Welcome Guest, Not a member yet? Register   Sign In
Trouble Logging In my Application "Invalid Login"
#1

I have built an application and am having a problem with login, which I can't identify but I believe it might come from my model when I try to log in I get unsuccessful message, I believe I can read database but don't know where the problem is

Here is my code

Controller

Code:
public function index(){
echo "<script> document.location.href='".$this->config->base_url()."index.php/admin/login' </script>";
}
public function login()
{
$this->load->helper('url');
$this->load->model('admin_model');
$this->load->database('default', TRUE);

if(isset($_POST['submit'])){
$this->admin_model->validate();
}
$_SESSION['search_text']="";
$this->load->view('login');
}

Model

Code:
function get_data($table, $fields, $condition,$orderby=NULL) {
$this->load->database(); 
$condition = (isset($condition))? ' WHERE '.$condition : '';
$orderby = (isset($orderby))? ' ORDER BY '.$orderby : '';
//if(!$condition) $condition = 'active = A';
//if(!$orderby) $orderby = 'id DESC';

$result = $this->db->query('SELECT '.$fields.' FROM '.$table.$condition.$orderby );
return $result;
}

function validate() {
$username=$this->input->post('Username');
$pass=$this->input->post('Password');

$this->load->database();

$res=$this->db->query("SELECT count(*) AS cnt,id,emp_type,employee_name, report_to FROM employee_login WHERE username='$username' AND password='".md5($pass)."'");
foreach ($res->result() as $rows){
$cnt=$rows->cnt;
$id=$rows->id;
$emp_type=$rows->emp_type;
$report_to=$rows->report_to;
$emp_name=$rows->employee_name;
}
if($cnt>0){

$_SESSION['id']=$id;
$_SESSION['emp_type']=$emp_type;
$_SESSION['report_to']=$report_to;
$_SESSION['emp_name']=$emp_name;
if($_SESSION['id']==1 || $_SESSION['id']==5)
echo "<script> document.location.href='../admin/leave_listing' </script>";
else
echo "<script> document.location.href='../admin/apply_leave' </script>";
}
else
echo "<script> alert('Invalid Login') </script>"; 
}


Database

Code:
--
-- Database: `lms`
--

-- --------------------------------------------------------

--
-- Table structure for table `employee_login`
--

CREATE TABLE IF NOT EXISTS `employee_login` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `employee_name` varchar(500) NOT NULL,
  `username` varchar(500) NOT NULL,
  `password` varchar(500) NOT NULL,
  `emp_type` varchar(50) NOT NULL,
  `emp_email` varchar(100) NOT NULL,
  `report_to` varchar(100) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;


Attached Files
.php   admin_model.php (Size: 7.91 KB / Downloads: 132)
.php   admin.php (Size: 8.76 KB / Downloads: 115)
Reply
#2

There is something wrong with you if in the model
if($cnt>0){

you are mixing if with and without curly bracktet. Start using proper formatting style and you will not suffer with undefined issues in you logic.
Allway use {} so you can easily understand what going on.
On the package it said needs Windows 7 or better. So I installed Linux.
Reply
#3

http://www.php-fig.org/psr/psr-2/
On the package it said needs Windows 7 or better. So I installed Linux.
Reply
#4

Also you should not be using MD5 for hashing your passwords.

See the php.net password_hash functions
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#5

@InsiteFX good catch, I did not see that. And fully agree nobody should store password hash as MD5. They are far to easy to break.
On the package it said needs Windows 7 or better. So I installed Linux.
Reply
#6

Lol - yeah check this https://hashkiller.co.uk/md5-decrypter.aspx
Reply




Theme © iAndrew 2016 - Forum software by © MyBB