Xataface Forums

I'm trying to implement User Registration on a database and have been following along with http://xataface.com/documentation/how-to/user_registration

However, I'm finding it not clear and apparently missing some pertinent details about just how to accomplish this. For example, the following code snippet:

Code: Select all

/**
* Permissions for records of the user table.
*/
function getPermissions(&$record){
   
    if ( isAdmin() or ( $record and ($record->strval('username') == getUsername()))) {
        $perms = Dataface_PermissionsTool::ALL();
    } else {
        $perms = Dataface_PermissionsTool::READ_ONLY();
    }
    $perms['new'] = 1; // Everyone gets the 'new' permission or registration won't work
    return $perms;
}
   
/**
* Permissions for the username field.
*/
function username__permissions(&$record){
    $perms = $this->role__permissions(&$record);
    $perms['new'] = 1; // Everyone gets the 'new' permission
    return $perms;
   
}

/**
* Permissions for the role field.  The role field pertains to the user's
* access privileges so nobody should be able to change this except
* administrators.
*/
function role__permissions(&$record){
    if ( isAdmin() ){
        return Dataface_PermissionsTool::ALL();
    } else {
   return Dataface_PermissionsTool::READ_ONLY();
    }
}


1. Where exactly does this code go? How much of of do I really need, all or only some? I've put all of it in my ApplicationDelegate.php but I don't think it goes there. I've already got some other permissions stuff there that works OK, except it doesn't enable registration. In the tutorial the above code snippet is preceded by: "Here is a snippet from the Web Auction users table delegate class to show how the permissions are defined:". What exactly does that mean? Should I create a UsersTableDelegate.php in the Users Table folder and put it there? Would that then conflict with the permissions already in the ApplicationDelegate.php?

2. When I access the application, it displays the database immediately, and does not stop at the login screen, so apparently the added code is overriding the previous authentication code that worked OK. The user then has correct permissions, ie can add and edit/delete only records user adds. The "login" link displays in the upper right and if I select that it will then display the login form and the "Register" link opens the registration form, but allows the new User to select both the "User" and "Admin" roles. A new registrant should automatically be assigned the role User and not have access to changing that. How do I make that happen?

3. I pulled all of the above code snippet out of my ApplicationDelegate.php and created the file UsersTableDelegate.php inside the /tables/Users folder thus:

Code: Select all

<?php
class conf_UsersTableDelegate {

all of the above code snippet...

}
?>


That got my login back, along with the Registration link. However, when I select the Registration link, no registration form displays. Am I getting closer?

Much appreciate your suggestions. By the way, the authentication and permissions code you did for me is working perfectly.

Michael

Steve: I think I'm making some progress with this! I created a Users.php file inside the /table/Users folder and stuck the code snippet in there and got rid of the UsersTableDelegate.php file.

Now I get the login screen with the Register link. However, when I select the Register link I get the following php error:

Fatal error: Call to undefined function getusername() in /path/to/tables/Users/Users.php on line 4

I know in the tutorial you say "getUsername() function is defined elsewhere", so I guess I need to know where to define it, or what to replace it with. Could I define it within the Users.php file itself? If so, how do I define it? Thanks.

Michael

Hi Mike

Here is how i implemented this functions
I simply copied all the "Convenience functions" from the webauctions functions.inc (as far as I remember). Please find the source Browser or copy the functions you need from below:

Code: Select all

function &getUser(){
    static $user = 0;
    if ( $user === 0 ){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $user =& $auth->getLoggedInUser();
    }
    return $user;
}
function getUsername(){
    static $username = 0;
    if ( $username === 0 ){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $username = $auth->getLoggedInUsername();
    }
    return $username;

}

function isAdmin(){
    $user =& getUser();
    return ($user and $user->val('Role') == 'ADMIN');
}

function isLoggedIn(){
    if ( getUser() ) return true;
    return false;
}

function isRegistered(){
    $user =& getUser();
    if ( $user->val('role') ) return true;
    return false;
}

function registerUser(){
    if ( isRegistered() ) return;
    $user =& getUser();
    $user->setValue('role','USER');
    $user->save();
}


hope this helps until Steve is back on the forum
Martin

Martin Pruss wrote:Hi Mike

Here is how i implemented this functions
I simply copied all the "Convenience functions" from the webauctions functions.inc (as far as I remember). Please find the source Browser or copy the functions you need from below:

Code: Select all

function &getUser(){
    static $user = 0;
    if ( $user === 0 ){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $user =& $auth->getLoggedInUser();
    }
    return $user;
}
function getUsername(){
    static $username = 0;
    if ( $username === 0 ){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $username = $auth->getLoggedInUsername();
    }
    return $username;

}

function isAdmin(){
    $user =& getUser();
    return ($user and $user->val('Role') == 'ADMIN');
}

function isLoggedIn(){
    if ( getUser() ) return true;
    return false;
}

function isRegistered(){
    $user =& getUser();
    if ( $user->val('role') ) return true;
    return false;
}

function registerUser(){
    if ( isRegistered() ) return;
    $user =& getUser();
    $user->setValue('role','USER');
    $user->save();
}


hope this helps until Steve is back on the forum
Martin

Martin: Thanks for the assist. Unfortunately, I still can't get past the "Fatal error: Call to undefined function getusername() " when I select the Register link. I've tried putting the "function getUsername()" in the /conf/ApplicationDelegate.php and /tables/Users/Users.php to no avail. Where should I put this function?

Michael

What you can do is make a .php file called say 'functions.inc.php' and then put any functions you need to call throughout your application that don't belong to any particular class. So your getusername() function can go there.

And then you have to include this functions.inc.php file in your application runtime so that other classes can use it. You can do this in your index.php file (the one that displays your Xataface application). So for example:

Your functions.inc.php file:

Code: Select all

getUsername(){
//insert code here to get the username
}


Your index.php file:

Code: Select all

require_once '/path/to/dataface/dataface-public-api.php';
require_once 'functions.inc.php';
df_init(__FILE__, 'http://yourdomain.com/dataface');
$app =& Dataface_Application::getInstance();
$app->display();


Note that the functions.inc.php is in the same directory as your index.php file.

Code: Select all

Steve,

Well, after a bit of a hiatus, I'm back to this registration issue. I added the following to my functions.inc.php and I now get the registration form when you select the "Register" link on the login page:

Code: Select all

function getUsername(){
    static $username = 0;
    if ( $username === 0 ){
        $auth =& Dataface_AuthenticationTool::getInstance();
        $username = $auth->getLoggedInUsername();
    }
    return $username;

}

However, there are still a few problems:

1. The registration form offers "admin" as a Role choice. It shouldn't do that, the new user can only be a USER and the form must default to that and not offer any selections. Where do I configure that?

2. After you complete the form and send it, the page displays a 404 errror, so I need to change the page to return to after the form is sent. Where is that configured?

3. The confirmation email is sent, however, it doesn't show the sender correctly, where is that configured?

4. The confirmation link seems to work and opens my application and creates the new user in the database, however, the user name and password are NOT what were entered on the form. So something is not working correctly there, any ideas?

If you need more details, or a link to see what's happening, I can provide privately.

Thanks, Michael

The registration form offers "admin" as a Role choice. It shouldn't do that, the new user can only be a USER and the form must default to that and not offer any selections. Where do I configure that?

I determined where to fix that and the "role selection box" no longer displays. In tables/Users/Users.php I changed this:

Code: Select all

   function Role__permissions(&$record){
       if ( isAdmin() ){
       return Dataface_PermissionsTool::ALL();
       } else {
       return Dataface_PermissionsTool::READ_ONLY();
       }
       }

to this:

Code: Select all

   function role__permissions(&$record){
       if ( !isAdmin() ) return Dataface_PermissionsTool::NO_ACCESS();
       return null;
       }

I also added the following in an attempt to force a default value on the Role as "User":

Code: Select all

   function Role__default(){
       return 'User';
       }

I don't know if it's working, because even though the confirmation email gets sent selecting the included link does NOT add the user to the database. A couple of days ago, before I modified Users.php the first time I attempted to register, a new user was added but not with the name and password added with the registration form. Now I'm not even getting that far.

After you complete the form and send it, the page displays a 404 errror...

This is still occurring and I suspect it is due to the way my .htaccess is set up, but since I don't know what page the form is trying to load, I can't create the correct data record for that page. So I need to know where the form is located in Xataface so I can get a page name.

The confirmation email is sent, however, it doesn't show the sender correctly...

I added the following to conf/ApplicationDelegate.php:

Code: Select all

function sendRegistrationActivationEmail(&$record, $activationURL){
        // mail the admin to let him know that the registration is occurring.
        $username = $record->val('UserName');
        $email = $record->val('Email');
       
        mail($email, 'Welcome to the team',
            'Welcome '.$record->val('UserName').
            '.  You have been successfully registered. 
             Please visit '.$activationURL.' to activate your account'
        );
    }

The email Subject and new user names are both correct now. But the Sender is wrong and I suspect the activation link is also wrong, since it points to a non-existent page. Nothing gets added to the database, so I don't know if the new user's password is correct, but since the user name is correct and the email actually got sent to the correct address, I suspect the password is also correct.

I'm scouring this forum looking for any thread discussing the registration form and process, but I'd could use some help with this. My suspicion is that the remaining issues are due to the .htaccess file and I need to know what page it's trying to link to, so I can create a record for that page, and also where to tell the email form the correct Sender. Right now the Sender is being identified as the my login name at the host server. Don't want that. Thanks.

Michael

Michael

You can suppress the ROLE edit field by using field permissions.
http://xataface.com/wiki/How_to_granulate_permissions_on_each_field

The following snippet will allow an administrator full access to the role field where any other user will not have any access to it.

Code: Select all

   
function role__permissions(&$record) {
        if ( isAdmin() ) {
            return Dataface_PermissionsTool::ALL();
        } else {
            return Dataface_PermissionsTool::NO_ACCESS();
        }
    }


..Steve

Thanks. I had already fixed the Role issue. I could not resolve any of the remaining issues, however, so I just googled for PHP registration scripts and downloaded "Funky Vision Membership Script V.1". I found it quite easy to install its "registration.php" and this works fine and does everything I need. It uses a config.php file which I configured to point to the Users Table on my database. New users can register and login immediately without having to validate an email. I added a "faux" captcha field to keep out the robots. The faux captcha script uses an image of a alphanumeric value that must be entered correctly to validate the registration form. The only difference between it and a true captcha script is the image doesn't change. Otherwise it works exactly the same and will clear the form if it's not entered correctly. I could have added a link to the registration form to the Xataface login, but I decided just to link to the registration right off the web site page instead. It was easier to do.

Michael