benbyf

session->login($u,$p); what can the $u be?

11 posts in this topic

quick question, can the $username in login() be email OR username, or anything else?

Share this post


Link to post
Share on other sites
6 minutes ago, benbyf said:

quick question, can the $username in login() be email OR username, or anything else?

Two options:

https://processwire.com/talk/topic/1716-integrating-a-member-visitor-login-form/?page=4#comment-89599

https://processwire.com/talk/topic/1716-integrating-a-member-visitor-login-form/?page=4#comment-89616

You should read about the pros and cons of each.

1 person likes this

Share this post


Link to post
Share on other sites

Great options @adrian.

Strangely, I only asked as when login in with login() on my site it already allows either, which i thought was strange.

Share this post


Link to post
Share on other sites
2 hours ago, benbyf said:

Strangely, I only asked as when login in with login() on my site it already allows either, which i thought was strange.

Something sounds wrong there - are you sure you don't have something else that is handling the email to username check? I don't see anything in the login method to handle an email: https://github.com/processwire/processwire/blob/35df716082b779de0e53a3fcf7996403c49c9f8a/wire/core/Session.php#L704 and it doesn't work for me.

Share this post


Link to post
Share on other sites

@adrian Could it be that if the name and email are the same but the sanitizer is changing @ to - and thus making them equivalent?

Share this post


Link to post
Share on other sites

If you used the email for the name it does indeed work.

1 person likes this

Share this post


Link to post
Share on other sites

@adrian so i'm right in saying if the name is stored as e.g. yourname-web.com

then both yourname-web.com and yourname@web.com log me in.

Share this post


Link to post
Share on other sites
1 minute ago, benbyf said:

@adrian so i'm right in saying if the name is stored as e.g. yourname-web.com

then both yourname-web.com and yourname@web.com log me in.

That makes sense for sure. When I sent you those other links, I assumed that the usernames would be different to the email address.

1 person likes this

Share this post


Link to post
Share on other sites

ok, well something to bare in mind and maybe something that needs remedying or not. @ryan?

Share this post


Link to post
Share on other sites
On 1/13/2017 at 2:42 PM, benbyf said:

ok, well something to bare in mind and maybe something that needs remedying or not. @ryan?

Would be nice to know, if you can use this as a feature :-) It would make a custom front-end login with email easier (if you make sure email-address updates are reflected to the username as well).

1 person likes this

Share this post


Link to post
Share on other sites

using both at the moment to login, email and username created by PW out of the email.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Alex L
      Hello Community,

      I have read that I get no support on GitHub. For this reason I am here for the second time.

      The thing is that I enabled a fresh Processwire installation and under https://processwire.wpzweinull.ch/processwire no page is found.

      The admin login is thus not possible. How can I fix the problem?

      Thanks in advance, Alexander
    • By maddmac
      I would like to redirect users from a specific role group to a specific URL upon login. Any thought on how to accomplish this?
    • By GKrabach
      Greetings PW community - I've got a site that I inherited, but brought it down to a local dev server (Ubuntu) in order to make changes before pushing those to the live version. I have the database connection setup and content displays as expected however I can't login. 
      Environment info: 
      ProcessWire 3.0.33 PHP 7 MySQL Ubuntu server Admin url changed (to clients name ) Initial scenario: I can access the admin login page just fine, however when I was submitting the request I was receiving the CSRF login error ("This request was aborted because it appears to be forged"), so I went and found the login troubleshooting guide: https://processwire.com/docs/tutorials/troubleshooting-guide/page2. I took the following steps to debug:
      Verified that there is enough space left on HD to create the session file. Verified that the /site/assets/ subfolders exist and set permissions to 777 for testing Verified config.php is set to at least 644 (it is 777 now on my dev box for testing purposes) Disabled CSRF, session fingerprinting & session challenge in config.php I have installed an original copy of ProcessWire 3.0.33's index.php After this, I stopped getting the forged attempt error, but now it was processing the login form submission and coming back to the login page w/o any errors or success message. So I enabled some logging: 
      Enabled debug in config.php (not receiving any on screen errors) Tailed apache error logs Through tailing the logs I found that it was having an issue with sendmail (trying to use it, but sendmail wasn't installed). So I installed sendmail and configured it. Now it takes forever (approx. 4.5 minutes) to processes, and I'm not receiving any errors in the apache logs, and no errors are reported on screen when it finally completes/timesout.
       
    • By Cengiz Deniz
      Guests can not see page content. But users can.
       
      Guest window:

       
      User /Admin Window
       

       
      And this is my template file:
      <h3> <?php echo "$page->title Konusunda özlüsözler"; ?> </h3> <?php $kisiler= $pages->find("template=kisi,sort=title,repeater_ozlusoz=[ozlusoz_konusu=$page->id]"); $n=1; foreach ($kisiler as $kisi) { foreach($kisi->repeater_ozlusoz as $aforism) { $tags = ''; foreach ($aforism->ozlusoz_konusu as $tag) { $tags .= '<a href="'.$tag->url.'">'.$tag->title.'</a>&nbsp; &nbsp;'; } if ($tag->id == $page->id) { echo '<p>'.$n.'. <a href="'. $kisi->url .'">'.$kisi->title.'</a> : "<i>'. $aforism->ozlusoz.'</i>"<br/>&nbsp; &nbsp; Etiketler: '.$tags.' </p>'; $n=$n+1; } } }  
      I  checked Template and Field Permisions.  Cache disabled.
      Thank you for your help
       
       
       
    • By ragnarokkr
      Hi all guys! I've a BIG problem here and hope you can help me to solve it.
      Suddenly yesterday my PW installation stopped letting me to log in.
      I can access the front-end, but each time i try to log into the back-end it gives me "This request was aborted because it appears to be forged."
      I already have searched into the forum and tried every possible solution, without any result 
      In order:
      site/config.php is readable site/assets/{cache,logs,sessions} is present and 0755 (and setting them to 0777 doesn't make any difference) tried to backup site/assets/sessions directory and make another new empty one nothing is changed with user:group permissions setting $protectCSRF, $sessionChallenge, and $sessionFingerprint to false the error disappears but the login page still remains making the sessions table empty doesn't make any difference enabled/disabled the www. redirection in .htaccess, just in case but nothing enabled $debug and no error removed cookies restarted the server Anybody has an idea?