This forum is no longer open and is for reading/searching only.

Please use our new MachForm Community Forum instead.

MachForm Community Forums » MachForm 2

Password Protect the Form


  1. Saghalie
    Pro Member

    Hi,

    I'm trying to use the password protection for the form. I'm having no success at it. Is there a problem with the code? I select the password field, save the form and when I access it, fill in the form and press submit, it still adds everything in the database.

    Posted 16 years ago #
  2. yuniar

    sorry, I don't really understand what you mean.

    If password protection enabled, all users accessing your form will be required to type in the password.
    If the password is correct, they will be able to submit it and adds everything to the database.


    MachForm Founder

    Posted 16 years ago #
  3. Saghalie
    Pro Member

    The problem is that everyone accessing the form can submit it and add to the database without using a password.

    It doesn't even ask for a password.

    Saghalie
    http://www.beautiful-beginnings.org

    Posted 16 years ago #
  4. Saghalie
    Pro Member

    Never Mind.

    I've found the reason.

    If I am still logged in to MachForm on my server and look at the form it lets me in. Even though I've defined a different password for the form.

    Its a feature! Not a BUG!

    Thanks,

    Wawa Kopa Saghalie
    http://www.beautiful-beginnings.org

    Posted 16 years ago #
  5. Saghalie
    Pro Member

    Found another "Feature" with this issue.

    -- edited by admin ---
    content hidden because this is a bug report.
    shouldn't be available for public. the fix is available below.
    ----------------------

    Thanks,

    Wawa Kopa Saghalie
    http://www.beautiful-beginnings.org

    Posted 16 years ago #
  6. yuniar

    Saghalie,

    You are right, this is a "feature". Ugh.

    Here is how to fix it, edit your includes/post-functions.php, search around line 14-28:

    //this function handle password submission and general form submission
    if(isset($input['password'])){ //if there is password input, do validation
    	$query = "select count(form_id) valid_password from ap_forms where form_password='{$input['password']}'";
    	$result = do_query($query);
    	$row = do_fetch_result($result);
    	if(!empty($row['valid_password'])){
    		$process_result['status'] = true;
    		$_SESSION['user_authenticated'] = $form_id;
    	}else{
    		$process_result['status'] = false;
    		$process_result['custom_error'] = 'Invalid Password!';
    	}
    
    	return $process_result;
    }


    Replace that whole block of code with this one:

    //this function handle password submission and general form submission
    //check for password requirement
    $query = "select form_password from ap_forms where form_id='$form_id'";
    $result = do_query($query);
    $row = do_fetch_result($result);
    if(!empty($row['form_password'])){
    	$require_password = true;
    }else{
    	$require_password = false;
    }
    
    //if this form require password and no session has been set
    if($require_password && (empty($_SESSION['user_authenticated']) || $_SESSION['user_authenticated'] != $form_id)){ 
    
    	$query = "select count(form_id) valid_password from ap_forms where form_id='{$form_id}' and form_password='{$input['password']}'";
    	$result = do_query($query);
    	$row = do_fetch_result($result);
    
    	if(!empty($row['valid_password'])){
    		$process_result['status'] = true;
    		$_SESSION['user_authenticated'] = $form_id;
    	}else{
    		$process_result['status'] = false;
    		$process_result['custom_error'] = 'Invalid Password!';
    	}
    
    	return $process_result;
    }


    If the above code doesn't quite clear, use this:
    http://mf.pastebin.com/f31d151c0

    That should fix this "feature".

    I'm packing this code into version 2 which should be released next week. So version 2 shouldn't have this "feature" again.

    Thanks for the report.


    MachForm Founder

    Posted 16 years ago #
  7. Saghalie
    Pro Member

    Thanks for the reply, fixed the code and now I get this error when I "Don't" put a password in.

    Fatal error: Cannot use string offset as an array in <snip>includes\view-functions.php on line 317

    When I put the password in, it works fine.

    Saghalie
    http://www.beautiful-beginnings.org

    Posted 16 years ago #
  8. yuniar

    Hmm.. that's weird. I didn't get that error here.
    Are you modifying the correct file includes/post-functions.php ?

    The errors come from includes/view-functions.php line 317. What's the code in that line? or you can just send me the file.


    MachForm Founder

    Posted 16 years ago #
  9. Saghalie
    Pro Member

    I have Version 1.2.

    I re-copied the original includes/view-functions.php and still have the same problem.

    Code:

    <input id="element_{$element->id}_1" name="element_{$element->id}_1" class="element text" size="2" maxlength="2" value="{$element->populated_value['element_'.$element->id.'_1']['default_value']}" type="text"> /

    and includes/view-functions.php is the only one of its kind on my server.

    Mashie!

    Saghalie
    http://www.beautiful-beginnings.org/

    Posted 16 years ago #
  10. yuniar

    Hmm.. that's odd.

    Can you mail me and send me the following please:
    1) includes/post-functions.php
    2) includes/view-functions.php
    3) The URL to your form so I can try it

    Mail to: yuniar [at] appnitro.com


    MachForm Founder

    Posted 16 years ago #
  11. Saghalie
    Pro Member

    Yuniar,

    -Done..

    Posted 16 years ago #
  12. Saghalie
    Pro Member

    Yuniar,

    Thanks for the fix! Everything is working great! Your service, as always, is awesome!

    Posted 16 years ago #

RSS feed for this topic

Reply