• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Codeigniter website PHP code theme not working to register & Login

#1
I noticed that the login function and registration function is clearly not working and keeps giving an error, not giving the option to register nor login to the previous account registered on the database. Here is the code of `user.php`. The website uses CodeIgniter

Code for `user.php` in `\Just Wallet 2.0.4\application\controllers:
Code:
<?php defined('BASEPATH') OR exit('No direct script access allowed');

/**
* Just Wallet
* Copyright (c), Just Didigital Tech
* Author code Anna Kantemirova and Sergey Plaxin
* Site developer http://justigniter.io/
* License https://codecanyon.net/licenses/terms/regular
**/

class User extends Public_Controller {

    /**
     * Constructor
     */
    function __construct()
    {
        parent::__construct();
            
        $this->load->library('email');
        $this->load->library('protect_username');
        $this->load->library('googleauthenticator.php');
        $this->load->library('sms');

        // load the users model
        $this->load->model('users_model');
        $this->load->model('template_model');
        $this->load->model('events_model');

        // load the users language file
        $this->lang->load('users');
    }


    /**************************************************************************************
     * PUBLIC FUNCTIONS
     **************************************************************************************/


    /**
     * Default
     */
    function index() {}
    
    function authentication()
    {
            
        $user = $this->users_model->get_user($this->user['id']);
            
        if ($user == NULL) {
                
            //redirect to landing page
            redirect(base_url());
                
        } else {
                
            if ($user['login_status'] == 1) {
                    
                if ($user['method_login'] == 1) {
                    
                    // update user
                    $this->users_model->update_setting_user($user['id'],
                        array(
                            "login_status"   => "2",
                        )
                    );
                        
                    // redirect to landing page
                      redirect(base_url('account/transactions'));
                    
                } elseif ($user['method_login'] == 4) {
                    
                    $email_template = $this->template_model->get_email_template(31);
                    
                    $token = rand(10000000, 99999999);
                    
                    // update user
                    $this->users_model->update_setting_user($user['id'],
                        array(
                            "login_token"   => $token,
                        )
                    );
                                    
                    if($email_template['status'] == "1") {

                        // variables to replace
                        $site_name = $this->settings->site_name;
                        $site_link  = base_url('user/authentication');
                        $name_user = $user['first_name'] . ' ' . $user['last_name'];

                        $rawstring = $email_template['message'];

                        // what will we replace
                        $placeholders = array('[SITE_NAME]', '[ACCOUNT_LINK]', '[CODE]', '[NAME]');

                        $vals_1 = array($site_name, $site_link, $token, $name_user);

                        //replace
                        $str_1 = str_replace($placeholders, $vals_1, $rawstring);

                        $this -> email -> from($this->settings->site_email, $this->settings->site_name);
                        $this->email->to($user['email']);
                        $this -> email -> subject($email_template['title']);

                        $this -> email -> message($str_1);

                        $this->email->send();
                            
                        $this->session->set_flashdata('message', lang('users security email_success'));
                        
                    }
                    
                } else if ($user['method_login'] == 3) {
                    
                    $sms_template = $this->template_model->get_sms_template(1);
                        
                    $token = rand(10000000, 99999999);
                        
                    // update user
                    $this->users_model->update_setting_user($user['id'],
                        array(
                            "login_token"   => $token,
                        )
                    );
                    
                    
                    if ($sms_template['status'] == "1") {
                        
                        $rawstring = $sms_template['message'];

                        // what will we replace
                        $placeholders = array('[CODE]');

                        $vals_1 = array($token);

                        //replace
                        $str_1 = str_replace($placeholders, $vals_1, $rawstring);
                            
                        $result = $this->sms->send_sms($user['phone'], $str_1);
                        
                        if ($result == TRUE) {
                        
                            $this->session->set_flashdata('message', lang('users security sms_success'));

                        } else {

                            $this->session->set_flashdata('error', lang('users security sms_fail'));

                        }
                        
                    }
                    
                }
                    
            } else {
                    
                redirect(base_url('account/transactions'));
                    
            }
            
        }
            
        // setup page header data
          $this->set_title(lang('users security authentication'));

          $data = $this->includes;
            
        /// set content data
        $content_data = array(
            'user'   => $user
        );

        // load views
        $data['content'] = $this->load->view('user/authentication', $content_data, TRUE);
        $this->load->view($this->template, $data);
            
    }
    
    function start_authentication()
    {
            
        $user = $this->users_model->get_user($this->user['id']);
            
        $authenticator = new Googleauthenticator();
            
        $this->form_validation->set_rules('code', lang('users security code'), 'required|trim|numeric');
            
        $code = $this->input->post("code", TRUE);
            
        if ($this->form_validation->run() == TRUE)
        {
                
            if ($user['method_login'] == 2) {
                
                // 2fa
                $secret = $user['2fa_login'];
                    
                $tolerance = 0;
                    
                $checkResult = $authenticator->verifyCode($secret, $code, $tolerance);
                    
                if ($checkResult)
                {
                        
                    // update user
                    $this->users_model->update_setting_user($user['id'],
                    array(
                        "login_status"   => "2",
                        )
                    );
                        
                    redirect(base_url('account/transactions'));
                        
                } else {
                        
                    $this->session->set_flashdata('error', lang('users security failed'));
                    redirect(base_url('user/authentication'));
                        
                }
                
            } elseif ($user['method_login'] == 3) {
                
                if ($code == $user['login_token']) {
                        
                    // update user
                    $this->users_model->update_setting_user($user['id'],
                    array(
                        "login_status"   => "2",
                        )
                    );
                        
                    redirect(base_url('account/transactions'));
                        
                } else {
                        
                    $this->session->set_flashdata('error', lang('users security failed'));
                    redirect(base_url('user/authentication'));
                        
                }
                
            } elseif ($user['method_login'] == 4) {
                
                if ($code == $user['login_token']) {
                        
                    // update user
                    $this->users_model->update_setting_user($user['id'],
                    array(
                        "login_status"   => "2",
                        )
                    );
                        
                    redirect(base_url('account/transactions'));
                        
                } else {
                        
                    $this->session->set_flashdata('error', lang('users security failed'));
                    redirect(base_url('user/authentication'));
                        
                }
                
            }
                
        } else {
                
            $this->session->set_flashdata('error', lang('users security failed'));
            redirect(base_url('user/authentication'));
                
        }
            
    }


    /**
     * Validate login credentials
     */
    function login()
    {
        if ($this->session->userdata('logged_in'))
        {
            $logged_in_user = $this->session->userdata('logged_in');

            if ($logged_in_user['is_admin'])
            {
                redirect('admin');
            }
            else
            {
                redirect(base_url());
            }
        }

        // set form validation rules
        $this->form_validation->set_error_delimiters($this->config->item('error_delimeter_left'), $this->config->item('error_delimeter_right'));
        $this->form_validation->set_rules('username', lang('users input username_email'), 'required|trim|max_length[256]');
        $this->form_validation->set_rules('password', lang('users input password'), 'required|trim|max_length[256]');

        if ($this->form_validation->run() == TRUE)
        {
            if ($this->session->userdata('redirect'))
            {
                // redirect to desired page
                $redirect = $this->session->userdata('redirect');
                $this->session->unset_userdata('redirect');
                redirect($redirect);
            }
            else
            {
                $logged_in_user = $this->session->userdata('logged_in');
                                
                if ($logged_in_user['is_admin'])
                {
                    // redirect to admin dashboard
                    redirect('admin');
                }
                else
                {
                                    
                    // redirect to landing page
                    redirect(base_url('user/authentication'));
                }
                                
                                /*
                                if ($logged_in_user['method_login'] == 1) {
                                    
                                    // update user
                                    $this->users_model->update_setting_user($logged_in_user['id'],
                                    array(
                                        "login_status"   => "2",
                                        )
                                    );
                                    
                                    if ($logged_in_user['is_admin'])
                                    {
                                            // redirect to admin dashboard
                                            redirect('admin');
                                    }
                                    else
                                    {

                                            // redirect to landing page
                                            redirect(base_url('account/transactions'));
                                    }
                                    
                                } elseif ($logged_in_user['method_login'] == 2) {
                                    
                                    redirect('user/authentication');
                                    
                                } elseif ($logged_in_user['method_login'] == 3) {
                                    
                                    redirect('user/authentication');
                                    
                                } elseif ($logged_in_user['method_login'] == 4) {
                                    
                                    redirect('user/authentication');
                                    
                                }
                                */
            }
        }

        // setup page header data
        $this->set_title(lang('core button sign_in'));

        $this->add_css_theme('login.css');

        $data = $this->includes;

        // load views
        $data['content'] = $this->load->view('user/login', NULL, TRUE);
        $this->load->view($this->template, $data);
    }


    /**
     * Logout
     */
    function logout()
    {
        $user = $this->users_model->get_user($this->user['id']);
        // update user
        $this->users_model->update_setting_user($user['id'],
            array(
                "login_status"   => "1",
            )
        );
            
        $this->session->unset_userdata('logged_in');
        $this->session->sess_destroy();
        redirect('login');
    }


    /**
     * Registration Form
     */
    function register()
    {
        // validators
        $this->form_validation->set_error_delimiters($this->config->item('error_delimeter_left'), $this->config->item('error_delimeter_right'));
        $this->form_validation->set_rules('username', lang('users input username'), 'required|trim|min_length[5]|max_length[30]|callback__check_username');
        $this->form_validation->set_rules('first_name', lang('users input first_name'), 'required|trim|min_length[2]|max_length[32]');
        $this->form_validation->set_rules('last_name', lang('users input last_name'), 'required|trim|min_length[2]|max_length[32]');
        $this->form_validation->set_rules('email', lang('users input email'), 'required|trim|max_length[256]|valid_email|callback__check_email');
        $this->form_validation->set_rules('language', lang('users input language'), 'required|trim');
        $this->form_validation->set_rules('password', lang('users input password'), 'required|trim|min_length[5]');
        $this->form_validation->set_rules('password_repeat', lang('users input password_repeat'), 'required|trim|matches[password]');
            
        //your site secret key
        $secret = $this->settings->google_secret;
        //get verify response data
        $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
        $responseData = json_decode($verifyResponse);

        if ($this->form_validation->run() == TRUE)
        {
            if ($responseData->success) {
                        
                $check_protect = $this->protect_username->check_username($this->input->post('username', TRUE));
                        
                if ($check_protect == TRUE) {
                            
                    // save the changes
                    $validation_code = $this->users_model->create_profile($this->security->xss_clean($this->input->post()), $_SERVER["REMOTE_ADDR"]);

                    if ($validation_code)
                    {

                        $email_template = $this->template_model->get_email_template(1);

                        if($email_template['status'] == "1") {

                            // build the validation URL
                            $encrypted_email = sha1($this->input->post('email', TRUE));
                            $validation_url  = base_url('user/validate') . "?e={$encrypted_email}&c={$validation_code}";

                            // variables to replace
                            $site_name = $this->settings->site_name;
                            $name_user = $this->input->post('first_name') . ' ' . $this->input->post('last_name');

                            $rawstring = $email_template['message'];

                            // what will we replace
                            $placeholders = array('[SITE_NAME]', '[CHECK_LINK]', '[NAME]');

                            $vals_1 = array($site_name, $validation_url, $name_user);

                            //replace
                            $str_1 = str_replace($placeholders, $vals_1, $rawstring);

                            $this -> email -> from($this->settings->site_email, $this->settings->site_name);
                            $this->email->to($this->input->post('email', TRUE));
                            //$this -> email -> to($user['email']);
                            $this -> email -> subject($email_template['title']);

                            $this -> email -> message($str_1);

                            $this->email->send();
                        }

                            $this->session->language = $this->input->post('language');
                            $this->lang->load('users', $this->user['language']);
                            $this->session->set_flashdata('message', sprintf(lang('users msg register_success'), $this->input->post('first_name', TRUE)));
                        }
                        else
                        {
                            $this->session->set_flashdata('error', lang('users error register_failed'));
                            redirect($_SERVER['REQUEST_URI'], 'refresh');
                        }
                            
                    } else {
                            
                        $this->session->set_flashdata('error', lang('users balanve info4'));
                        redirect($_SERVER['REQUEST_URI'], 'refresh');
                            
                    }
                        
                } else {
                        
                    $this->session->set_flashdata('error', lang('users error register_failed'));
                    redirect($_SERVER['REQUEST_URI'], 'refresh');
                        
                }
           
            // redirect home and display message
            redirect('login');
        }

        // setup page header data
        $this->set_title(lang('core button create'));

        $data = $this->includes;

        // set content data
        $content_data = array(
            'cancel_url'        => base_url(),
            'user'              => NULL,
            'password_required' => TRUE
        );

        // load views
        $data['content'] = $this->load->view('user/profile_form', $content_data, TRUE);
        $this->load->view($this->template, $data);
    }


    /**
     * Validate new account
     */
    function validate()
    {
        // get codes
        $encrypted_email = $this->input->get('e');
        $validation_code = $this->input->get('c');

        // validate account
        $validated = $this->users_model->validate_account($encrypted_email, $validation_code);

        if ($validated)
        {
            $this->session->set_flashdata('message', lang('users msg validate_success'));
        }
        else
        {
            $this->session->set_flashdata('error', lang('users error validate_failed'));
        }

        redirect('login');
    }


    /**
     * Forgot password
     */
    function forgot()
    {
        // validators
        $this->form_validation->set_error_delimiters($this->config->item('error_delimeter_left'), $this->config->item('error_delimeter_right'));
        $this->form_validation->set_rules('email', lang('users input email'), 'required|trim|max_length[256]|valid_email|callback__check_email_exists');
        
        //your site secret key
        $secret = $this->settings->google_secret;
        //get verify response data
        $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
        $responseData = json_decode($verifyResponse);

        if ($this->form_validation->run() == TRUE)
        {
                    
            if ($responseData->success) {
                        
            // save the changes
            $results = $this->users_model->reset_password($this->input->post());

            if ($results)
            {

               $email_template = $this->template_model->get_email_template(3);
                            
                if($email_template['status'] == "1") {
                            
                // build email
                $reset_url  = base_url('login');
                            
                // variables to replace
                $site_name = $this->settings->site_name;

                $rawstring = $email_template['message'];

                // what will we replace
                $placeholders = array('[SITE_NAME]','[PASSWORD]', '[ACCOUNT_LINK]');

                $vals_1 = array($site_name, $results['new_password'], $reset_url);

                //replace
                $str_1 = str_replace($placeholders, $vals_1, $rawstring);

                $this -> email -> from($this->settings->site_email, $this->settings->site_name);
                $this->email->to($this->input->post('email', TRUE));
                //$this -> email -> to($user['email']);
                $this -> email -> subject($email_template['title']);

                $this -> email -> message($str_1);

                $this->email->send();
                            
            }

            $this->session->set_flashdata('message', sprintf(lang('users msg password_reset_success'), $results['first_name']));
            }
            else
            {
                $this->session->set_flashdata('error', lang('users error password_reset_failed'));
            }
                        
            } else {
                        
                $this->session->set_flashdata('error', lang('users error password_reset_failed'));
                        
            }
            // redirect home and display message
            redirect(base_url());
        }

        // setup page header data
        $this->set_title( lang('users title forgot') );

        $data = $this->includes;

        // set content data
        $content_data = array(
            'cancel_url' => base_url(),
            'user'       => NULL
        );

        // load views
        $data['content'] = $this->load->view('user/forgot_form', $content_data, TRUE);
        $this->load->view($this->template, $data);
    }


    /**************************************************************************************
     * PRIVATE VALIDATION CALLBACK FUNCTIONS
     **************************************************************************************/


    /**
     * Verify the login credentials
     *
     * @param  string $password
     * @return boolean
     */
    function _check_login($password)
    {
        // limit number of login attempts
        $ok_to_login = $this->users_model->login_attempts();

        if ($ok_to_login)
        {
            $login = $this->users_model->login($this->input->post('username', TRUE), $password);

            if ($login)
            {
                //your site secret key
                $secret = $this->settings->google_secret;
                //get verify response data
                $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
                $responseData = json_decode($verifyResponse);
                            
                    if($responseData->success) {
                                    
                        $this->session->set_userdata('logged_in', $login);
                                    
                    } else {
                                    
                        $this->form_validation->set_message(lang('users error invalid_login'));

                    return FALSE;
                                    
                    }

                    $user = $this->users_model->get_user_check($this->input->post('username', TRUE));

                    $email_template = $this->template_model->get_email_template(2);
                                    
                    if($email_template['status'] == "1") {

                        // variables to replace
                        $site_name = $this->settings->site_name;
                        $site_link  = base_url('account/transactions');
                        $ip_address = $_SERVER['REMOTE_ADDR'];
                        $name_user = $user['first_name'] . ' ' . $user['last_name'];

                        $rawstring = $email_template['message'];

                        // what will we replace
                        $placeholders = array('[SITE_NAME]', '[ACCOUNT_LINK]', '[IP_ADDRESS]', '[NAME]');

                        $vals_1 = array($site_name, $site_link, $ip_address, $name_user);

                        //replace
                        $str_1 = str_replace($placeholders, $vals_1, $rawstring);

                        $this -> email -> from($this->settings->site_email, $this->settings->site_name);
                        $this->email->to($user['email']);
                        $this -> email -> subject($email_template['title']);

                        $this -> email -> message($str_1);

                        $this->email->send();
                                        
                    }
                            
                    $sms_template = $this->template_model->get_sms_template(2);
                            
                    if($sms_template['status'] == "1") {
                                        
                        $rawstring = $sms_template['message'];

                        // what will we replace
                        $placeholders = array('[IP_ADDRESS]');

                        $vals_1 = array($_SERVER['REMOTE_ADDR']);

                        //replace
                        $str_1 = str_replace($placeholders, $vals_1, $rawstring);

                        $result = $this->sms->send_sms($user['phone'], $str_1);
                                        
                    }
                            
                    // Register event
                            
                    $event = $this->events_model->register_event(array(
                        "type"                 => "1",
                        "user"              => $user['username'],
                        "ip"                => $_SERVER['REMOTE_ADDR'],
                        "date"                   => date('Y-m-d H:i:s'),
                        "code"                  => uniqid("evn_"),
                        )
                    );
                                    
                    return TRUE;
            }

            $this->form_validation->set_message('_check_login', lang('users error invalid_login'));
            return FALSE;
        }

        $this->form_validation->set_message('_check_login', sprintf(lang('users error too_many_login_attempts'), $this->config->item('login_max_time')));
        return FALSE;
    }


    /**
     * Make sure username is available
     *
     * @param  string $username
     * @return int|boolean
     */
    function _check_username($username)
    {
        if ($this->users_model->username_exists($username))
        {
            $this->form_validation->set_message('_check_username', sprintf(lang('users error username_exists'), $username));
            return FALSE;
        }
        else
        {
            return $username;
        }
    }


    /**
     * Make sure email is available
     *
     * @param  string $email
     * @return int|boolean
     */
    function _check_email($email)
    {
        if ($this->users_model->email_exists($email))
        {
            $this->form_validation->set_message('_check_email', sprintf(lang('users error email_exists'), $email));
            return FALSE;
        }
        else
        {
            return $email;
        }
    }


    /**
     * Make sure email exists
     *
     * @param  string $email
     * @return int|boolean
     */
    function _check_email_exists($email)
    {
        if ( ! $this->users_model->email_exists($email))
        {
            $this->form_validation->set_message('_check_email_exists', sprintf(lang('users error email_not_exists'), $email));
            return FALSE;
        }
        else
        {
            return $email;
        }
    }

}

I am getting these errors:

2. When trying to login to an account that already exists in the database:
> Unable to access an error message corresponding to your field name Password.(_check_login)

3. When trying to register a new account (even though that is a new account to be created):
> Your account could not be created at this time. Please try again.

[Image: qgdkCe9.png]
Here is an image of the existing account in the database and the whole database:
[image of the existing account in the database and the whole database]
[Image: vwCTE66.png]
Reply

#2
Please somebody help i need a fix for this
Reply

#3
"Error for the site owner: Invalid domain for site key" <-- Your ReCapcha key don't like your development url. So add it.
Reply

#4
(09-06-2020, 11:10 PM)jreklund Wrote: "Error for the site owner: Invalid domain for site key" <-- Your ReCapcha key don't like your development url. So add it.
Thanks for your reply i have fixed the problem of recaptcha and now its working but everytime i login and try to register these errors keep showing up 
1. When trying to login to an account that already exists in the database:
> Unable to access an error message corresponding to your field name Password.(_check_login)

2. When trying to register a new account (even though that is a new account to be created):
> Your account could not be created at this time. Please try again.
As in the image shows 
Maybe its related to this part of the code in user.php
 
Code:
* PRIVATE VALIDATION CALLBACK FUNCTIONS
     **************************************************************************************/


    /**
     * Verify the login credentials
     *
     * @param  string $password
     * @return boolean
     */
    function _check_login($password)
    {
        // limit number of login attempts
        $ok_to_login = $this->users_model->login_attempts();

        if ($ok_to_login)
        {
            $login = $this->users_model->login($this->input->post('username', TRUE), $password);

            if ($login)
            {
                //your site secret key
                $secret = $this->settings->google_secret;

Working Recaptcha in website thanks for that
[Image: RC8NTFL.png]
Reply

#5
The problem seems to be with $password, it has no value.Try this way:

Code:
    function _check_login()
    {
        // limit number of login attempts
        $ok_to_login = $this->users_model->login_attempts();

        if ($ok_to_login)
        {
            $login = $this->users_model->login($this->input->post('username', TRUE), $this->input->post('password',TRUE));

            if ($login)
            {
                //your site secret key
                $secret = $this->settings->google_secret;
Reply

#6
(09-10-2020, 09:15 PM)Omar Crespo Wrote: The problem seems to be with $password, it has no value.Try this way:

Code:
    function _check_login()
    {
        // limit number of login attempts
        $ok_to_login = $this->users_model->login_attempts();

        if ($ok_to_login)
        {
            $login = $this->users_model->login($this->input->post('username', TRUE), $this->input->post('password',TRUE));

            if ($login)
            {
                //your site secret key
                $secret = $this->settings->google_secret;
By some chance i fixed the problem in logging in now it works on http://netpay.epizy.com/ my website but i see a new problem that when i click the Admin dashboard it redirects to
This page isn’t working netpay.epizy.com is currently unable to handle this request.

HTTP ERROR 500
What to do to fix this ?[Image: xGkXMbJ.png]


Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.