Accessing user fields before use is logged in

[ankh2054]

Hi All,

I have a user field called user_activation (textfield), which contains an activation code. The user receives a email with an activation code, upon when clicked changes that field to a value of "0".

I want to check that field before a user logs in, but unsure how to access that field without the user actually being logged in.

Using the below code, the field always returns NULL.

<?php

$login_errors = "";
$out = "";
$form = "<div class='omb_login'>
            <h3 class='omb_authTitle'>Login or <a href='/register/'>Sign up</a></h3>
            <div class='row omb_row-sm-offset-3 omb_socialButtons'>
                <div class='col-xs-4 col-sm-2'>
                    <a href='#' class='btn btn-lg btn-block omb_btn-facebook'>
                        <i class='fa fa-facebook visible-xs'></i>
                        <span class='hidden-xs'>Facebook</span>
                    </a>
                </div>
                <div class='col-xs-4 col-sm-2'>
                    <a href='#' class='btn btn-lg btn-block omb_btn-twitter'>
                        <i class='fa fa-twitter visible-xs'></i>
                        <span class='hidden-xs'>Twitter</span>
                    </a>
                </div>  
                <div class='col-xs-4 col-sm-2'>
                    <a href='#' class='btn btn-lg btn-block omb_btn-google'>
                        <i class='fa fa-google-plus visible-xs'></i>
                        <span class='hidden-xs'>Google+</span>
                    </a>
                </div>  
            </div>

            <div class='row omb_row-sm-offset-3 omb_loginOr'>
                <div class='col-xs-12 col-sm-6'>
                    <hr class='omb_hrOr'>
                    <span class='omb_spanOr'>or</span>
                </div>
            </div>

            <div class='row omb_row-sm-offset-3'>
                <div class='col-xs-12 col-sm-6'>    
                    <form class='omb_loginForm' action='./' accept-charset='UTF-8' autocomplete='off' method='POST'>
                        <div class='alert alert-error fade-in alert-dismissable'>
                        </div> 
                        <div class='input-group'>
                            <span class='input-group-addon'><i class='fa fa-user'></i></span>
                            <input type='text' class='form-control' name='user' placeholder='Username'>
                        </div>
                        <span class='help-block'></span>
                                            
                        <div class='input-group'>
                            <span class='input-group-addon'><i class='fa fa-lock'></i></span>
                            <input  type='password' class='form-control' name='pass' placeholder='Password'>
                        </div>
                        <span class='help-block'></span>
                        <input class='returnUrl' type='hidden' name='returnUrl' value='[[+request_uri]]' />

                   
                    
                    <input class='loginLoginValue' type='hidden' name='service' value='login' />

                        <button class='btn btn-lg btn-primary btn-block' type='submit' name='login_submit' value='Login'>Login</button>
                    </form>
                </div>
            </div>
            <div class='row omb_row-sm-offset-3'>
                <div class='col-xs-12 col-sm-3'>
                    <label class='checkbox'>
                        <input type='checkbox' name='rememberme' value='1' checked='checked'>Remember Me
                    </label>
                </div>
                <div class='col-xs-12 col-sm-3'>
                    <p class='omb_forgotPwd'>
                        <a href='[[~5]]'>Forgot password?</a>
                    </p>
                </div>
            </div>"
;

//Check if user is already logged in - redirect to 
if($user->isLoggedin()) {
    // user is already logged in, so they don't need to be here
    $session->redirect("/"); 
}

//Check if submit is issued
if($input->post->login_submit) {


/*check for login before outputting markup
if($input->post->user && $input->post->pass) { */

    $user = $sanitizer->username($input->post->user);
    $pass = $input->post->pass; 

    var_dump($user->user_activation);

    /*if(strcmp($user->user_activation, 'test') == 0){
    /*if($user->user_activation != 0) {
    $login_errors .= "Sorry, but you need to activate your account!";
    $out .= $form;
    }

    elseif($session->login($user, $pass)) {
        // login successful
        $session->redirect("/"); 
        }

    else {
        $login_errors .= "Username or Password is incorrect";
        $out .= $form;
    }
     */
    
}

else {
    $out .= $form;
}

?>

<?php include("./head.inc"); ?>
<?php include("./navbar_login.inc"); ?>

<div class="container">
<div><?php echo $login_errors; ?></div>
  
<?php echo $out; ?>

</div>

   

<?php include ("./foot.inc"); ?>
<?php include ("./java.inc"); ?>

[Pete]

A normal registration process is similar to how you signed up on these forums, so let's start there

You registered, and after registering you were immediately logged in, yet couldn't post anything until you clicked the activation link in your registration email.

Because you were already logged in, when you clicked that link it was easier to check the code and activate the account (in your case set the field to 0).

So the answer is to have them logged in after registering and restrict their options until they activate their account, displaying a clear message that until the account is activated they can't do anything. That way if they accidentally log out (close the browser for example) and come back to your site then they'll know where they were up to.

Hope that helps!

[ankh2054]

thanks Pete, makes sense