Custom login forms
If you want to present your own login page instead of the barebones one that the system provides, put “$customLogin=true” in front of the "include" line:
<? $customLogin = true; include('/web/includes/login.php'); ?>
This hands access control back to you, but you will now also need to check for authorization yourself.
If you use custom logins, you must verify that people are logged in before making any changes that are limited to logged-in users, such as changes to database tables, sending out e-mails, or creating files.
For example:
<?IF ($authorized):?> <?logoutbutton()?> PUT STUFF HERE FOR AUTHORIZED USERS <?ELSE:?> PUT STUFF HERE FOR EVERYONE ELSE <?loginform()?> <?ENDIF?>
The login form will automatically use the secure server, and redirect back to your page when done.
You can provide up to four messages to loginform():
- login message
- logout message
- failed login message
- no access message (successful login, but no access to this page)
- expired session message
You can provide none of these and they will default to reasonably vague default messages. If you provide one, you must also provide any preceding ones. For example, you can provide all of the messages; or you can provide only the first message; or you can provide the first and second message; or the first, second, and third message, etc. But you cannot provide only the first and fourth message.
<? loginform("Log in to the Rainbow Tour.", "You have left the Rainbow Tour.", "Your attempt to log in has failed. Try again.", "You do not have access to the Rainbow Tour.", "Your Rainbow Tour session has expired.") ?>
Username
If you need to know the username of the authorized user, you can find it in $authenticatedUser. For example:
<?IF ($authenticatedUser == 'jerry'):?> STUFF HERE FOR jerry <?ENDIF?>