Welcome Tour
Site Checklist
Our Story




This command/function is used to log a user into BoltWire.

The command expects there to be an id field and a password field as regular form inputs.

When the form is submitted the password is retrieved from the member page associated with the id entered, and retrieves the password. If it matches the password entered they are logged in. Their {id}, {member}, and {groups} vars are all set.

If you wish to encrypt passwords for stronger security, set $cryptkey before any member accounts are created. Should the $cryptkey be added, deleted, or changed, all passwords in the BoltWire system become invalidated.

The form aborts if they are already logged in.

Here's the bare minimum of a login form:

Member ID: [text id]
Password: [password password]
[command login]

Automatic Login

You can use the function in a similar way. Suppose you had a login page with the following command:

[(login id={?id} password={?password})]

The input parameters can come from cookies, a post variable, or a get variable. Using the latter option, I could login via a link like this:

The function takes the myid and mypass parameters, and attempts to login the user. If successful, the function reloads the page so all the variables and permissions can be updated for their new status. This means you could put a message like this on the page:

[if login]You have been successfully logged in[else]Unable to log you in.[if]
[(login id={?id} password={?password})]

BoltWire attempts to log them in. If it succeeds, the page reloads and they see the confirmation. If it fails, the page continues loading, and they see the warning message. If you wish to have it forward to a new page on a successful login, just add a nextpage parameter to the function, or put it inside the login conditional.

Using a URL login like this might be useful on a mobile device where the user can store the URL in their favorites--and then have one click access to your site.

Persistent Login's

An even better option is to create an option for persistent logins. Technically, these are automatic logins based on information stored as cookies on the user's device. Consider the following login page:

Member ID: [text id]
Password: [password password]
[check persist 1209600] Remember Me
[command login persist={=persist}]
[command nextpage=main.welcome]

[(login id={?id} password={?password} nextpage=main.welcome)]

Here, the user enters their account information to login. If they check the "Remember Me" box, their login info gets stored as cookies on their computer for 2 weeks (1209600 seconds). The next time they visit this page, BoltWire will see the cookies and log them in.

If you want to renew the passwords for another two weeks add persist=1209600 to the login function. As long as they stop in at least once every two weeks they will stay logged in indefinitely. For information about how to clear the cookies, see the logout command/function.

Note: A URL login would also work on the above page. The login function will look for GET variables if it can't find cookies.