Problems, need help? Have a tip or advice? Post it here.
3 posts Page 1 of 1
@KK Sir
@trendoman
@All Couch Developers

I am having this code (below) where in i am getting the message "Cheating?!"
I am having three params sent through the URL which are:
1. username (i.e. email)
2. password
3. fcmid

Till i work with username and password all conditions are fine. But the moment I use the third param (fcmid) conditionally I get the "Cheating?!" message.

My code is:
Code: Select all
<?php require_once( 'couch/cms.php' ); ?>
<cms:template title="Aashish Try for Login Json" />
<cms:set username="<cms:gpc 'username' method='get' />" />
<cms:set password="<cms:gpc 'password' method='get' />" />
<cms:set fcmid="<cms:gpc 'fcmid' method='get' />" />

<h4>Values from cms:query tag:</h4>
<cms:capture into='sql'>
   SELECT id, email, fcmId
   FROM couch_users
   WHERE email="<cms:show username />"
</cms:capture>
<cms:query sql=sql limit='1' >
   <cms:set user_id="<cms:show id />" scope="global" />
   <cms:set user_name="<cms:show email />" scope="global" />
   <cms:set fcm_id="<cms:show fcmId />" scope="global" />
</cms:query>

<!-- User exists, i.e. email matches -->
<cms:if user_id>
<cms:set user_exists="1" />
{
   "usercheck":
   {
      "status":"200",
      "message":"User exists."
   }
}
<cms:else />
<cms:set user_exists="0" />
{
   "usercheck":
   {
      "status":"0",
      "message":"User does not exist."
   }
}
</cms:if>
<hr>
<!-- Password match? -->
<cms:set pass_word="<cms:pages masterpage=k_user_template custom_field="extended_user_id=<cms:show user_id />" limit='1'><cms:show ipt_psw /></cms:pages>" scope="global" />
<cms:if (user_exists eq '1') && (password ne '') >
   <cms:if password eq pass_word>
      <cms:set password_match="1" />
      {
         "passwordcheck":
         {
            "status":"200",
            "message":"Password Match"
         }
      }
   <cms:else />
      <cms:set password_match="0" />
      {
         "passwordcheck":
         {
            "status":"0",
            "message":"Wrong Password"
         }
      }
   </cms:if>
</cms:if>
<hr>
<!-- FCM Id exists || FCM Id blank -->
<cms:if (user_exists eq '1') && (password_match eq '1') && (fcmid ne '')>
   <cms:pages masterpage=k_user_template custom_field="extended_user_id=<cms:show user_id />" >
   <cms:if fcmid eq ipt_emp_registration_ids>
      <cms:set fcmid_exists="1" />
      {
         "status":"200",
         "message":"FCM Token match"
      }
   <cms:else_if fcmid ne ipt_emp_registration_ids />
      <cms:db_persist
         _masterpage=k_user_template
          _mode='edit'
          _page_id=k_page_id
          _invalidate_cache='1'
          _auto_title='0'

          ipt_emp_registration_ids   =   "<cms:show fcmid />"
      >
      <cms:set fcmid_exists="1" />
      {
         "status":"1",
         "message":"FCM Token updated"
      }
      </cms:db_persist>
   </cms:if>
   </cms:pages>
<cms:else_if (user_exists eq '1') && (password_match eq '1') && (fcmid eq '') />
   <cms:set fcmid_exists="0" />
   {
      "status":"0",
      "message":"FCM Token required"
   }
</cms:if>
<?php COUCH::invoke(); ?>


My test and their outputs are:
1. only username param is supplied:

Code: Select all
Output:
{
   "usercheck":
   {
      "status":"200",
      "message":"User exists."
   }
}

{
   "passwordcheck":
        {
      "status":"1",
           "message":"Password Required"
        }
}


2. Using two params, username and password

Code: Select all
Output:
{
   "usercheck":
   {
      "status":"200",
      "message":"User exists."
   }
}

{
   "passwordcheck":
   {
      "status":"200",
      "message":"Password Match"
   }
}

{
   "status":"0",
   "message":"FCM Token required"
}


3. Now the third case, using three params (i get error)

Code: Select all
Output:
Cheating?!


The user account I am trying to update the fcmid in are authenticated users (created by the extended users module) and not super admin or admin account.

I know this is not the best way to login through mobile app but i need to update the fcmid in case the user change their handset.

Please advise.

Regards,
GenXCoders (Aashish)
Image
where innovation meets technology
BUMPING IN!!!
Image
where innovation meets technology
genxcoders wrote: BUMPING IN!!!

You get that (expected) result because your request is not authenticated. Variable k_user_id is "-1" if you print it on the far end. Access level of such users is "0". Authenticated user's level is at least "2" ("4" for AuthUser-Special).

You mobile app (if I got it correct) requests a given page with a given URL and your Server with Couch treats it as a regular anonymous (un-authenticated) visitor. Any changes to data protected by a password (i.e. non-public) will be rejected.
active topics, google
Free support is never free.. Donate!
3 posts Page 1 of 1

Who is online

In total there are 4 users online :: 0 registered, 0 hidden and 4 guests
(based on users active over the past 5 minutes)

Users browsing this forum: No registered users and 4 guests