CodeIgniter Forums
user login not work - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter Archived (from EllisLab) (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: user login not work (/thread-41983.html)



user login not work - El Forum - 05-23-2011

[eluser]harshitha[/eluser]
I create user login,it work for when one user in the data base(one row),but when I add new users it is not working,what is the reson please help me.

Contrall class>>>>>>>>>>>
function validate_credentials(){

$this->load->model('membership_model');
$query= $this->membership_model->validate();

if($query){
$data=array(
'user_name' => $this->input->post('user_name'),
'is_logged_in'=>true
);
$this->session->set_userdata($data);

redirect('login/members_area');

}else
{

$this->signup();
}

}



MOdel class>>>>>>>>>>>>


function validate(){

$this->db->where('user_name',$this->input->post('user_name'));
$this->db->where('user_password',$this->input->post('user_password'));

$query=$this->db->get('users');

if ( $query->num_rows == 1){

return true;

}

else{

echo 'khhhhhhhjkj';
}
}



this code work properly one user in the data base......

Thank you,

Hasitha Bandara Athauda............


user login not work - El Forum - 05-23-2011

[eluser]osci[/eluser]
Your code seems ok. Are you using global xss. Could it be that the password cause the error? Maybe try with
Code:
$this->db->where(‘user_password’,$this->input->post(‘user_password’),FALSE);

This is not very secure since it leaves the field unprotected.
You should btw use something like
Code:
$this->db->where(‘user_password’,md5($this->input->post(‘user_password’)),FALSE);
or any other encryption, so as not to store the real password in the db and also sanitize through enryption the data.

PS. please use the code tag to place code. [ code] [ /code] without the trailing space after [


user login not work - El Forum - 05-23-2011

[eluser]InsiteFX[/eluser]
If your database passwords are hashed then you need to also hash the user's entered password to compare it to the database password!

InsiteFX