Hi,
I'm trying to use the password protection for the form. I'm having no success at it. Is there a problem with the code? I select the password field, save the form and when I access it, fill in the form and press submit, it still adds everything in the database.
sorry, I don't really understand what you mean.
If password protection enabled, all users accessing your form will be required to type in the password.
If the password is correct, they will be able to submit it and adds everything to the database.
The problem is that everyone accessing the form can submit it and add to the database without using a password.
It doesn't even ask for a password.
Saghalie
http://www.beautiful-beginnings.org
Never Mind.
I've found the reason.
If I am still logged in to MachForm on my server and look at the form it lets me in. Even though I've defined a different password for the form.
Its a feature! Not a BUG!
Thanks,
Wawa Kopa Saghalie
http://www.beautiful-beginnings.org
Found another "Feature" with this issue.
-- edited by admin ---
content hidden because this is a bug report.
shouldn't be available for public. the fix is available below.
----------------------
Thanks,
Wawa Kopa Saghalie
http://www.beautiful-beginnings.org
Saghalie,
You are right, this is a "feature". Ugh.
Here is how to fix it, edit your includes/post-functions.php, search around line 14-28:
//this function handle password submission and general form submission
if(isset($input['password'])){ //if there is password input, do validation
$query = "select count(form_id) valid_password from ap_forms where form_password='{$input['password']}'";
$result = do_query($query);
$row = do_fetch_result($result);
if(!empty($row['valid_password'])){
$process_result['status'] = true;
$_SESSION['user_authenticated'] = $form_id;
}else{
$process_result['status'] = false;
$process_result['custom_error'] = 'Invalid Password!';
}
return $process_result;
}
Replace that whole block of code with this one:
//this function handle password submission and general form submission
//check for password requirement
$query = "select form_password from ap_forms where form_id='$form_id'";
$result = do_query($query);
$row = do_fetch_result($result);
if(!empty($row['form_password'])){
$require_password = true;
}else{
$require_password = false;
}
//if this form require password and no session has been set
if($require_password && (empty($_SESSION['user_authenticated']) || $_SESSION['user_authenticated'] != $form_id)){
$query = "select count(form_id) valid_password from ap_forms where form_id='{$form_id}' and form_password='{$input['password']}'";
$result = do_query($query);
$row = do_fetch_result($result);
if(!empty($row['valid_password'])){
$process_result['status'] = true;
$_SESSION['user_authenticated'] = $form_id;
}else{
$process_result['status'] = false;
$process_result['custom_error'] = 'Invalid Password!';
}
return $process_result;
}
If the above code doesn't quite clear, use this:
http://mf.pastebin.com/f31d151c0
That should fix this "feature".
I'm packing this code into version 2 which should be released next week. So version 2 shouldn't have this "feature" again.
Thanks for the report.
Thanks for the reply, fixed the code and now I get this error when I "Don't" put a password in.
Fatal error: Cannot use string offset as an array in <snip>includes\view-functions.php on line 317
When I put the password in, it works fine.
Saghalie
http://www.beautiful-beginnings.org
Hmm.. that's weird. I didn't get that error here.
Are you modifying the correct file includes/post-functions.php ?
The errors come from includes/view-functions.php line 317. What's the code in that line? or you can just send me the file.
I have Version 1.2.
I re-copied the original includes/view-functions.php and still have the same problem.
Code:
<input id="element_{$element->id}_1" name="element_{$element->id}_1" class="element text" size="2" maxlength="2" value="{$element->populated_value['element_'.$element->id.'_1']['default_value']}" type="text"> /
and includes/view-functions.php is the only one of its kind on my server.
Mashie!
Saghalie
http://www.beautiful-beginnings.org/
Hmm.. that's odd.
Can you mail me and send me the following please:
1) includes/post-functions.php
2) includes/view-functions.php
3) The URL to your form so I can try it
Mail to: yuniar [at] appnitro.com
Yuniar,
-Done..
Yuniar,
Thanks for the fix! Everything is working great! Your service, as always, is awesome!
You must log in to post.