step programming procedures of sample projects. Most steps look similar and repetitive. For

beginners, please pay attention to the highlighting in the screenshots, especially the highlighting in the

Expression Editor: the result of each operation depends on which parts of an expression are highlighted.

Login Management Framework

See http://www.limnor.com/support/LoginManagerPartA.PDF

Windows Form Application Sample

See

http://www.limnor.com/support/LoginManagerPartB1.PDF

http://www.limnor.com/support/LoginManagerPartB2.PDF

PHP Web Sample For this web sample, we’ll build web pages to let users to manage their own accounts: create new an

account; change password; create password reset code; reset password with a reset code.

Create Web Project



Create several web pages by right-clicking the project; choose Add; choose Web page:



Create Login Page

Web UI

Create a new web page; give it name “WebPageLogin”:

Add some web client controls to the page to form a login UI:



Use Login Manager

Add a Login Manager Component to the web page:

Set its DatabaseConnection property to the same connection we used for the Windows Forms

Application Sample:

For details on using database connections, see http://www.limnor.com/support/Limnor%20Studio%20-

%20User%20Guide%20-%20Part%20VI.pdf

Set its InactivityMinutes and LabelToShowLoginFailedMessage:



Set hash algorithm to SHA256 and properties related to the user table. For details, see the Windows

Forms Application Sample: http://www.limnor.com/support/LoginManagerPartB1.PDF.

Login action

Right-click the Submit button; choose “Assign Action”; choose “onclick” event:

Choose Login method of WebLoginManager1:



Pass user inputs to the action:





The action is created and assigned to the button:

Protect web pages

To protect a web page, set its LoginPage property to the login web page. Before we do that, let’s see a

page without protection by running the project:

The page appears as we expected:



Now we set LoginPage to the login page we developed previously:

Now let’s run the project again:

This time, instead of showing the web page, the login web page appears:



Enter a user credential:

The web page appears:

Log off

Logging off can be done from any web page. Let’s use a button on Page1 to do it:



Choose LogOff method of the web page:




Run the project, Page1 appears because we already logged on:

Click Log off:

Page1 disappears and the login page appears:

Note that because we set InactivityMinutes to 10, the logging off will occur automatically if there is not a

mouse or keyboard activity in 10 minutes.



Permission Control

In the previous sample, “user1” is a user we created while making the Windows Forms Application

sample. See http://www.limnor.com/support/LoginManagerPartB1.PDF. The user level for “user1” is 1.

We see that “user1” may access Page1. This is because the UserLevel of Page1 is -1, indicating that the

page does not use user level control. Let’s change it to 0 to see what will happen:

The login page appears again:

We see a permission denied message:



We log in as user “admin”:

This time Page1 appears because admin’s user level is 0:



Create new account

We may create a web page to allow new users to create accounts.

Web UI

An EasyUpdator is used for creating a new user account. A WebLoginManager is used for setting the

password to the new account.

The properties of WebLoginMnager1 must be set to be the same as we did for the login page:



Input verification

Let’s use a property to represent the result of input verification:

Rename it to “InputsVerifid”:

Change its type to Boolean:



Now we do inputs verification and save the result to this new property:

Select this new property:

Use an expression to do the verifications:



The first checking is to verify that the login name is not empty. We are not going to go into details. You

may see http://www.limnor.com/support/Limnor%20Studio%20-%20User%20Guide%20-

%20Part%20III.pdf for details of using the Expression Editor:

The second verification is to check that the password is not empty:



The third verification to check that the confirm password matches the password:

The fourth verification is to check that the email address is not empty. That is all we want to do for this

sample:

Click OK:




Show verification error

Set ActionCondition:



Click OK:


Abort on verification fails



Rename the abort action and set its ActionCondition:



Create new account

Create database command

Set EasyUpdator1’s ExecuteCommand to insert a new record on the user table:

For each field we want to set value, give a parameter name.



Execute database command

Now we may assign an Execute action by the button:

Pass the user inputs to the action:



The process is similar for other action parameters; we are not going into details:






Set password

We may use a ResetPassword action to set the password of the new user:

Pass user inputs to the action. We are going into details.

Set the ActionCondition so that it only executes if the database command is executed successfully:






Show error message

We want to show error message in a label:



Select the Text property of the label:

Select the ErrorMessage property of EasyUpdator1:




Show success message

If the error message is empty then we want to show a success message:



Rename the action. Set message text. Set ActionCondition:




Test

Set the page as the start page and run the project:





The page appears. Click the button without entering data. We get a message box:

This the effect of input verification.

Now let’s use an existing login name and try to create a new account. We get an error message:

Use a new login name and try it again. This time it succeeds:



Let’s try to use this new account to access Page1.html:

The login page appears. Log in using the new account:



Page1 appears, indicating that the new user account created successfully.

We have seen that account “user1” created by the Windows Forms Application sample can be used to

log in the PHP Web Sample. Now we created an account “user2” by the PHP Web Sample. Let’s use it to

log in to the Windows Forms Application sample:

Click “Open Form 4”. The login form appears:



Enter “user2” and password; click “log in”:

Form4 appears. That is, the Windows Form application accepted the credential created by our PHP web

page.

So far, we created 3 accounts using our sample applications:

Note that actually all 3 accounts have the same password “123”. But we can see that the values for all

UserPassword are different. This is because Salt field is used.



Reset Password – Create reset code

We create a web page to generate reset code and send it to the user via email.

Web UI

SendMail component can be used to send emails from a web page:

WebLoginManager can be used to create password reset code.

The properties of WebLoginManager1 must be set to the same values as we did for the login web page:



Get email address

Set SQL property

We use an EasyDataSet to get email address. Set it SQL property to search for email address by login

name:



Execute query action






Use the email address

Choose “To” property of the SendMail1



Set “value” to the email of EasyDataSet1:




Hold reset code

We need to create a server side property to hold the reset code so that we may send it to the user.



Rename it to ResetCode:

Create reset code



Set expirationInMinutes to 120 so that the reset code will expire in 2 hours:



Set “AssignTo” to property ResetCode:

Set the ActionCondition so that it is only executed if the email address is not empty:






Include reset code in email body

Select Body property of SendMail1:

Set “value” to an expression to include ResetCode property:



Click A+ a few times to create string parts. Select ResetCode property into one part:






Send email

Only send email if ResetCode is not empty:




Show error message

A proper error checking should record error on each execution of the action and report it. To simplify

the sample, we skip those error checking. If the email address is empty then we display a warning

message:






Show success

If the email address is not empty then we assume the reset code is generated. A proper error checking

should record error on each execution of the action and report it. To simplify the sample, we skip those

error checking.




Test

Set the start page to this new page to test it:



Note that we set DebugMode to True. We did not set the SendMail properly and the email cannot be

sent. Because DebugMode is True, the reset code will be displayed in the debug window. Needless to

say, we should not turn on DebugMode for this page for production environment.

The page appears. Enter a login name and click Create:

A message box appears:



We did not set the SendMail properly, and we will not receive an email for the reset code. Because we

enabled debug mode, a debug window will contain the reset code:

Reset Password – use reset code

We create a web page to allow a user to reset his/her password using a reset code.



Web UI

The properties of WebLoginManager1 must be set to the same values as we did for the login web page:

Input verification

The password and confirm password must match and not empty.



Show error message

Use an expression to do verification:

We are not going into details of building the expression. The result is:




Abort on error

If input verification fails then we need to abort handling button click.

Rename the action:



Set its ActionCondition to the same one for the error message:

Reset password

Method ResetPasswordByUser of WebLoginManager can be used to reset password. This method

returns a Boolean indicating success or not. Let’s use a server side property to remember the return

value for error handling purpose:

Rename the property to PasswordChanged:



Change its type to Boolean:

Now let’s make it to execute a ResetPasswordByUser on button click:

Select ResetPasswordByUser:



Pass user inputs to the action:

We are not going into details. The result is:

Set “AssignTo” to property PasswordChanged:



Click OK:




Show success

If property PasswordChanged is true then we may display a success message:






Test

Set start page to the password reset page:

Run the project

The password reset page appears. Enter reset code and other data; click Submit:



We get an error message:

The reset code expired. Let’s it again:



A new reset code is created:

Find the reset from our debug window:

Use this new reset code to reset the password again:



This time, password changed successfully.

We may access a protected page to see if the new password works:



The login page appears. Let’s log in using the new password:

The protected page appears. We thus know that the new password works.

ASPX Web Project Sample

See http://www.limnor.com/support/LoginManagerPartD.PDF

Date post:	15-Sep-2019
Category:	Documents
Upload:	others
View:	5 times
Download:	0 times

Login Manager – PHP Web Sample - Limnor · Login Manager – PHP Web App Sample Longflow...

Documents