[FX.php List] Search containing '@' sign finds no match
Andy Gaunt
andy at fmpug.com
Fri Oct 13 09:28:24 MDT 2006
Erik
The @ symbol is a wildcard character in a FileMaker search.
You need to either;
Wrap your search that contains the @ in "s or escape the @ with a \
HTH
Andy Gaunt
Office: 321.206.3658
Mobile: 407.810.4722
andy at fmpug.com
http://www.fmpug.com
2006 FileMaker Excellence Award Winner
Recipient of FileMakers 2005 Mad Dog Public Relations Award
For chapter locations, dates & times please visit the website at
http://www.fmpug.com If you can make it to a meeting, please RSVP at
http://www.fmpug.com/rsvp.php
-----Original Message-----
From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Erik Andreas
Cayré
Sent: Wednesday, October 11, 2006 6:07 PM
To: FX.php Discussion List
Subject: [FX.php List] Search containing '@' sign finds no match
I'm building a site with a login mechanism.
I wish to use the user's email address as the username.
My login works fine except when the username contains an @ sign...
Then I get a 401 error (FM found no matches)
Of course I triple checked that I typed the username exactly like it
is in the DB...!
My code:
if (isset($_POST['user'])) {
$validlogin = validateData($_POST['user'] , $_POST['pass']);
if (is_array($validlogin)) {
list ($validuser, $validpass) = $validlogin;
$authstatus = DbAuth($validuser, $validpass);
}
if (isset ($authstatus)) {
if (is_array($authstatus)) { //successful
login
$_SESSION['permissions']['role'] =
$authstatus['role'];
$_SESSION['permissions']['contact_id'] =
$authstatus['contact_id'];
} else {
//some error
$formhead = 'Prøv igen:';
showobject ($authstatus); // for debugging
showobject ($validlogin); // for debugging
}
} else {
$formhead = 'Prøv igen:';
}
}
These are the functions I use:
###
### Validate what the user has entered BEFORE comparisons are done.
### Make sure no one tries to pass malicious code through...
### Returns FALSE, or array $user_login(user,pass)...
###
function validateData($username, $password)
{
$username = trim($username);
$password = trim($password);
// any trying to submit nada for username & pass
if ($username == "" || $password == "") {
return false;
}
/* for anyone trying to sneak in delimiters
if (strstr($username, $this->FieldDel) || strstr($password,
$this-
>FieldDel)) {
return false;
}
*/
// for anyone trying to pass spaces through - arbitrary code
if (strstr($username, " ") || strstr($password, " ")) {
return false;
}
// make sure all quotes are properly escaped before proccessing
if (!get_magic_quotes_gpc()) {
$username = addslashes($username);
$password = addslashes($password);
}
$user_login[] = $username;
$user_login[] = $password;
return $user_login;
}
###
### function for authenticating against a Filemaker database with
FX.php
### by Erik Cayré, nov-dec 2005, erik at cayre.dk
###
function DbAuth($username, $password)
{
global $fmshost;
global $dataport;
global $dbname;
global $fmsuser;
global $fmspass;
$fx = new FX($fmshost, $dataport);
$fx->SetDBData($dbname, 'www_login');
$fx->SetDBUserPass($fmsuser, $fmspass);
$fx->AddDBParam('email', $username, 'eq');
$fx->AddDBParam('loginpass', $password, 'eq');
$return_data = $fx->FMFind();
// Transform FM data into more useful array
if ($return_data['errorCode'] == 0 and
$return_data['foundCount']
== 1) {
$user = array();
foreach ($return_data['data'] AS $fmrec =>
$fmrecord) {
foreach ($fmrecord as $data => $value) {
if (isset($value[0])) {
$user[$data] = $value[0];
}
}
}
addtolog ('User "' . $username . '" logged in');
return $user;
} else {
reporterror ('DbAuth. FMerror: ' .
$return_data['errorCode'] .
'<br>Foundcount: '.$return_data['foundCount']);
return 'FMerror: ' . $return_data['errorCode'] .
'<br>Foundcount:
' . $return_data['foundCount'];
}
}
Any clues?
---
Erik Andreas Cayré
Spangsbjerg Møllevej 169
6705 Esbjerg Ø
Privat Tel: 75150512
Mobil: 40161183
---
»Kun p....sure mennesker kan ændre verden. Innovation skabes ikke af
'markedsanalyse', men af folk, der er afsindigt irriterede over
tingenes tilstand «
--Tom Peters
»Hvis du ikke kan forklare det simpelt, forstår du det ikke godt nok.«
-- Albert Einstein
»Hvis du ikke har tid til at gøre det rigtigt, hvornår vil du så have
tid til at lave det om?«
-- John Wooden, basketball coach
More information about the FX.php_List
mailing list