11. Dealing with errors

We need to deal with any errors that might occur, such as an invalid authorisation or some error generated by the server. If we write these to variables, we can find out what happened. In a live site, you need to make sure your user knows what to do if the error is caused by an incorrect login. You might also want to log errors to a database table or text file so you can see if anything is happening often. If the error has been caught by the object, then it can be retrieved with the GetError() method that returns an array.

elseif($openid->IsError() == true){
$error = $openid->GetError();
$error_code = $error[‘code’];
$error_string = $error[‘description’];
$status = ‘ERROR’;
}else{
$error_code = ‘’;
$error_string = ‘INVALID AUTHORIZATION’;
$status = ‘INVALID’;
}

12. User cancelled request

If you deny the authorisation on the Open ID server, then the value of openid_mode will be ‘cancel’. In this situation, the user has cancelled the request and so you cannot then log in. You would need to give the user some information in this situation, perhaps giving them contact details if they have concerns about the information that you want to access.

else if ($_GET[‘openid_mode’] == ‘cancel’){
$showform = false;
$error_string = ‘USER CANCELLED REQUEST’;
$error_code = ‘’;
$status = ‘CANCELLED’;
}

13. Showing the information

For the purposes of this article, we will just display the information that has been returned – or the error message generated – so you can see that the login has worked. At the top of your script (just below the include of the class), add $showform = true;. Then wrap the form in your page with an if statement checking for $showform.

<?php
if($showform) {
?>
<form action=”index.php” method=”post”>
<h1>Login with your Openid</h1>
<div>
<div><label for=”openid”>Your OpenID</label><input
type=”text” name=”openid_url” id=”openid” class=”text” />
<input type=”submit” name=”login” value=”Login” class=”btn” /></div>
<p><a href=”http://www.myopenid.com/”>Get an OpenID</a></p>
</div>
</form>
<?php
}
?>

14. Display the returned information

If our status variable is set to Valid, then we have the user details. Echo them out to the page as proof of the successful authentication.

15. Error display

The following code will print out the error messages that have been received. These messages are more for debug purposes, so don’t forget to display more friendly and helpful error messages to your users, in case they are having problems logging in.

elseif ($status == ‘INVALID’) {
echo ‘<h1>Sorry, we could not log you in</h1>’;
echo ‘<p>’. $error_code .’: ‘.$error_string .’</p>’;
} elseif ($status == ‘CANCELLED’) {
echo ‘<h1>Sorry, we could not log you in</h1>’;
echo ‘<p>’.$error_string .’</p>’;
}
}

Click here to download the tutorial files

Pages: 1 2 3