Partners
Download
BuyPHP Generator for MySQL online Help
| Prev | Return to chapter overview | Next |
OnAfterLogin
This event occurs after a user is successfully logged in into the application.
Signature:
function OnAfterLogin ($userName, $connection, &$canLogin, &$errorMessage)
Parameters:
$userName |
The name of the logged user. |
$connection |
An instance of the EngConnection class. |
$canLogin |
Specifies whether a user can login (true by default). You can set the value of this parameter to false to disable login even for a user who provided valid credentials. |
$errorMessage |
A message to be displayed when valid credentials are provided, but $canLogin == false. |
Example 1:
Among other things this event can be used for tracking the user activity. The code snippet below inserts a new record containing user name and the login time into the 'log' table.
$connection->ExecSQL("INSERT INTO log(user_name, log_date)
VALUES ('$userName', CURRENT_TIMESTAMP)");
Example 2:
The following code allows to redirect users to home page after login.
header('Location: index.php');
exit;
Example 2:
The following code allows to lock user accounts after a specified number of failed login attempts.
// Handling failed user login attempts
$sql = "SELECT failed_login_attempts FROM phpgen_users WHERE user_name='$userName'";
$failedLoginAttempts = $connection->ExecScalarSQL($sql);
if ($failedLoginAttempts >= 3) {
// lock account due to too many failed login attempts
$canLogin = false;
$errorMessage =
"Dear $userName, your account is locked due to too many failed login attempts. " .
'Please <a class="alert-link" href="mailto:support@example.com">contact our support team</a>.';
} else {
// Reset counter of failed login attempts for user after successful login
$sql = "UPDATE phpgen_users SET failed_login_attempts = 0 WHERE user_name='$userName'";
$connection->ExecSQL($sql);
}
See also: OnAfterFailedLoginAttempt and OnBeforeLogout events
| Prev | Return to chapter overview | Next |
