Allowing either email address or username, and password for login credentials on v2.53 back end

6 posts by 3 authors in: Forums > CMS Builder
Last Post: December 23, 2013 (RSS)

Archived
Reply
Reply

By gkornbluth - December 15, 2013

Hi All,

A question that I should probably know the answer to already, but here goes.

How can I allow either email addresses or usernames, and passwords as login credentials in the admin back end login

It seems to work when using the login form, but not on the admin page login. I’m using the website membership plugin 1.10.

Thanks,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!

Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

Archived
Reply
Reply

By Daryl - December 18, 2013

Hi Jerry,

I can't think of any way to do this without editing the library file as it will get overwritten when you upgrade the cmsb. So if you're going to try the steps below, please make sure that when you upgrade/downgrade your cmsb version, remember to do the same thing again or make a back up copy.

The library file that you need to edit is \cmsAdmin\lib\login_functions.php.

Look for the getCurrentUser() and inside that function, you will find this block of conditional if code:

if ($username && $passwordHash) { //$userFound = mysql_get(accountsTable(), null, array('username' => $username)); $userFound = mysql_get(accountsTable(), null, 'username = "'.mysql_escape($username).'" OR email = "'.mysql_escape($username).'"'); $isValidLogin = $userFound && ($passwordHash == getPasswordDigest($userFound['password'])); if ($isValidLogin) { $user = $userFound; } }

Add a new line of code (blue color in the code above) and comment out the original one (red color in the code above).

Let us know if that works for you.

Cheers,

Daryl Maximo
PHP Programmer - interactivetools.com

Archived
Reply
Reply

By gkornbluth - December 18, 2013

Thanks Daryl,

I'll give it a try in the morning.

I'm sure it will work just perfectly.

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!

Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

Archived
Reply
Reply

By ross - December 20, 2013

Hi Jerry

Another option here is you could modify your signup page so that it only asks for an email address. When a new member signs up, their email address becomes their username as well. This way, they only have one thing to remember.

For the accounts that have already been setup, you can do a quick SQL update to copy the email addresses to the usernames for all accounts. What do you think?

We can help you with either part via consulting.

-----------------------------------------------------------
Cheers,
Ross Fairbairn - Consulting
consulting@interactivetools.com

Hire me! Save time by getting our experts to help with your project.
Template changes, advanced features, full integration, whatever you
need. Whether you need one hour or fifty, get it done fast with
Priority Consulting: http://www.interactivetools.com/consulting/

Archived
Reply
Reply

By gkornbluth - December 21, 2013

Hi, Ross,

That would make it KISS simple.

I guess I could put in some error checking code to insure a validly formed email address was entered, and then insert the same information in the email field in new accounts.

I'll see if the client wants to go for the importing of email addresses into the username field.

Thanks,

Jerry

The first CMS Builder reference book is now available on-line!

Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

Archived
Reply
Reply

By ross - December 23, 2013

Hi Jerry

Great! I sure do like the simple options as a starting point :). Let me know what your client has to say and I can walk you through the next steps if you like.

In the meantime, you mentioned validating the email address is well formed and wanted to make sure you knew about the built in email validator :)

if (!@$_REQUEST['email']) { $errorsAndAlerts .= "You must enter your email!<br/>\n"; } else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com)<br/>\n"; }

See how I check first that an email address was entered, then use the isValidEmail function. It's really quite handy. Keep in mind that this is just checking that the email is a valid address (ie: has an "@" and a "." in it. There is more code in the sample signup form that checks if the address already exists in the database.

Let me know what you think :).

Thanks!