CodeIgniter Forums
login problem - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: login problem (/showthread.php?tid=29669)



login problem - El Forum - 04-17-2010

[eluser]Unknown[/eluser]
i am facing a problem in the follwing code that when my fields of username is either empty of any other name the session still gets created and account gets logined.

CONTROLLER:

function Addressbook()
{
parent::Controller();
$this->load->library('encodes');
$this->load->library('contacts');
$this->load->model('address_model');
$this->load->model('search_model');
$this->load->library('session');

}

function index()
{
if ($this->session->userdata('logged_in') == TRUE)
{
redirect('login/index');
}

$data['username'] = array('id' => 'username', 'name' => 'username');
$data['password'] = array('id' => 'password', 'name' => 'password');
$data['c'] = $this->address_model->index_get();
$this->load->view('addressbook',$data);

}

function process_login()
{
$username1 = $this->input->post('username');
$password1 = $this->input->post('password');
$s1 = $this->address_model->validate($username1,$password1);
return $s1;
}

function logout()
{
$this->session->sess_destroy();
redirect('addressbook/index');
}



MODEL:

function index_get()
{
$s = $this->db->get('addressbook');
return $s;
}
function validate($username1,$password1)
{
$query = $this->db->get_where('addressbook', array('email' => $username1));// change db to addressbook

foreach($query->result() as $row)
{
$t = $row->password;
}
if ($password1 == $t)
{
$data = array('username' => $username1,'logged_in' => TRUE,'flag' => TRUE);
$this->session->set_userdata($data);
redirect('addressbook/index');

}
else
{
$this->session->set_flashdata('message', '<div id="message">you have entered invalid username or password, please try again.</div>');
redirect('addressbook/index');
}

}




VIEW:

&lt;?php $this->load->view("header");
?&gt;

&lt;?php echo form_open('addressbook/process_login') . "\n"; ?&gt;
&lt;?php echo $this->session->flashdata('message'); ?&gt;

<p><label for="username">Username: </label>&lt;?php echo form_input($username); ?&gt;</p>
<p><label for="password">Password: </label>&lt;?php echo form_password($password); ?&gt;</p>
<p>&lt;input type="submit" value="Submit" /&gt;&lt;/p>
<P><h3>&lt;?php echo anchor('addressbook','Back'); ?&gt;</h3></P>
&lt;?php echo form_close(); ?&gt;


&lt;html&gt;
&lt;head&gt;

&lt;/head&gt;
&lt;body&gt;

<table>
&lt;?php
Print "<thead>";
Print "<tr>";
Print "<th>S.NO</th>";
Print "<th>NAME</th>";
Print "</tr>";
Print "</thead>";
foreach ($c->result() as $row)
{
Print "<tr>";

Print "<td>";
echo anchor('addressbook',$row->id);

Print"</td>";
Print"<td>";
echo anchor('addressbook/info/'.$row->id,$row->name." ".$row->midname." ".$row->lastname);
Print"</td>";
Print "</tr>";
}

?&gt;
</table>

&lt;/body&gt;
&lt;/html&gt;


login problem - El Forum - 04-17-2010

[eluser]Tominator[/eluser]
Hi there!

I write solution in basic PHP (I am using CI for short time):

Code:
if (!Empty($username1) && !Empty($password1))
{
  $sql = "SELECT * FROM users WHERE username = {$username1} AND password = {$password1}";
  $query = mysql_query($sql)
  
  if(mysql_fetch_num($query) > 0)
  {
    //... SAVE DATA TO SESSION ...
  }
}

So than mean you should use 'From validation class' too.

I hope this helps,
Tom.


login problem - El Forum - 04-17-2010

[eluser]Unknown[/eluser]
thank you


login problem - El Forum - 04-17-2010

[eluser]pickupman[/eluser]
You appear you may have a few issues going on. Try to keep your model functions to only be doing db stuff. Leave the redirects and such out. It will help you later on. Here is a sample of revising some of your code. Hopefully this will help out some. Be sure to check out the user guide and read about the MVC structure. I regret not reading the guide as thoroughly when I first started. It made it a pain to go back and update some of the code.
Code:
//Login Controller
    function index(){
            if ($this->session->userdata('logged_in') == TRUE)
            {
              redirect('addressbook/index'); //You are already logged in
            }
            
            //Set up form validation / required fields
            $this->load->library('form_validation');
            $this->form_validation->set_rules('username','username','required|trim');
            $this->form_validation->set_rules('password','password','required|trim');
            
            //Create form data with repopulating fields
            $data['username'] = array('id' => 'username', 'name' => 'username', 'value' => set_value('username'));
            $data['password'] = array('id' => 'password', 'name' => 'password', 'value' => set_value('password'));
            
            if($this->form_validation->run()){
                
                //Check submitted login
                $user = $this->address_model->validate($this->input->post('username'),$this->input->post('password'));
                if(!$user) //user failed try again
                    redirect('login/index','refresh');
                
                //Otherwise send user to address book
                redirect('addressbox/index','refresh');
            
            }else{
              //Display login form to user
              $this->load->view('login',$data);  
            }
                  
                    
                    
    }
    //Addressbook Controller
    function index(){
        if ($this->session->userdata('logged_in') != TRUE)
            {
              redirect('login/index'); //You are not already logged in
            }
        $data['c'] = $this->address_model->index_get();
        $this->load->view('addressbook',$data);
        
    }
    //Model
    function validate($username1,$password1)
    {
        $query = $this->db->get_where('addressbook', array('email' => $username1,'password1'=>$password1));// change db to addressbook
                
        if($query->num_rows() > 0){
            
            $row = $query->row(0); //Set data from first row retrieved
            $data = array('username'    =>  $row->username1,
                            'logged_in' =>  TRUE,
                            'flag'      =>  TRUE);
            $this->session->set_userdata($data);
            $this->session->set_flashdata('message','You have sucessfully logged in.');
            return TRUE;
            
        }
        return FALSE;
      }
    //Login Form
    &lt;?php echo $this->load->view('header');?&gt;

    &lt;?php echo form_open('login/index') . ā€œ\nā€; ?&gt;
      <div id="message">&lt;?php echo $this->session->flashdata('message'); ?&gt;</div>

      <label for="username">Username: </label>&lt;?php echo form_input($username); ?&gt;
      <label for="password">Password: </label>&lt;?php echo form_password($password); ?&gt;
      &lt;input type="submit" value="Submit" /&gt;&lt;/p>
    
     &lt;?php echo anchor('addressbook','Back'); ?&gt;

      &lt;?php echo form_close(); ?&gt;