Login with Chinese Character

[petejos]

Hi there,

I am creating a login for my user. After they log in, their Login Name will appear. In the login database, I have their name also in chinese character. However, after I added the chinese character, the name changed itself to "???". How can I fix that? Thanks.

[Pablo]

For security reasons, the login object only supports ASCII characters.
If you want to accept different characters then you will need to modify the script yourself.
You can convert the login form to a standard form (via the context menu) and then you will be able to modify the script.

[petejos]

Thanks Pablo.

I also used the "Login Name" tool on my protected page. So, meaning when the user login, it will say "Hello, the name!". If I use the standard form will I still be able to use this tool?

[Pablo]

Yes, all other tools will still work.

Also, make sure your page is set to UTF-8 and all forms are set to 'accept-utf8'.

[petejos]

Hi Pablo,

Currently, this is my page. https://www.goec.com.au/goec2/agmlogin.php

I need some guidance on how to do what you suggested in "convert login form to standard form". Apprecaited. Thanks.

[Pablo]

To convert a login form to a standard form:
- right click the form
- select 'convert to form'
Now you can modify the code of the PHP code of your to suit your needs.

I cannot help you to modify the code, but I think you will have to change this (in the sign up form):

Code: Select all

if (!preg_match("/^[A-Za-z0-9-_!@$]{1,50}$/", $newusername))

Note: modifying the code may affect the security of the form!

[Pablo]

You will need to select the login form/sign up, not the layout grid.

Example:
https://www.wysiwygwebbuilder.com/customize_signup.html

[petejos]

Hi Pablo,

I got it. Next question is where should i put that code? The following is in the html

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['form_name']) && $_POST['form_name'] == 'loginform')
{
$success_page = './agm2021resource.php';
$error_page = './agmaccessdenied.html';
$database = './membersdb.php';
$crypt_pass = md5($_POST['password']);
$found = false;
$fullname = '';
$session_timeout = 600;
if(filesize($database) > 0)
{
$items = file($database, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($items as $line)
{
list($username, $password, $email, $name, $active) = explode('|', trim($line));
if ($username == $_POST['username'] && $active != "0" && $password == $crypt_pass)
{
$found = true;
$fullname = $name;
}
}
}
if($found == false)
{
header('Location: '.$error_page);
exit;
}
else
{
if (session_id() == "")
{
session_start();
}
$_SESSION['username'] = $_POST['username'];
$_SESSION['fullname'] = $fullname;
$_SESSION['expires_by'] = time() + $session_timeout;
$_SESSION['expires_timeout'] = $session_timeout;
$rememberme = isset($_POST['rememberme']) ? true : false;
if ($rememberme)
{
setcookie('username', $_POST['username'], time() + 3600*24*30);
setcookie('password', $_POST['password'], time() + 3600*24*30);
}
header('Location: '.$success_page);
exit;
}
}
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$password = isset($_COOKIE['password']) ? $_COOKIE['password'] : '';
?>

[Pablo]

I don't think you will need to change this code.
I think you will need to change the code of signup form so it accepts Chinese characters.

Note that I cannot help you modify the code. For me, it may also take hours or days to find a solid solution. This needs to be tested carefully, to make sure it cannot be hacked.
It was intentionally designed it to accept ASCII only to make sure no malicious code can be injected.
However, by providing an option to convert it to a standard form, you have the ability to change it yourself.

[petejos]

Hi Pablo,

Thanks for your advice. I actually found something that works. I created an Admin page and pointing it to access the db file I created. I add the Chinese character from the admin page and it actually works. Hope this solved my issue. Thanks again pablo.