Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 1
Login Manager – PHP Web Sample
Contents Introduction .................................................................................................................................................. 2
Login Management Framework .................................................................................................................... 3
Windows Form Application Sample .............................................................................................................. 3
PHP Web Sample .......................................................................................................................................... 3
Create Web Project ................................................................................................................................... 3
Create Login Page ..................................................................................................................................... 5
Web UI .................................................................................................................................................. 5
Use Login Manager ............................................................................................................................... 6
Login action ........................................................................................................................................... 7
Protect web pages .................................................................................................................................. 10
Log off ..................................................................................................................................................... 12
Permission Control .................................................................................................................................. 15
Create new account ................................................................................................................................ 17
Web UI ................................................................................................................................................ 17
Input verification ................................................................................................................................. 18
Show verification error ....................................................................................................................... 22
Abort on verification fails .................................................................................................................... 23
Create new account ............................................................................................................................ 25
Create database command ............................................................................................................. 25
Execute database command ........................................................................................................... 26
Set password ....................................................................................................................................... 29
Show error message ........................................................................................................................... 31
Show success message ........................................................................................................................ 33
Test ...................................................................................................................................................... 35
Reset Password – Create reset code ....................................................................................................... 41
Web UI ................................................................................................................................................ 41
Get email address ............................................................................................................................... 42
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 2
Set SQL property ............................................................................................................................. 42
Execute query action....................................................................................................................... 43
Use the email address ......................................................................................................................... 45
Hold reset code ................................................................................................................................... 47
Create reset code ................................................................................................................................ 48
Include reset code in email body ........................................................................................................ 52
Send email ........................................................................................................................................... 55
Show error message ........................................................................................................................... 56
Show success ....................................................................................................................................... 58
Test ...................................................................................................................................................... 59
Reset Password – use reset code ............................................................................................................ 61
Web UI ................................................................................................................................................ 62
Input verification ................................................................................................................................. 62
Show error message ....................................................................................................................... 63
Abort on error ................................................................................................................................. 64
Reset password ................................................................................................................................... 65
Show success ....................................................................................................................................... 69
Test ...................................................................................................................................................... 71
ASPX Web Project Sample .......................................................................................................................... 75
Introduction
This is part B2 of Login Manager document. The whole document consists of following files.
• Part A – It is a reference to the Login Management Framework. It can be downloaded from
http://www.limnor.com/support/LoginManagerPartA.PDF
• Part B1 – It contains the first part of a Windows Form Application sample. It can be downloaded
from http://www.limnor.com/support/LoginManagerPartB1.PDF
• Part B2 – It contains the second part of a Windows Form Application sample. It can be
downloaded from http://www.limnor.com/support/LoginManagerPartB2.PDF
• Part C – This file. It contains a PHP web application sample.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 3
• Part D – It contains an ASPX Web Project sample. It can be downloaded from
http://www.limnor.com/support/LoginManagerPartD.PDF
The files for sample projects are long but with little text. Most of contents are screenshots showing step
by step programming procedures of sample projects. Most steps look similar and repetitive. For
beginners, please pay attention to the highlighting in the screenshots, especially the highlighting in the
Expression Editor: the result of each operation depends on which parts of an expression are highlighted.
Login Management Framework
See http://www.limnor.com/support/LoginManagerPartA.PDF
Windows Form Application Sample
See
http://www.limnor.com/support/LoginManagerPartB1.PDF
http://www.limnor.com/support/LoginManagerPartB2.PDF
PHP Web Sample For this web sample, we’ll build web pages to let users to manage their own accounts: create new an
account; change password; create password reset code; reset password with a reset code.
Create Web Project
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 4
Create several web pages by right-clicking the project; choose Add; choose Web page:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 5
Create Login Page
Web UI
Create a new web page; give it name “WebPageLogin”:
Add some web client controls to the page to form a login UI:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 6
Use Login Manager
Add a Login Manager Component to the web page:
Set its DatabaseConnection property to the same connection we used for the Windows Forms
Application Sample:
For details on using database connections, see http://www.limnor.com/support/Limnor%20Studio%20-
%20User%20Guide%20-%20Part%20VI.pdf
Set its InactivityMinutes and LabelToShowLoginFailedMessage:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 7
Set hash algorithm to SHA256 and properties related to the user table. For details, see the Windows
Forms Application Sample: http://www.limnor.com/support/LoginManagerPartB1.PDF.
Login action
Right-click the Submit button; choose “Assign Action”; choose “onclick” event:
Choose Login method of WebLoginManager1:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 8
Pass user inputs to the action:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 9
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 10
The action is created and assigned to the button:
Protect web pages
To protect a web page, set its LoginPage property to the login web page. Before we do that, let’s see a
page without protection by running the project:
The page appears as we expected:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 11
Now we set LoginPage to the login page we developed previously:
Now let’s run the project again:
This time, instead of showing the web page, the login web page appears:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 12
Enter a user credential:
The web page appears:
Log off
Logging off can be done from any web page. Let’s use a button on Page1 to do it:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 13
Choose LogOff method of the web page:
The action is created and assigned to the button:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 14
Run the project, Page1 appears because we already logged on:
Click Log off:
Page1 disappears and the login page appears:
Note that because we set InactivityMinutes to 10, the logging off will occur automatically if there is not a
mouse or keyboard activity in 10 minutes.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 15
Permission Control
In the previous sample, “user1” is a user we created while making the Windows Forms Application
sample. See http://www.limnor.com/support/LoginManagerPartB1.PDF. The user level for “user1” is 1.
We see that “user1” may access Page1. This is because the UserLevel of Page1 is -1, indicating that the
page does not use user level control. Let’s change it to 0 to see what will happen:
The login page appears again:
We see a permission denied message:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 16
We log in as user “admin”:
This time Page1 appears because admin’s user level is 0:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 17
Create new account
We may create a web page to allow new users to create accounts.
Web UI
An EasyUpdator is used for creating a new user account. A WebLoginManager is used for setting the
password to the new account.
The properties of WebLoginMnager1 must be set to be the same as we did for the login page:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 18
Input verification
Let’s use a property to represent the result of input verification:
Rename it to “InputsVerifid”:
Change its type to Boolean:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 19
Now we do inputs verification and save the result to this new property:
Select this new property:
Use an expression to do the verifications:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 20
The first checking is to verify that the login name is not empty. We are not going to go into details. You
may see http://www.limnor.com/support/Limnor%20Studio%20-%20User%20Guide%20-
%20Part%20III.pdf for details of using the Expression Editor:
The second verification is to check that the password is not empty:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 21
The third verification to check that the confirm password matches the password:
The fourth verification is to check that the email address is not empty. That is all we want to do for this
sample:
Click OK:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 22
The action is created and assigned to the button:
Show verification error
Set ActionCondition:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 23
Click OK:
The action is created and assigned to the button:
Abort on verification fails
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 24
Rename the abort action and set its ActionCondition:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 25
Create new account
Create database command
Set EasyUpdator1’s ExecuteCommand to insert a new record on the user table:
For each field we want to set value, give a parameter name.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 26
Execute database command
Now we may assign an Execute action by the button:
Pass the user inputs to the action:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 27
The process is similar for other action parameters; we are not going into details:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 28
The action is created and assigned to the button:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 29
Set password
We may use a ResetPassword action to set the password of the new user:
Pass user inputs to the action. We are going into details.
Set the ActionCondition so that it only executes if the database command is executed successfully:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 30
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 31
The action is created and assigned to the button:
Show error message
We want to show error message in a label:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 32
Select the Text property of the label:
Select the ErrorMessage property of EasyUpdator1:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 33
The action is created and assigned to the button:
Show success message
If the error message is empty then we want to show a success message:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 34
Rename the action. Set message text. Set ActionCondition:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 35
The action is created and assigned to the button:
Test
Set the page as the start page and run the project:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 36
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 37
The page appears. Click the button without entering data. We get a message box:
This the effect of input verification.
Now let’s use an existing login name and try to create a new account. We get an error message:
Use a new login name and try it again. This time it succeeds:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 38
Let’s try to use this new account to access Page1.html:
The login page appears. Log in using the new account:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 39
Page1 appears, indicating that the new user account created successfully.
We have seen that account “user1” created by the Windows Forms Application sample can be used to
log in the PHP Web Sample. Now we created an account “user2” by the PHP Web Sample. Let’s use it to
log in to the Windows Forms Application sample:
Click “Open Form 4”. The login form appears:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 40
Enter “user2” and password; click “log in”:
Form4 appears. That is, the Windows Form application accepted the credential created by our PHP web
page.
So far, we created 3 accounts using our sample applications:
Note that actually all 3 accounts have the same password “123”. But we can see that the values for all
UserPassword are different. This is because Salt field is used.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 41
Reset Password – Create reset code
We create a web page to generate reset code and send it to the user via email.
Web UI
SendMail component can be used to send emails from a web page:
WebLoginManager can be used to create password reset code.
The properties of WebLoginManager1 must be set to the same values as we did for the login web page:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 42
Get email address
Set SQL property
We use an EasyDataSet to get email address. Set it SQL property to search for email address by login
name:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 43
Execute query action
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 44
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 45
The action is created and assigned to the button:
Use the email address
Choose “To” property of the SendMail1
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 46
Set “value” to the email of EasyDataSet1:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 47
The action is created and assigned to the button:
Hold reset code
We need to create a server side property to hold the reset code so that we may send it to the user.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 48
Rename it to ResetCode:
Create reset code
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 49
Set expirationInMinutes to 120 so that the reset code will expire in 2 hours:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 50
Set “AssignTo” to property ResetCode:
Set the ActionCondition so that it is only executed if the email address is not empty:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 51
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 52
The action is created and assigned to the button:
Include reset code in email body
Select Body property of SendMail1:
Set “value” to an expression to include ResetCode property:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 53
Click A+ a few times to create string parts. Select ResetCode property into one part:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 54
The action is created and assigned to the button:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 55
Send email
Only send email if ResetCode is not empty:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 56
The action is created and assigned to the button:
Show error message
A proper error checking should record error on each execution of the action and report it. To simplify
the sample, we skip those error checking. If the email address is empty then we display a warning
message:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 57
The action is created and assigned to the button:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 58
Show success
If the email address is not empty then we assume the reset code is generated. A proper error checking
should record error on each execution of the action and report it. To simplify the sample, we skip those
error checking.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 59
The action is created and assigned to the button:
Test
Set the start page to this new page to test it:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 60
Note that we set DebugMode to True. We did not set the SendMail properly and the email cannot be
sent. Because DebugMode is True, the reset code will be displayed in the debug window. Needless to
say, we should not turn on DebugMode for this page for production environment.
The page appears. Enter a login name and click Create:
A message box appears:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 61
We did not set the SendMail properly, and we will not receive an email for the reset code. Because we
enabled debug mode, a debug window will contain the reset code:
Reset Password – use reset code
We create a web page to allow a user to reset his/her password using a reset code.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 62
Web UI
The properties of WebLoginManager1 must be set to the same values as we did for the login web page:
Input verification
The password and confirm password must match and not empty.
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 63
Show error message
Use an expression to do verification:
We are not going into details of building the expression. The result is:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 64
The action is created and assigned to the button:
Abort on error
If input verification fails then we need to abort handling button click.
Rename the action:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 65
Set its ActionCondition to the same one for the error message:
Reset password
Method ResetPasswordByUser of WebLoginManager can be used to reset password. This method
returns a Boolean indicating success or not. Let’s use a server side property to remember the return
value for error handling purpose:
Rename the property to PasswordChanged:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 66
Change its type to Boolean:
Now let’s make it to execute a ResetPasswordByUser on button click:
Select ResetPasswordByUser:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 67
Pass user inputs to the action:
We are not going into details. The result is:
Set “AssignTo” to property PasswordChanged:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 68
Click OK:
The action is created and assigned to the button:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 69
Show success
If property PasswordChanged is true then we may display a success message:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 70
The action is created and assigned to the button:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 71
Test
Set start page to the password reset page:
Run the project
The password reset page appears. Enter reset code and other data; click Submit:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 72
We get an error message:
The reset code expired. Let’s it again:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 73
A new reset code is created:
Find the reset from our debug window:
Use this new reset code to reset the password again:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 74
This time, password changed successfully.
We may access a protected page to see if the new password works:
Login Manager – PHP Web App Sample ����
Longflow Enterprises Ltd. Page 75
The login page appears. Let’s log in using the new password:
The protected page appears. We thus know that the new password works.
ASPX Web Project Sample
See http://www.limnor.com/support/LoginManagerPartD.PDF