Forums
This topic is locked
PHAkt issues with logins and searches
Posted 03 Jul 2002 21:14:30
1
has voted
03 Jul 2002 21:14:30 Jason Baxter posted:
Hi, First of all, PHAkt rocks.
My first problem is creating a search page. I have been ollowing the reference guide packed with PHAkt, and although I can get the overall search function working, I can't use more than two parameters (form objects) for the search.
My second problem is with the login page. In my database I've created columns for username and password. For testing purposes, each row has a different username but the same password. I've followed the steps to create the "Server Behavior->Log In User" and the page it points to displays the records corresponding to the username. The problem is on the login page, if I submit with nothing in username or password fields, it still opens a record page with the first item in my database. I have used the "Validate Form" behavior, but I'm still able to submit the form. I further tested by leaving the username blank but putting in the common password and it opens the first record with that corresponding password.
To wrap this up, my questions are this:
How can I create a search with more than two variables with PHAkt?
How can I create a login page that is more secure with PHAkt?
Cheers
Replies
Replied 04 Jul 2002 09:56:08
04 Jul 2002 09:56:08 Julio Taylor replied:
As far as i am aware, your search variables are entirely dependent on your SQL. You can create a query-by-form statement in the results page, simply using the variables which you are passing through fromv the searach page using url GET variables:
SELECT *
FROM table
WHERE field_1 LIKE '%Variable_1%' OR field_2 LIKE '%Variable_2%' OR field_3 LIKE '%Variable_3%'
for the sake of the example, the above SQL uses 3 variables, are taken from GET urls (use GET on your search form as the method). You can request the URL GET variables in the SQL like this:
Name Default Run-time value
-------------------------------------------------------------------------------------
Variable_1 '%' $HTTP_GET_VARS["form_field_1"]
Variable_2 '%' $HTTP_GET_VARS["form_field_2"]
and so forth....
This will return all the records in which contain any of the above values in thei respective fields, you can replce the "LIKE" operators with "=" or "NOT" to change your search specifications. Also remember to remove the '%' wildcards from the syntax as it's likely to fuck up your code.
cheers,
------------------------
Poolio
MSN:
www.eliziumdesign.com
SELECT *
FROM table
WHERE field_1 LIKE '%Variable_1%' OR field_2 LIKE '%Variable_2%' OR field_3 LIKE '%Variable_3%'
for the sake of the example, the above SQL uses 3 variables, are taken from GET urls (use GET on your search form as the method). You can request the URL GET variables in the SQL like this:
Name Default Run-time value
-------------------------------------------------------------------------------------
Variable_1 '%' $HTTP_GET_VARS["form_field_1"]
Variable_2 '%' $HTTP_GET_VARS["form_field_2"]
and so forth....
This will return all the records in which contain any of the above values in thei respective fields, you can replce the "LIKE" operators with "=" or "NOT" to change your search specifications. Also remember to remove the '%' wildcards from the syntax as it's likely to fuck up your code.
cheers,
------------------------
Poolio
MSN:
www.eliziumdesign.com