![]() |
session problem - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21) +--- Thread: session problem (/showthread.php?tid=25617) |
session problem - El Forum - 12-17-2009 [eluser]paulon[/eluser] i got problem, i don't know if its from session.. i have a login form, it checks data from database then stores data in session Code: function log_in_credential() i autoload the libraries Code: $autoload['libraries'] = array('database','session'); in a login process everything works fine, but the problem is when it check that there is no such user or should i say log-in fails the browser keeps offering to remember the password even though log-in fails...? what should i do? tnx in advance.. ^_^ session problem - El Forum - 12-18-2009 [eluser]Cro_Crx[/eluser] This page looks fine. I can spot a few security issues, but generally fine. On the generals/index page you'll need to make sure that the user details are fine and log them out if they aren't correct. session problem - El Forum - 12-18-2009 [eluser]paulon[/eluser] yes code is fine but the problem here is that if the "if($query->num_rows > 0) statement" returns false then it redirect to some invalid form but the browser offers to remember a password.. which is not appropriate. session problem - El Forum - 12-18-2009 [eluser]paulon[/eluser] log_in_credintial call from form_open.. Code: $this->load->helper('form'); session problem - El Forum - 12-18-2009 [eluser]paulon[/eluser] up ^ session problem - El Forum - 12-18-2009 [eluser]flaky[/eluser] I really recommend you use Form Validation Class, it can be very helpful even in login forms. As to your question why the browser offers to remember the password even though the login fails, it's because the browser has no idea the login failed (as I know there is no way to tell the browser the login has failed), so it's no big deal, don't worry about that. At least you can do let the user know about the failed login. session problem - El Forum - 12-18-2009 [eluser]Cro_Crx[/eluser] [quote author="paulon" date="1261138029"]yes code is fine but the problem here is that if the "if($query->num_rows > 0) statement" returns false then it redirect to some invalid form but the browser offers to remember a password.. which is not appropriate.[/quote] That's because the browser can see that you have been redirected to a new page which would indicate a successful login. If you don't want this to occur on the end of your if statement instead of redirecting you should display the login form again with errors. This will fix your problem session problem - El Forum - 12-18-2009 [eluser]paulon[/eluser] ok.. using redirect on error login is not a good idea... how to return to the pagecaller? session problem - El Forum - 12-18-2009 [eluser]paulon[/eluser] [quote author="Cro_Crx" date="1261142933"][quote author="paulon" date="1261138029"]yes code is fine but the problem here is that if the "if($query->num_rows > 0) statement" returns false then it redirect to some invalid form but the browser offers to remember a password.. which is not appropriate.[/quote] That's because the browser can see that you have been redirected to a new page which would indicate a successful login. If you don't want this to occur on the end of your if statement instead of redirecting you should display the login form again with errors. This will fix your problem[/quote] ok.. i replace the redirect from else statement i replace it with echo "error login"; there is no directing of anypage but still browser is offering to remember a password on log-in error... problem not solve... =( session problem - El Forum - 12-18-2009 [eluser]paulon[/eluser] up ^ |