Security Module - login templates

Scriptcase 9 General
#1

SC: 9.4.012 and 13

Security Module – login templates

Issue

The “Sign in” button on any of the login templates do not work when the {SC_FIELD_INFO_Links} is removed. The only way you can submit the form is to use the “Enter Key” and only if one of the fields “User ID” or “PASSWORD” has focus. If you click on any part of the page after entering your credentials and hit the “Enter Key” or the “Sign in” button the form does not work. Nothing happens.

However, when you do get the “Enter Key” to work, the “Sign In” button sometime starts to work.Crazy!

Is anyone else experiencing this issue? Is removing the field {SC_FIELD_INFO_Links} the proper way to not display the links?

Also, when you do get an error say “invalid password” some of the errors are in red other times you get a popup that is yellow.

Any verification with these issues will be appreciated.

#2

BTW - The login templates I am referring to are the ones in the external library.

#3

Yes. Since v9.4.013 I have had a similar issue - although I do use the SC_FIELD_INFO_Links. But sometimes I get the ‘invalid password’ message in red - other times in the pop-up that is yellow - and when it is in yellow there is no way out except to close the browser tab and run try again. The solution / workaround that I am using is this:

CONTROL > SETTINGS > LAYOUT & BEHAVIOR
Automatic Tab = ON
Use enter to SUBMIT

#4

Since my user’s login has a different count of characters i’m using

Automatic Tab = OFF
Use enter to TAB

When you hit ENTER on the LOGINbutton the form is submitted.

#5

Thanks for the reply every one! I’ll give it a try. So, the ENTER key is the only way you can submit the form? Clicking the “Sign in” does not work for you either?

#6

clicking sign in always submits the form when pressing enter

I use the ‘enter to tab’ because my users use their email to login. They all have a different length so the automatic tab cannot be used. But i got the same error when hitting enter after filling in a wrong email or wrong password. The result was that i had to close browser and restart. My setting resolved this. In case of an error i get the red container on top of the screen WITH a cross to close the container.

see this topic for screenshot
https://forum.scriptcase.net/forum/main-category/main-forum/89264-sc_error_message-no-exit

#7

One more thing …

In the scenario where I enter the wrong password and I get the error and then close it, the “Sign in” button starts to work as expected when I use the mouse to click it. The only difference is that I get the other error at the top of the page in red. Something must be wrong with the code.

#8

Well that was my conclusion … something wrong with the code. Just telling you how I worked around it.

#9

Not going to say that this is the solution … but might be … I’m going to try it … it WAS the solution to another similar issue that I had.
Application > Settings > Notification Settings > Ajax Error Output = OFF

#10

I tried it and when I use ENTER to submit settings I still get the popup error in yellow. As for the issue with the “Sign in” button here is what I did to fix it. [LIST=1]

  • I created a new control application
  • Used the same template as I was using
  • Copied all the code from all events and re-created all of the PHP methods and code from the original app_Login that was created by the security module.
  • Added extra code to prevent entering blank login or password. For some reason validation is a success with only a valid user name and no password using the sc_ldap_login macro.
  • Renamed my control app to app_Login
  • Using the settings “Use Enter to” – TAB
  • “Field with initial Focus” – login [/LIST] By doing this, everything is working as as expected. I am not sure what the issue is when the app_Login gets generated by the security module. I did submit this issue to [email]bugs@scriptcase.net[/email] but they could not reproduce the issue except when the Links get deleted from the HTML code and the fields are not deleted too. No matter what I did I could never get the "Sign in" button to work until I did the above steps. I guess we beat this horse to death so moving on to the next issue but I hope someone finds this helpful if they experience the same symptoms.
    • #11

    @odavila
    About this piece of code:

    1. Added extra code to prevent entering blank login or password. For some reason validation is a success with only a valid user name and no password using the sc_ldap_login macro.

    Are you ready to share this piece of code on the forum.
    It sounds very interesting.

    #12

    Aren’t both fields already required?

    #13

    That’s what I thought. I may be doing something wrong but I copied all the code from the app_Login to the new control app and when I was testing it I noticed that just entering a valid user in Active Directory was enough. So I looked at the code in an application that I had that used the security module from an early version 9 (I think) that worked fine and it had code that tested for blank user and password. So decided to tested the sc_ldap_login macro by itself and sure enough it returns a 1 for both a valid user and password and just a valid user. Now the documentation for the macro says

    There are three possible returns: [TABLE=“border: 0”]
    [TR]
    [TD]Macro return[/TD]
    [TD]Situation[/TD]
    [/TR]
    [TR]
    TD’ldap_connect_error’[/TD]
    [TD]Connection error with LDAP host/service.[/TD]
    [/TR]
    [TR]
    TD’ldap_bind_error’[/TD]
    [TD]Authentication error after successful connection.[/TD]
    [/TR]
    [TR]
    TD[/TD]
    [TD]Successful connection and bind.[/TD]
    [/TR]
    [/TABLE]

    which is not what it returns. It returns a 1 or 0.

    #14

    @bhardin

    My bad. You are correct. I looked that those two fields and I did not have the “required” checked. This will solve the issue. However, they need to change their documentation so everyone understands what the sc_ldap_login macro returns.

    #15

    @bhardin
    [URL=“https://forum.scriptcase.net/member/8333-bhardin”]Thanks for pointing out that those fields should be required because that is the issue that I have been having from the beginning and now I understand how and why it behaves this way. But if you accidentally un-check that they are required, all you need is a valid user to login. I think I am going to stick with adding the code to test for blank password and user.

    So here is my test …

    When I make the userid and password “Required” then nothing works when using the TAB as the setting for “Use Enter to”. If you use the “Submit” setting and leave any of those fields blank and hit ENTER while the focus is in one of those fields you get the yellow error popup box. This means that the form is handling the error.

    If you remove the “Required” setting on those fields and use the TAB as the setting for “Use Enter to” then your code handles the errors and the “Sign in” button works to submit the form. If I change the setting for “Use Enter to” to “Submit”, then you get combination of the errors (Yellow or Red) depending on what has focus. If one of the fields has focus that you get the yellow popup, if the “Sign In” button has focus you get the red error message.

    @rik

    All I did was to add the below to the beginning of the code in the “onValidate” event. The reason I needed it it’s because I did not have the userid nor the password as required. I prefer it this way since the app_login app is behaving as it should and an extra security measure in case I un-check that those fields are required. I want to be clear that I am using LDAP and Total control when I create the security module.

    /** read login, pswd from user entering
    */
    $login = {login};
    $pswd = {pswd};

    /** Make sure the login or password are not blank
    */

    if(($login !== “”) and ($pswd !== “”))
    { regular code here}
    else
    { send error message}

    #16

    Thanks for the feedback.

    #17

    Scriptcase documentation needs help. No doubt.