I got problem with Login application

giovannino · May 7, 2020, 8:03pm

Hello all,
I did the login using the Security module.
Then I customized it to manage more variables.
PROBLEM:
When I insert a User and wrong Password it doesn’t show the message popup saying that usr or password are not correct.
Then if hit Login once more it takes the user and connect it to the form without checking the password.
I mean that you use ‘admin’ with a wrong password first time nothing happens , the second time it don’t check the OnValidate anymore and goes to OnValidateSuccess…as test was OK
The question is … Why the test don’t work first time and second the same ?

See video: https://www.youtube.com/watch?v=kSugmHO7Tns

Here my code under Events:

onApplicationInit
sc_reset_apl_conf(“app_form_add_users”);
sc_reset_apl_conf(“app_retrieve_pswd”);
{login}=’’;
{pswd}=’’;
$slogin = ‘’;
$spswd = ‘’;

onScriptInit
sc_reset_apl_status();
sc_reset_global([usr_login], [usr_email], [glo_CustomerID],[glo_SalesmanID],[glo_UserType],[glo_SaleseosID],[glo_SalesdirID] );

onLoad
sc_apl_conf(‘app_form_add_users’, ‘start’, ‘new’);

OnValidate
$slogin = sc_sql_injection({login});
$spswd = sc_sql_injection(({pswd}));
[glo_spswd]=$spswd;

$sql = "SELECT
Admist_priviledge,
Active,
CompanyName,
Email,
CustomerID,
SalesmanID,
UserType,
SaleseosID,
SalesdirID
FROM customers
WHERE User = “. $slogin .” AND Password = ". $spswd ;
sc_lookup(rs, $sql);

if (isset({rs[0][0]}))
{
if(count({rs}) == 0)
{
sc_log_add(‘login Fail’, {lang_login_fail} . {login});
sc_error_message({lang_error_login});
sc_error_exit();
}
else if({rs[0][1]} == ‘Y’)
{
[usr_login] = {login};
[usr_priv_admin] = {rs[0][0]};
[usr_name] = {rs[0][2]};
[usr_email] = {rs[0][3]};
[glo_CustomerID] = {rs[0][4]};
[glo_SalesmanID] = {rs[0][5]};
[glo_UserType] = {rs[0][6]};
[glo_SaleseosID] = {rs[0][7]};
[glo_SalesdirID] = {rs[0][8]};
}

else
{
sc_error_message({lang_error_not_active});
sc_error_exit();
}
} //end ifisset

onValidateSuccess
$dir = opendir($this->Ini->path_aplicacao . “…”);

while ($file = readdir($dir))
{
    if ($file != '.' && $file != '..' && $file != '_lib')
    {
          sc_apl_status($file, 'on');
    }        
}

closedir($dir);


    sc_log_add('login', {lang_login_ok});
    
//    sc_redir('app_menu');

switch ([glo_UserType]) {
case “CLI”:
sc_redir(‘hhh_grid_products_for_order’, parm1=’[glo_CustomerID]’);
break;
case “AGE”:
sc_redir(‘grid_salesman_orders’, parm1=’[glo_SalesmanID]’ );
break;
case “MNG”:
sc_redir(‘grid_salesdir_orders’, parm1=’[glo_SalesdirID]’ );
break;
case “EOS”:
sc_redir(‘grid_saleseos_orders’, parm1=’[glo_SaleseosID]’);
break;
case “ADM”:
sc_redir(‘menu_admin’);
break;
}