flexi auth - A user authentication library for CodeIgniter

[eluser]khangwei[/eluser]
Thanks for the quick reply rob.

To give you some background - I have only set email as the unique column, so, username can be the same.

When I insert a user, this portion of the code seems to suggest that regardless of whether my username column is unique or not, it will check for duplication.

Take a look at this code found in flexi_auth_model.php line 125 onwards:

Code:

// If username is the primary identity column, check it is unique.
  // If it isn't unique, auto incrementing the username (See next 'if' condition) cannot be used, as user must know their new username to login.
  if ($this->auth->primary_identity_col == $this->auth->tbl_col_user_account['username'] && !$this->identity_available($username))
  {
   $this->set_error_message('account_creation_duplicate_username', 'config');
   return FALSE;
  }
  // Auto increment duplicate usernames (username1, username2...) if defined by config file.
  else if (!empty($username) && !$this->username_available($username))
  {
   if ($this->auth->auth_settings['auto_increment_username'])
   {
    $check_username = $username;
    for($i = 0; !$this->username_available($check_username); $i++)
    {
     $check_username = ($i > 0) ? $username.$i : $username;
    }
    $username = $check_username;
   }
   // Require user to try another username.
   else
   {
    $this->set_error_message('account_creation_duplicate_username', 'config');
    return FALSE;
   }
  }

Code:

if ($this->auth->primary_identity_col == $this->auth->tbl_col_user_account['username'] && !$this->identity_available($username))

Firstly, this will fail since I did not set username as my primary identity column.

It will then go into

Code:

else if (!empty($username) && !$this->username_available($username))

Since username is not empty, it will definitely run username_available.

Username available code from line 908:

Code:

public function username_available($username = FALSE, $user_id = FALSE)
{
     if (empty($username))
     {
   return FALSE;
     }
  
  // Try and get the $user_id from the users current session if not passed to function.
  if (!is_numeric($user_id) && $this->auth->session_data[$this->auth->session_name['user_id']])
  {
   $user_id = $this->auth->session_data[$this->auth->session_name['user_id']];
  }

  // If $user_id is set, remove user from query so their current username is not found during the duplicate username check.
  if (is_numeric($user_id))
  {
   $this->db->where($this->auth->tbl_col_user_account['id'].' != ',$user_id);
  }

  return $this->db->where($this->auth->tbl_col_user_account['username'], $username)
   ->count_all_results($this->auth->tbl_user_account) == 0;
}

This function will always check if the username already exist in the table. Although it is specified in the config, it is not used here to check if username column SHOULD be a unique column.

Take a look at this:

Code:

return $this->db->where($this->auth->tbl_col_user_account['username'], $username)
   ->count_all_results($this->auth->tbl_user_account) == 0;

In my config file:

Code:

/**
  * Primary User Identity Column
  * Set the column to be used to primarily identify users.
  *
  * Note: The column MUST be either the ['email'] or ['username'] columns from the main user account table, and must contain a unique column name.
*/
$config['database']['settings']['primary_identity_col'] = 'uacc_email';

Hope this clarifies!

On the same note, since I am looping, I realized once I hit an error (duplicate email), the rest will not continue to insert? How can I continue doing it ?

Edit: Oops, I just saw that you mentioned that username has to be unique!