Support Forums
ATutor Support
Custom login script
You must be signed-in to post.
| Author | Subject | |
|---|---|---|
| Page: 1 | 2 | ||
| onside | Subject: Custom login script |  |
| Hi, I'm trying to place a login box on our website's homepage that will log a user straight into the ATutor LMS. However, it is not authenticating the user. Once on the login.php, of course, the user can re-type their username and password and gain access but it sort of defeats the object. I have copied in the javascript code but no doubt missing something simple. Any help would be appreciated - or some code for me to place on the page - even better. Cheers, Jim Version 1.6.1 Posted: 2008-08-19 08:19:44 | ||
 | ||
greg | Subject: Re: Custom login script | |
| Maybe take a look at the HTML source code for the login form we use on our demo site. Make sure the encryption script is properly called. www.atutor.ca/atutor/demo.php Posted: 2008-08-19 09:53:00 | ||
| ||
| onside | Subject: Re: Custom login script | |
| Thanks Greg, I had a look at the page - doesn't look too dissimilar to my code. I have the following code to produce my login box - starting at : <script language="JavaScript" src="/ATutor/sha-1factory.js" type="text/javascript"></script> <script type="text/javascript"> /* * Encrypt login password with sha1 */ === === === and ending with : onclick="return encrypt_password();" /> </div> </div> </div> </form> You could take a look at : www.mycourse.co.uk if you wish. Cheers, Jim Posted: 2008-08-19 11:29:00 | ||
| ||
| greg | Subject: Re: Custom login script | |
| It looks like you need to adjust the path to thesha-1factory.js file, changing it the a full URL to the file in your ATutor installation. Posted: 2008-08-19 11:52:03 | ||
| ||
| onside | Subject: Re: Custom login script | |
| mmmm - tried that, no go. I'll have another attempt and perhaps give a full url to the form action tag also. back soon... Jim Posted: 2008-08-19 11:53:43 | ||
| ||
| onside | Subject: Re: Custom login script | |
| Hi Greg, Nope - can't seem to get this to work at all. It takes the user through to the login page but still comes back with an 'invalid login/password combination' message. The only differences I can see to yours now, is the : === function encrypt_password() { document.form1.form_password_hidden.value = hex_sha1 === I have form.form - changing it makes no difference and in the : === <input type="hidden" name="form_course_id" value="1" /> === I have value="0" - again changing it to "1" makes no difference. Any ideas ? Thanks Jim Posted: 2008-08-19 12:21:56 | ||
| ||
harris | Subject: Re: Custom login script | |
| Try changing your form name 'form' to say 'myform' and see if it works. 'form' is a sensitive word. Posted: 2008-08-19 12:34:11 | ||
| ||
IndieRect | Subject: Re: Custom login script | |
| Jim, you've applied patch #0007, right? The patch changes the login protocol, and copying those changes to your front page is required. You can compare function encrypt_password() in ATutor to that on your front page: they're different. That's where the problem lies. To fix that, you should replace the first line of that function: with (without the leading and trailing PHP tags). Or, copy the line from themes/default/login.tmpl.php . Posted: 2008-08-20 02:58:29 | ||
| ||
| onside | Subject: Re: Custom login script | |
| Thanks for that IndieRect, No, I did not have the correct code in there. All Patches applied but on checking this, I also saw the differences in the code from the patch 7 message. I originally copied from our own login page and then screwed up the code. When I copied the correct code in, I was still having problems. Suspecting that it was a cookie issue on my own machine - logged into a different one and checked the site - all working fine. Many thanks for helping me with this - working just great now. Cheers ! Jim Posted: 2008-08-20 12:12:35 | ||
| ||
| adamclark1982 | Subject: Re: Custom login script | |
| hi Guys, I have tried all of the above and really need somebodys help. On the home page I wish to place the login script is as follows:- <script language="JavaScript" src="http://www.funandfit.co.uk/login/sha-1factory.js" type="text/javascript"></script> <script type="text/javascript"> /* * Encrypt login password with sha1 */ function encrypt_password() { document.form.form_password_hidden.value = hex_sha1(hex_sha1(document.form.form_password.value) + "<?php echo $_SESSION['token']; ?>"); document.form.form_password.value = ""; return true; } </script> <div class="container"> <div class="column"> <form action="http://www.funandfit.co.uk/login/login.php" method="post" name="form"> <input type="hidden" name="form_login_action" value="true" /> <input type="hidden" name="form_course_id" value="0" /> <input type="hidden" name="form_password_hidden" value="" /> <div class="input-form" style="background-color:white;"> <fieldset class="group_form"><legend class="group_form"> <font color="#666666">Login</font></legend> <p style="margin-top: 5px; margin-bottom: 5px"><font color="#666666">Mycourse Learning Management System</font></p> <font color="#666666"> <label for="login">Login Name or Email</label><br /> <font color="#808080"> <input type="text" name="form_login" size="50" style="max-width: 80%; width: 80%;" id="login" /></font><br /> <label for="pass">Password</label><br /> </font><font color="#666666"> <input type="password" class="formfield" name="form_password" style="max-width: 80%; width: 80%;" id="pass" /> <br /> <input type="submit" name="submit" value="Login" class="button" onclick="return encrypt_password();" /> </font> </fieldset> </div> </form> I have definately patched 007, cleared my cookies. I really do not know what else to suggest, it transfers me over to the login.php page and tells me " Invalid login/password combination." I know it is the correct username and password for sure. Posted: 2009-04-27 15:15:47 | ||
| ||
| onside | Subject: Re: Custom login script | |
| HI adamclark1982, The location of the script suggests that you have the contents of ATutor installed to the root of your web. <script language="JavaScript" src="http://www.funandfit.co.uk/login/sha-1factory.js" type="text/javascript"></script> Is that correct ? - or should it be pointing to something like: www.funandfit.co.uk/ATutor/login/sha-1factory.js ? If so - alter the links to show the correct path ( and other links in the form) Good luck Jim Posted: 2009-04-27 16:46:13 | ||
| ||
| adamclark1982 | Subject: Re: Custom login script | |
| Hi Jim, Thank you for taking the time to reply. The locations are all correct, I renamed the atutor folder to login. This all works as if you copy and paste the url into the browser it is available. Im really stuck on this.. Thanks in advance Adam. Posted: 2009-04-27 16:50:04 | ||
| ||
| onside | Subject: Re: Custom login script | |
| Hi Adam, aha - I realise that now. Sorry - I'm no expert, just willing to contribute - perhaps I'll leave it to the admins when they log in. One thing I can see though, is by comparing the code with that on our own site we're missing the 'SESSION etc' part of the code. Looks like our page has somehow reverted to the older version of code I had up there - however, it does seem to work. Best of luck Jim Posted: 2009-04-27 17:11:59 | ||
| ||
| harris | Subject: Re: Custom login script | |
| Hi Adam, Your attached script should work perfectly fine as a theme file, so that would work perfectly in the login.tmpl.php, cause I have just tried it. Have you changed anything other than the theme code, for instance, "login.php"? Posted: 2009-04-28 10:15:53 | ||
| ||
| IndieRect | Subject: Re: Custom login script | |
| Hello Adam, I just registered at your site (login "test", delete it if you wish) and used the code you provided here as a standalone login page. And – it worked. So, the only thing I can think of is connected to the only change I had to make to my improvised login page: $_SESSION['token'] variable. Most probably, it's not set in the script that contains your custom login page. If that's the case, you'll need to either find some way to transmit the token from ATutor to the custom login page, or to tweak the ATutor code responsible for generating the token (be aware that the token should be random and different each time; anything else decreases security). Posted: 2009-04-28 16:25:27 | ||
| ||
| Page: 1 | 2 | ||
You must be signed-in to post.