Using email address or login for access_user!

[Using email address or login for access_user!]

Using email address or login for access_user!

The concept is simple, an access_user class that does many different things.

The current class can be used to log people in, but could also key many things on the login.  For example, the login on a FreeBSD (or Linux) server, or for hosting people files, or putting invoices into like on a site that sells domain names, or even for creating directories like where a realtor would put all the files for each listed property.  Access_user, as it is, can really do all this special stuff!

However, let’s face it; most of us just want to restrict access to part of a normal website!  We like the idea of having multiple levels of access, but beyond that, the above mentioned special cases are, well, special cases!  For us the simplicity of having a system where users can log in with just their email address and password is very appealing!  As it is, access_user can NOT do that!

BUT IT COULD!

Actually, in Ver 1.93 we devised and tested a simple modification that would allow ALL the above with just a tiny configuration change.

You can read about it here:

http://www.webdigity.com/index.php/topic,5268.0.Using+Email+Address+to+Login.html

In Ver 1.94 we applied the SAME changes and a small mod to improve session handling at logout and allow easy use of the access_level to select data on a web page.

You can read about that here:

http://www.webdigity.com/index.php/topic,5503.0.Different+Users+-+Different+parts+of+each+page%21.html

We just finished modifying Ver 1.95 the same way with this very stable modification.  We now have four (4) live websites using this mod.

USE AT YOUR OWN RISK!  (Note: at this time Olaf does NOT support this mod. So with each new release you will need to make the same changes again & again.  We like it so much it is no big thing!)

Below are the lines we modified.

     Red we removed
     Blue we added
     Green is just comments
     and
     BLACK is unchanged!

 

Here is what we did… 

To db_config.php we added:

//aLan Tait Changes...
// Change this constant for using email add for login name
define("LOGTYP", "email"); // either "login" or "email"
// To use Email you must change "LOGIN_LENGTH" to 0 (below)
// To use email without a unique login you must modify the "users" table to either:
// Eliminate the login column; OR
// Make the login column NOT unique
 

In access_user_class.php we made these changes:

Add the following VAR statement:

var $logtyp = LOGTYP; // Change "login" or "email" on db_config.php- this property to use email as the username
 

In function check_user

case "new":
   if ($this->logtyp == "login") {
      $sql = sprintf("SELECT COUNT(*) AS test FROM %s WHERE email = '%s' OR login = '%s'", $this->table_name, $this->user_email, $this->user);
   } else {
      $sql = sprintf("SELECT COUNT(*) AS test FROM %s WHERE email = '%s'", $this->table_name, $this->user_email);
   }
break;
 

default:
   $sql = sprintf("SELECT COUNT(*) AS test FROM %s WHERE BINARY login %s = '%s' AND pw = '%s' AND active = 'y'", $this->table_name, $this->logtyp, $this->user, $this->user_pw);
}
 

In function get_access_level

function get_access_level() {
   $sql = sprintf("SELECT access_level FROM %s WHERE  login %s = '%s' AND active = 'y'", $this->table_name, $this->logtyp, $this->user);
 

In function set_user

function set_user($goto_page) {
   $_SESSION['access_level'] = $this->get_access_level();
   $_SESSION['user'] = $this->user;
 

In function reg_visit

function reg_visit($login, $pass) {
   $visit_sql = sprintf("UPDATE %s SET extra_info = '%s' WHERE login %s = '%s' AND pw = '%s'", $this->table_name, date("Y-m-d H:i:s"), $this->logtyp, $login, $pass);
 

In function log_out

function log_out() {
   unset($_SESSION['user']);
   unset($_SESSION['pw']);
   unset($_SESSION['logged_in']);
   $_SESSION = array();
 

 
In function get_user_info

function get_user_info() {
   $sql_info = sprintf("SELECT real_name, extra_info, email, id FROM %s WHERE login %s = '%s' AND pw = '%s'", $this->table_name, $this->logtyp, $this->user, $this->user_pw);
 

In function register_user

} else if ($this->logtyp == "login") {
   $sql = sprintf("INSERT INTO %s (id, login, pw, real_name, extra_info, email, access_level, active) VALUES (NULL, %s, %s, %s, %s, %s, %d, 'n')",
    $this->table_name,
   $this->ins_string($first_login),
   $this->ins_string(md5($first_password)),
   $this->ins_string($first_name),
   $this->ins_string($first_info),
   $this->ins_string($this->user_email),
   DEFAULT_ACCESS_LEVEL);
}  else {
   $sql = sprintf("INSERT INTO %s (id, pw, real_name, extra_info, email, access_level, active) VALUES (NULL, %s, %s, %s, %s, %d, 'n')",
   $this->table_name,
   $this->ins_string(md5($first_password)),
   $this->ins_string($first_name),
   $this->ins_string($first_info),
   $this->ins_string($this->user_email),
   DEFAULT_ACCESS_LEVEL);
}
$ins_res = mysql_query($sql) or die(mysql_error());
 

In function check_activation_password

if ($this->check_user("new_pass")) {
// this is a fix for version 1.76
   $sql_get_user = sprintf("SELECT login %s FROM %s WHERE MD5(pw) = '%s' AND id = %d", $this->logtyp, $this->table_name, $this->user_pw, $this->id);
   $get_user = mysql_query($sql_get_user);
   $this->user = mysql_result($get_user, 0, "login" $this->logtyp); // end fix
return true;
 

That's it!  Now remember to modify your database table and either remove the unique key from the login column (if you want to use it for something else) or just remove the login column completely!

If you use the Admin Page you will need a few mods there too!

Enjoy!

[admin_user.php]

Here is what you need to do to modify the admin_user.php page to work with the email login above...

In admin_user.php we made these changes:

Add the following VAR statement:

var $activation;
var $logtyp = LOGTYP; // Change "login" or "email" on db_config.php- this property to use email as the username
var $type;
 

In function get_userdata

function get_userdata($for_user, $type = "login") {
   if ($type == "login") {
      $sql = sprintf("SELECT id, login %s, email, access_level, active FROM %s WHERE login %s = '%s'", $this->logtyp, $this->table_name, $this->logtyp, trim($for_user));
   } else {
      $sql = sprintf("SELECT id, login %s, email, access_level, active FROM %s WHERE id = %d", $this->logtyp, $this->table_name, intval($for_user));
   

AND
 

if ($this->logtyp == "login") {
   $this->user_name = $obj->login;
} else {
   $this->user_name = $obj->email;
}
 

In $admin_update

$admin_update->get_userdata($_POST['login_name user_id'], "user_id"); // this is needed to get the modified data after update
 

That's it!  The form will work correctly now! But you might want to change some of the HTML to reflect the email!

Enjoy!

[Guest]

[36.906]

Yahoo crawler, Baidu Spider, adsense, Msnbot, Googlebot