Ready to watch this entire course?
Become a member and get unlimited access to the entire skills library of over 4,971 courses, including more Business and personalized recommendations.Start Your Free Trial Now
- View Offline
This course was updated on 6/12/2012.
- Understanding dynamic versus static content
- Adding PHP commands to web pages
- Setting and outputting variables
- Using server-side includes
- Creating PHP custom classes
- Adding the Zend Framework to a PHP installation
- Creating a MySQL database
- Adding data in phpMyAdmin
- Building recordsets
- Formatting dynamic data
- Building data entry forms
- Authenticating users
- Deploying a dynamic site
Skill Level Intermediate
Web sites that allow users to manage data on the backend - such as using Insert, Update, and Delete operations - frequently need to be authenticated. Dreamweaver CS5 gives you the ability to create simple login forms and then protect your pages from unauthenticated users. For all of the exercises in this chapter, I'll use a version of the web site stored in 08_authenticate folder, under Exercise Files. If you have access to the exercise files, go into Dreamweaver site setup, and point your site at this folder.
I'll start in this file, login.php, which you will find in the login folder of the site root. This file has a simple data entry form with two controls: User Name and Password. Notice that both are wrapped in Spry validation controls. I'll run the page in the browser and show you that if I try to submit the form without entering any values, I'll get client-side validation messages. In order to use the form, I would need to type in values and then compare those values to the backend database.
Before I apply the behaviors that are going to execute the login functionality, I'll first double-check my database connection. I'll go to the Databases panel and then double-click explorecalifornia. If you're working with WampServer on Windows, all these settings should be correct. If you're working with MAMP on Mac OS X, set the password to root, and then test your database. If you see this message on Windows, click OK and test again.
Once you've seen the message that the connection was made successfully, you can click OK and click OK again, and you'll be ready to work with your database. To attach the form to the backend database, go to the menu and choose Insert > Data Objects > User Authentication. There are four operations available: to Log In and Log Out User, Restrict Access To Page, and Check New Username. I'll choose Log In User.
In the dialog that appears, I indicate which form I want to get the information from on the page, and the names of the fields or data entry controls in the form. I've named my controls User Name and Password. Then I indicate how I want to do the validation. I'll select the explorecalifornia connection, and set the Table to admin. The admin table has three columns, named adminId, userName, and Password. adminId is a meaningless primary key.
I'm not going to use that. I'll set the Username column to userName and the Password column to password. Now I'm going to define what happens if the login succeeds or fails. If I load the form page directly in the browser, and the login succeeds, I'd like the user to go to the web site's homepage. So I'll click Browse, and then I'll go to my site root folder. If you are not sure whether you are in the site root folder, just click the button, Site Root. Then I'll locate and select the file index.php and click OK.
If the Login form is loaded as a result of an unsuccessful attempt to load a protected page, after the login operation is complete, I'd like to go to the originally requested page, known here as the previous URL. To do that, all I have to do is check the check box. And finally, if the login fails, I want to go back to the login form again. So I'll click Browse and then from the site root, I'll go to the login folder, and I'll choose login.php.
You can restrict access to various pages of your web site based on a user name and password. That would mean that if the user logs in at all, that they can get access to the pages. Or you can also apply access levels. I won't get into access levels here, but it's worth noting that if you want to use access levels, you need to structure your database table to include a numeric, or string value. I've selected the default User Name and Password, and now I'll click OK.
Before I test the page, let's take a look at what's in the database. I'll go to the Databases panel, to the explorecalifornia connection, and open the list of tables. Here's the table that contains the names and passwords for my users. I'll right-click on the table, and choose View data and show that the table contains only one record. The user name is explorerone, and the password is password. I'll click OK, and then I'll open the page in the external browser.
If I don't type anything in, I'll get client-side validation errors generated by the Spry controls in the form. If I type values in that aren't recognized in the database, such as noname and nopassword, and then click Submit, the client-side validation errors are cleared, but the login page is simply reloaded. But then I'll type in the valid values, explorerone as the User Name and password in all lowercase, as the password, and this time when I click Submit, I am taken to the homepage of the web site.
So the data entry form is now designed to collect the information from the user, compare it to the contents of the database, and then if the login operation succeeds, to take the user to the homepage. Once you've implemented the login form, you can then start to protect the pages of your web site one at a time, and I'll show you how to do that in another video.