The more I get in SpiderBasic, the more I feel that a user might need to work with "personalized" content. Whatever app-idea I come up with, I'd need some sort of user/password-mechanism, to keep things personalized and safe.
I'm not talking about full-fledged LDAP or OAuth and 2FA.
A simple Login + Logout and therefore hide/show certain data would be enough to start with.
I've searched the forums, but haven't found something yet. I did some web-research and came to the following conclusion:
- Most web-hosting, especially free/very cheap ones, seem to provide a LAMP Stack. I do not put node, jboss or docker etc. into consideration.
- My local development is based on XAMPP.
- Leave aside data-storing (SQL or file-based), I might need PHP for interaction between the Server and SpiderBasic.
Code: Select all
<?php
// create_user.php
require_once './conf/users.auth.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? '');
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
echo("Username and password need to be filled."");
}
createUser($username, $password);
echo "User created sucessfully";
}
function createUser($username, $password) {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$userInfo = "<?php\n// User: $username\n\$users['$username'] = '$hashedPassword';\n";
file_put_contents('./conf/users.auth.php', $userInfo, FILE_APPEND);
}
?>Code: Select all
<html>
<head></head>
<body>
<!-- create_user.html -->
<form action="createUser.php" method="post">
<label for="username">Username:</label>
<input type="text" id="username" name="username" required>
<label for="password">Password:</label>
<input type="password" id="password" name="password" required>
<button type="submit">Create</button>
</form>
</body>
</html>
But it's way harder than I thought. Most of the following is boiler-plate to have a full working example. The interesting part begins a Line 51.
Code: Select all
Enumeration
#WIN_MAIN
#TXT_USERNAME
#TXT_PWD
#BTN_CREATE_USER
EndEnumeration
Declare btn_create_user_event()
OpenWindow(#WIN_MAIN, 10, 10, 600, 800, "User Management PoC", #PB_Window_SystemMenu)
TextGadget(#PB_Any, 5, 18, 100, 30, "Username:")
TextGadget(#PB_Any, 5, 58, 100, 30, "Password:")
StringGadget(#TXT_USERNAME, 110, 14, 300, 30, "JohnDoe")
StringGadget(#TXT_PWD, 110, 50, 300, 30, "secret", #PB_String_Password)
ButtonGadget(#BTN_CREATE_USER, 420, 14, 150, 65, "Create User", #PB_Button_Default)
BindGadgetEvent(#BTN_CREATE_USER, @btn_create_user_event())
Procedure createUserCallback(Success, Result$, UserData)
Debug HTTPInfo(#PB_HTTP_StatusText)
Debug HTTPInfo(#PB_HTTP_StatusCode)
Debug HTTPInfo(#PB_HTTP_Headers)
If Success
Debug Result$
Else
Debug "HTTPRequest(): Error"
Debug "Result: " + Result$
Debug "User Data: " + UserData
EndIf
EndProcedure
Procedure btn_create_user_event()
Debug "#BTN_CREATE_USER fired Event 'btn_create_user_event()'"
If(GetGadgetText(#TXT_USERNAME) = "")
Debug "Username can't be empty"
ProcedureReturn
EndIf
If(GetGadgetText(#TXT_PWD) = "")
Debug "Password can't be empty"
ProcedureReturn
EndIf
;--------------------------------------------------------------------------------------
NewMap Headers$()
Headers$("username") = GetGadgetText(#TXT_USERNAME)
Headers$("password") = GetGadgetText(#TXT_PWD)
HTTPRequest(#PB_HTTP_Post, "createUser.php", "", @createUserCallback(), 0, Headers$())
EndProcedureI do have the same PHP-Script working with the HTML-Form, but now I get "500 Internal Server error".
Any help and ideas are - as always - highly appreciated.
P.S.:
I really wonder, how such a session in SB would look like: You open the website and have to login. Once that's done, you see your data and can worke with it, until you logout.
Most of the PHP-Examples I've found have direct impact on the client, like each sub-page of such an app has a piece of PHP-code that checks if the user is logged in or not. This would be true for a SB-App as well, I guess?