In this MySQLi Server Behaviors tutorial, you will learn about the MySQLi user authentication interface which allows you to generate code on a PHP page to log in registered users to your website, log out users, check if a username already exists in the database, and restrict access to a specific page based on user credentials. One of several new enhancements, a user is now allowed multiple logins, for example, as both a user and an administrator, depending on the type of access you wish to grant.
You'll find a linked index to the tutorials in the MySQLi Server Behaviors series at the bottom of this page.
- Dreamweaver CS4 or higher; Dreamweaver CS6 or higher to use the Query Builder
- MySQLi Server Behaviors installed and activated.
- Site defined in Dreamweaver. For assistance, watch this tutorial: Setting up a site in Dreamweaver.
- MySQL database with registered users. If you do not have an existing database, you can download our free eCommerce MySQL database in this tutorial.
- PHP web page with a log-in form.
- Connection in Dreamweaver to your database. For assistance, view this tutorial: Create a PHP database connection.
MySQL code is now deprecated so you must transition to MySQLi for your websites to continue to work when the next version of PHP is released.
Before we begin with the steps in this tutorial, let's discuss why WebAssist created the MySQLi Server Behaviors interface. The original MySQL library that the original Dreamweaver server behaviors is based on is now deprecated in PHP as well as Dreamweaver. Because MySQL will be removed in the future, we have taken the functionality that used to exist within Dreamweaver for MySQL and recreated it in the MySQLi Server Behaviors extension as both a replacement and an improvement.
To begin User authentication set-up, the first step is to create a MySQLi database connection.
- Open a php page in your Dreamweaver site.
- Go to the Databases panel, click the + icon, and choose Dynamic MySQLi Connection.
- Fill in your connection name and choose the default Charset, as indicated.
- Continue filling in the fields for your MySQL server, User name, and Password.
- Use the Select button to search for and select your database.
- Test your connection and click OK.
- Click OK to close the Dynamic MySQLi Connection window.
- Now you can see the MySQLi connection in the Databases panel.
The WebAssist MySQLi Log In User authenticates, that is, uniquely identifies, who is logging into your site. Users will enter required data into a login form (for example, an email address) which in turn is compared to stored data given by users during registration. If the data matches, users will gain access to your website pages until logging out or the session ends. This results in restricting your site's content or certain pages to authorized users.
- Open the PHP page where you wish your users to log in.
- In the Server Behaviors panel, click the + icon and choose WebAssist > MySQLi > User Authentication > MySQLi Log In User to open the WebAssist MySQLi Log In User interface.
General tab
As an enhancement to the native Dreamweaver, MySQLi User Authentication allows for multiple logins throughout a website versus a single login. For example, on one page, a registered user may have access as a user and on another page, the same person may have access an administrator.
- Login Name: This field is used to specify a unique identifier for each login.
- Trigger: Click the Trigger select list to indicate when login should occur.
- Any form post: The server behavior is applied to a form on the current page to trigger the data insert.
- Before page load: The server behavior is applied to the current page to trigger the data insert when the page loads.
- Current page submit: The server behavior is triggered when a page is submitted.
- Rules: Multiple conditional rules based on other WebAssist Server Behaviors.
- Connection: Choose your MySQLi connection.
- Table: Select the database table with the column containing your registered users.
- Success Redirect: Browse using the folder icon to choose a page where you would like the user redirected after a successful login.
Optional: Click the Return to restricted page checkbox if you wish for users to be redirected to the restricted page they attempted to access prior to successful login.
- Failure Redirect: Browse using the folder icon to choose a page where you would like the user redirected after a failed login.
Find Record tab
As an enhancement to the native Dreamweaver, MySQLi User Authentication allows you to find a record based on one or more columns. Basing the record on one column, for example, user email, might make sense when you are offering an internet app that is behind a firewall, such as an online newsletter. But for more security, MySQLi User Authentication offers you the option of basing the record on multiple columns, for example, password, secret question, and email, in order to authenticate users.
- Column: Now you will enter the value you want to compare to the record in your database table by first selecting the corresponding column. In this example, we select the UserEmail column because a unique email address was required from the user during registration.
- Value: Next enter a static value or a variable. Alternately, you can select a value from Bindings using the dynamic data lightning bolt button. You would usually select the form elements for username and password from the created form.
- Submit as Type: Make a selection in the Submit as list to designate the data type you will be comparing your values to.
You may find that the data type has been preset based on the column type, for example, Text.
- Text
- Integer
- Double
- Date
- Checkbox Y,N
- Checkbox 1,0
- Checkbox -1,0
Store Value tab
As an enhancement to the native Dreamweaver, MySQLi User Authentication allows you to store one or more session variables. There will be one general session variable that will be used to restrict access. But you can store additional session variables to look up user information or display names and email addresses on various pages throughout your website.
- Enter session variable names that you wish to store corresponding column values in for the remainder of the session.
- Click OK to apply the Log In User server behaviors to the current page.
No values will be stored on a page in the event of an unsuccessful login.
- Edits to Log In User can be made from the Server Behaviors panel.
The WebAssist MySQLi Log Out User interface allows you to determine which user authentication you are logging out. The logout occurs by clearing session variables after a successful login attempt. Logging out users means the associated restricted pages on your website will no longer be accessible.
- Trigger: Use the Trigger select list or the Dynamic Data interface (lightning bolt) to select the event in which your record will be updated.
- Any form post: The server behavior is applied to a form on the current page to trigger the data insert.
- Before page load: The server behavior is applied to the current page to trigger the data insert when the page loads.
- Current page submit: The server behavior is triggered when a page is submitted.
- Rules: Multiple conditional rules based on other WebAssist Server Behaviors.
- Dynamic Data interface: If the triggers in the list do not meet your requirements, use the lightning bolt to specify server-side code.
- Authentication: Select from the list the unique login value used in the Log In User interface.
- Click OK to apply the Log Out User server behaviors to the current page.
- Edits to Log Out User can be made from the Server Behaviors panel.
The WebAssist MySQLi Restrict Access To Page allows you to restrict access to a specific page based on user credentials.
- Trigger: Use the Trigger select list or the Dynamic Data interface (lightning bolt) to select when access restriction should occur.
- Any form post: The server behavior is applied to a form on the current page to trigger the data insert.
- Before page load: The server behavior is applied to the current page to trigger the data insert when the page loads.
- Current page submit: The server behavior is triggered when a page is submitted.
- Rules: Multiple conditional rules based on other WebAssist Server Behaviors.
- Dynamic Data interface: If the triggers in the list do not meet your requirements, use the lightning bolt to specify server-side code.
- Authentication: Select from the list the unique login value used in the Log In User interface. Once set, the page will be restricted to all users without authentication.
- Failure Redirect: Browse using the folder icon to choose a page where you would like the user redirected after attempting to access a restricted page while not being logged in.
- Click OK to apply the Restrict Access to Page server behaviors to the current page.
- Edits to Restrict Access to Page can be made from the Server Behaviors panel.
The WebAssist MySQLI Check New User Name interface prevents duplicate user registrations by performing a check on new user registrations to see if the username (for example, an email address) already exists in the database table records. This task occurs when a table is searched for any matches using the value and column that you specify in the interface.
General tab
- Trigger: Click within the select list to choose when username lookup will occur.
- Any form post: The server behavior is applied to a form on the current page to trigger the data insert.
- Before page load: The server behavior is applied to the current page to trigger the data insert when the page loads.
- Current page submit: The server behavior is triggered when a page is submitted.
- Rules: Multiple conditional rules based on other WebAssist Server Behaviors.
- Dynamic Data interface: If the triggers in the list do not meet your requirements, use the lightning bolt to specify server-side code.
- Connection: Choose your MySQLi connection.
- Table: Select the database table with the column containing your registered users.
- Found Redirect: Browse using the folder icon to choose a page where you would like the user redirected after a duplicate user registration is found.
Find Record tab
- Column: Now you will enter the value you want to compare to the record in your database table by first selecting the corresponding column. In this example, we selected the UserEmail column because a unique email address was required from the user during registration.
- Value: Next enter a static value or a variable. Alternately, you can select a value from Bindings using the dynamic data lightning bolt button.
- Submit as Type: Make a selection in the Submit as list to designate the data type you will be comparing your values to.
You may find that the data type has been preset based on the column type, for example, Text.
- Text
- Integer
- Double
- Date
- Checkbox Y,N
- Checkbox 1,0
- Checkbox -1,0
- Click OK to apply the Check New User Name server behaviors to the current page.
- Edits to Check New User Name can be made from the Server Behaviors panel.
Now that you understand how to use the User authentication interface, learn how to use WebAssist's data modeling interface and query builder tool by watching this video: Query Builder tool and Data Modeling interface.
With WebAssist's MySQLi Server Behaviors, you can quickly create various server behaviors to generate streamlined MySQLi code in Dreamweaver. The following tutorials in the MySQLi Server Behaviors series for websites with custom database driven pages demonstrate how to insert, update, and delete records, add user authentication, record count, pagination links, and show if statements. Additionally, you will learn how to use WebAssist's Data Modeling interface and Query Builder tool.
- MySQLi Server Behaviors series: An overview of four in-depth tutorials to help you transition to MySQLi so that your websites will continue to work when the next version of PHP is released.
- Insert, update, and delete records: The data management interface allows users to insert, update, and delete data in a database from a PHP page. From the individual insert, update, and delete interfaces, users can choose a trigger, such as a form post, and specify how to manipulate records in a database.
- User authentication: The MySQLi user authentication interface allows code to be generated on a PHP page to log in users stored in the database. You can also log out users, check if a username exists with the Check New Username server behavior and restrict access to a specific page based on user credentials.
- Data Modeling and Query Builder tool: Watch the video demonstrating how to use the stand alone Data Modeling interface that allows users to set up joins which will be automatically applied whenever tables are added in the MySQLi recordsets. The Query Builder tool allows users to drag and drop database tables onto a grid and create relationships between database tables to create advanced SQL statements.
- Getting started with MySQLi Server Behaviors: Learn how to generate a simple results page by creating a recordset, adding a binding to a PHP page, and wrapping a repeat region around that binding. Then you'll be walked through adding a record count, pagination links, and show if statement. Once you understand the concepts, you can build on your knowledge to create custom database driven pages for your website.
this_is_me: 10 Years, 2 Months, 2 Weeks, 3 Days, 1 Hour, 25 Minutes ago
Hmm, I miss the access-level authentication method. One would need it on certain restricted pages, only accessible to administrators, others for administrators and users etc...
Kate Ford: 10 Years, 2 Months, 2 Weeks, 2 Days, 22 Hours, 32 Minutes ago
Hi this_is_me, Scroll up to the section titled "MySQLi Restrict Access to Page" that shows you how to restrict access to a specific page based on user credentials.
codamedia: 10 Years, 2 Months, 6 Days, 1 Hour, 5 Minutes ago
Kate.... I re-read "Restrict Access to Page" several times, but it is not clear how to restrict the access to certain levels. In the older DW connections - you could restrict a page to multiple levels like "1, 5, 7", or just "9" if you wanted. Anyone without those levels could not see the page. Is this possible with MySQLi using the server behavior, or do we need to hand code it in?
nickj: 10 Years, 2 Months, 6 Days, 20 Minutes ago
In the "MySQLi Log In User" section you ask to open the page where I want to add the new behavior. But If I build the form using the form builder it will have the behaviors already. I'm going to have to rework lots of pages on sites and I need the basics\
Do I have to build login page from scratch or can I take the ones I have and replace the behaviors? On Login page it's not clear how to remove the old behavior.
On other pages can I just replace the recordsets? Can we expect that Data Bridge is being rebuilt? I had to upgrade eCart (which I don't use) just to get the set Session behavior.
When do you think that servers will require PHP6?
Team WebAssist: 10 Years, 2 Months, 5 Days, 23 Hours, 56 Minutes ago
codamedia, To restrict access to certain levels, you could filter the recordset to a column in your database where you specify the user level. If you need more assistance with this, click Help to get free technical support. If you want someone to walk you through all the steps on the phone, you can click on the premier support link on that page. SecurityAssist will be updated to use MySQLi in the future, which will make user groups a little simpler through a user interface.
Team WebAssist: 10 Years, 2 Months, 5 Days, 23 Hours, 50 Minutes ago
nickj, You can remove MySQL server behaviors and apply MySQLi server behaviors from the Dreamweaver server behaviors panel, but you also need to replace any references to the names of those server behaviors in order for everything to work seamlessly. We will be updating Data Bridge, but do not have a date set for release, and we do not get any info on when servers will require PHP6; it will vary by server. For quicker and more thorough technical support, click on Help in the main website menu. We are always happy to reply to you here, but it is hard to be as helpful walking you through any steps or troubleshooting via a comment thread. Our tech support in the forums are great! :)
nickj: 10 Years, 2 Months, 5 Days, 20 Hours, 7 Minutes ago
I was successful using a simple form but unsuccessful using Webassist's for tools. It appears the MYSQLi is not very compatible. I think it would help to have the tutorial clearly state how simple the form needs to be for the new behavior to work. Also I didn't see any way to use encrypted passwords.
Regards,
Me: 10 Years, 1 Month, 1 Week, 5 Days, 6 Hours, 30 Minutes ago
Could not get this to work at all...JavaScript errors and no details being saved to session as instructed when using the wizard
$Authenticate->storeResult("username","username"); Does not appear in the code as per above illustration and when I hand code it in, we lose the display from the server behaviours panel...on top of the php errors that I have already reported (elsewhere with other major issues) and as yet still no update for. The MySQLi Extension does is no way operate as smoothly as previous extensions.
So in my case, quicker to hand code the whole thing...which defeats the object of attempting to use such an extension.
henrik441511: 10 Years, 1 Month, 1 Day, 8 Hours, 9 Minutes ago
Hi, Very nice tutorial... Only one funny thing is that i have to databinding and make a mysqli query before i can use any server behaviors. :-)
Team WebAssist: 10 Years, 1 Month, 3 Minutes ago
henrik441511, If you have a MySQLi database connection and go though the recordset steps on your login page, you should have everything you need to apply the login server behavior. You also need a form or link to use the logout server behavior and PHP pages you want to restrict access on if you want to do that. What part could we make more clear or improve on? Appreciate any further feedback you have.
mmnpinto361034: 9 Years, 11 Months, 2 Weeks, 2 Days, 16 Hours, 53 Minutes ago
Just follow the tutorial but can't get the restrict access to page working. Anybody have the problem too? Any help please!
Team WebAssist: 9 Years, 11 Months, 2 Weeks, 21 Hours, 7 Minutes ago
mmnpinto361034, Please click Help in the main website menu and describe the problem you are running into. Our technical support team will assist you.
GrahamJ16: 9 Years, 3 Months, 3 Weeks, 23 Hours, 7 Minutes ago
It's all very well checking to see if the username exists but how do I go onto register the user if it doesn't exist?
Paul: 8 Years, 10 Months, 3 Weeks, 4 Days, 42 Minutes ago
Hi, have you produced a video version of this tutorial?
Also, i would like to encrypt the users password - does mysqli support this?
Miguel: 7 Years, 3 Months, 3 Weeks, 6 Days, 2 Hours, 5 Minutes ago
It still not tlo clear how you can use this tool with multiple user levels, would be nice if that gets explained