I think that some of our clients just give up when they get a cryptic error message whenever they fail to login. They, I surmise, cut and paste the User ID and Password. Perhaps they add an invisible space before or after their User ID or Password. Login thus fails.

I have all my dbman transactions emailed to me as they occur. I have noticed that many register but don't/can't login successfully.

I would be very interested in the code that would remove any spaces in the USER ID and Password boxes.

Much thanks! Zane Anderson

To remove all extra spaces in the database in your cgi file within sub join_encode

after the lines:

foreach $col (@db_cols) {
$tmp = $hash{$col};

add:
$tmp =~ s/^\s+//g; # Trim leading blanks...
$tmp =~ s/\s+$//g; # Trim trailing blanks...

I'm not positive whether this will work with the password file but you could test it.

You might also want to add a cookie mod to the database. This would easily allow people to choose to remember their username and password and have it entered for them when they get to the login screen.

Perhaps you might want to make a note to let people know that once they signup .. they will then be taken to the confirmation page where they will then login using their chosen username and password. I think some people may not realize the process without some helpful notes provided by you.

For instance I use something like this with the sub html_signup_form:

print qq|<$font><B>Welcome to $html_title.</B><P>
To create your own account, simply enter in your desired username and password.<P>
Once you register you will then be asked to login using your chosen user name and password.<P>
<B>Please write down your username and password and keep it in a safe place.</B>.<P>
Whenever you want to modify your record you will need to login to the database to make your additions or changes.
<P>
Please note:<BR>
If the page reloads it may give you the message the username is already entered.<BR>
Try to <B><A HREF="$db_script_url?db=$db_setup">Log On</A></B> before choosing another name.</font>|;

And another note within sub html_signup_success

print qq| <$font>Your account has been set up!<P>
Use your username and password to log in.<P>
Once you login you can add and/or modify your listing using the navigation menu.</font>

Hope this helps you.

Unoffical DBMan FAQ

http://creativecomputingweb.com/dbman/index.shtml/

Lois, thanks for looking at this and for suggesting that I clarify things by the addition of helpful notes along the way. That I shall do.

I already had those two lines in the "sub join_encode" section of the db.cgi file. They don't seem to remove blanks from the user id or password entry boxes. (Perhaps they were a part of a mod which I use - not sure.)

Any other ideas?

I would try putting it in the auth.pl file:



JPD
----------------------------------------------------
JPDeni's DBMan-ual
How to ask questions the smart way.

I knew Carol would have a solution :)

Unoffical DBMan FAQ

http://creativecomputingweb.com/dbman/index.shtml/

Not sure if it'd work for you, but you may want to make the logins case insensitive. (so that Bob and bob are treated the same)

I have the hardest time logging into some areas because I can never remember if it's Watts or watts or whatever I typed at the time.

Hi Lois and Carol,

My son and daughter are just starting Algebra and their lower lips are protruding today. So, I showed them your posts for inspiration!

Carol, please explain to me where the lines go in auth.pl. I take it that it's in section: sub auth_check_password. Just a guess...

That's the one. The first line in the code I gave is already in the script. Don't add that. Just add the bold lines after it.

Tell your kids that algebra can be fun, once they begin to understand it. It's all just a puzzle. :-)


JPD
----------------------------------------------------
JPDeni's DBMan-ual
How to ask questions the smart way.

}
elsif ($in{'login'}) { # The user is trying to login.
$in{'userid'} =~ s/^\s+//g; # Trim leading blanks...
$in{'userid'} =~ s/\s+$//g; # Trim trailing blanks...
$in{'pw'} =~ s/^\s+//g; # Trim leading blanks...
$in{'pw} =~ s/\s+$//g; # Trim trailing blanks...
open (PASSWD, "<$auth_pw_file") || &cgierr("unable to open password file. Reason: $!\n");
@passwds = <PASSWD>; # Let's get the user id and passwords..
close PASSWD;
my ($view, $add, $mod, $del, $admin);
PASS: foreach $pass (@passwds) { # Go through each pass and see if we match..
next PASS if ($pass =~ /^$/); # Skip blank lines.
next PASS if ($pass =~ /^#/); # Skip Comment lines.
chomp ($pass);
($userid, $pw, $view, $add, $del, $mod, $admin) = split (/:/, $pass);
if (($in{'userid'} eq $userid) && (crypt($in{'pw'}, $pw) eq $pw)) {
srand( time() ^ ($$ + ($$ << 15)) ); # Seed Random Number
$db_uid = "$userid." . time() . (int(rand(100000)) + 1);# Build User Id
open(AUTH, ">$auth_dir/$db_uid") or &cgierr("unable to open auth file: $auth_dir/$uid. Reason: $!\n");
print AUTH "$uid: $ENV{'REMOTE_HOST'}\n";
close AUTH;
foreach (0 .. 3) { $permissions[$_] = int($permissions[$_]); }
&auth_logging('logged on', $userid) if ($auth_logging);
return ('ok', $db_uid, $view, $add, $del, $mod, $admin);
}
}
return ("invalid username/password"); ### This is line 78
}
elsif ($db_uid) { # The user already has a user id given by the program.
(-e "$auth_dir/$db_uid") ?
return ('ok', $db_uid, &auth_check_permissions($db_uid)) :
return ('invalid/expired user session');
}
else { # User has not logged on yet.
return 'no login';
}
}

The 4 extra lines above resulted in an error:

CGI ERROR
==========================================
Error Message : Error loading required libraries.
Check that they exist, permissions are set correctly and that they compile.
Reason: Bad evalled substitution pattern at auth.pl line 78.
Compilation failed in require at db.cgi line 39.

I employ several (of your) mods. Might there be a conlict?

I'm sure there's no conflict with other mods.

I made a typo.

$in{'userid'} =~ s/^\s+//g; # Trim leading blanks...
$in{'userid'} =~ s/\s+$//g; # Trim trailing blanks...
$in{'pw'} =~ s/^\s+//g; # Trim leading blanks...
$in{'pw'} =~ s/\s+$//g; # Trim trailing blanks...

I'm not sure you can see it, but there needs to be a single quote -- an ' -- after pw the second time.


JPD
----------------------------------------------------
JPDeni's DBMan-ual
How to ask questions the smart way.