Help session grab user_id from database - El Forum - 05-24-2012
[eluser]the_unforgiven[/eluser]
I actually have:
Code: function getCustomer()
{
$data = array();
$Q = $this->db->get('users');
if ($Q->num_rows() > 0){
$data = $Q->result_array();
}
$Q->free_result();
return $data;
}
the 14 was something i was testing and even with what ive just posted yes it says test is logged in but then go to the account and is the me user account thats their.
Help session grab user_id from database - El Forum - 05-25-2012
[eluser]the_unforgiven[/eluser]
This is still causing me problems, if i logged in with user test it shows me the other user like it's still grabbing the id 14 i inputted manually earlier in these posts.
The last post just above this one is the correct code but is now just throwing a "1" at me nothing else even though print_r states some of the details are correct all i can think of is either then query in the "getCustomer" model is wrong, or the query in the controller, please help me!
Help session grab user_id from database - El Forum - 05-25-2012
[eluser]Samus[/eluser]
[quote author="the_unforgiven" date="1337961420"]This is still causing me problems, if i logged in with user test it shows me the other user like it's still grabbing the id 14 i inputted manually earlier in these posts.
The last post just above this one is the correct code but is now just throwing a "1" at me nothing else even though print_r states some of the details are correct all i can think of is either then query in the "getCustomer" model is wrong, or the query in the controller, please help me![/quote]
Would ya mind posting the current code again
Help session grab user_id from database - El Forum - 05-25-2012
[eluser]Ed Robindon[/eluser]
Here's a login page that I wrote to test with. Session and database are autoloaded in autoload.php. It has no validation just DB access:
Controller:
Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
public function index()
{
$this->load->view('login');
}
public function checkuser()
{
$uid = $this->input->post('userid');
$pwd = $this->input->post('password');
$q = $this->db->query("select * from users where user = '$uid'");
$row = $q->row();
$data = array('row'=>$row);
$this->session->set_userdata($data);
echo '<pre>';
print_r($this->session->userdata);
echo 'User record id: '.$this->session->userdata['row']->id;
}
}
/* End of file login.php */
/* Location: ./application/controllers/login.php */
View:
Code: <!DOCTYPE html>
<html>
<head>
<title>Login/Session Testing</title>
</head>
<body>
<form method="post" action="/ciproject/index.php/login/checkuser">
<label>User Id:</label>
<input type="text" id="userid" name="userid"/><br/>
<label>Password:</label>
<input type="text" id="password" name="password"/><br/>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
I open a copy of FF and run it and it shows me one id based on the user I use.
I open another copy of FF and run it as a different user and I get a different session id as well as the proper user.
Thus, I must conclude that the CI sessions handler is working properly...
Don't know what else to tell you.
Help session grab user_id from database - El Forum - 05-26-2012
[eluser]Samus[/eluser]
[quote author="Ed Robindon" date="1338002967"]Here's a login page that I wrote to test with. Session and database are autoloaded in autoload.php. It has no validation just DB access:
Controller:
Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
public function index()
{
$this->load->view('login');
}
public function checkuser()
{
$uid = $this->input->post('userid');
$pwd = $this->input->post('password');
$q = $this->db->query("select * from users where user = '$uid'");
$row = $q->row();
$data = array('row'=>$row);
$this->session->set_userdata($data);
echo '<pre>';
print_r($this->session->userdata);
echo 'User record id: '.$this->session->userdata['row']->id;
}
}
/* End of file login.php */
/* Location: ./application/controllers/login.php */
View:
Code: <!DOCTYPE html>
<html>
<head>
<title>Login/Session Testing</title>
</head>
<body>
<form method="post" action="/ciproject/index.php/login/checkuser">
<label>User Id:</label>
<input type="text" id="userid" name="userid"/><br/>
<label>Password:</label>
<input type="text" id="password" name="password"/><br/>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
I open a copy of FF and run it and it shows me one id based on the user I use.
I open another copy of FF and run it as a different user and I get a different session id as well as the proper user.
Thus, I must conclude that the CI sessions handler is working properly...
Don't know what else to tell you. [/quote]
Prone to SQL injection mate.
Help session grab user_id from database - El Forum - 05-26-2012
[eluser]the_unforgiven[/eluser]
Right here's my login page, check login, model and controller:
Code: Login Form:
<?php echo form_open('user/check');?>
<table>
<tr><td>Username:</td><td><?php echo form_input('username'); ?><?php echo form_error('username'); ?></td></tr>
<tr><td>Password:</td><td><?php echo form_password('password'); ?><?php echo form_error('password'); ?></td></tr>
<tr><td><input type="submit" name="submit" value="Login" class="buttonx buttonx-add" /></td></tr>
</table>
<?php echo form_close();?>
Code: Login Check:
// Logged In
function check()
{
// Check user and password
$query = $this->user_model->checkUser();
$this->form_validation->set_rules('username', 'required|max_length[15]');
$this->form_validation->set_rules('password', 'required|sha1');
if ($this->form_validation->run() == FALSE) {
$data['title'] = "Customer Login";
$this->load->view('user/logon', $data);
}
else {
if($query) {
$result = $this->user_model->getCustomer();
foreach($result as $res) {
$data = array(
'username' => $this->input->post('username'),
'is_user' => true,
'is_logged_in'=> true,
'last_login' => time(),
'customer_id' => $res['id'],
'acc_number' => $res['acc_number'],
'name' => $res['name']
);
$this->session->set_userdata($data);
redirect('user/myaccount');
}
}
}
}
Once they are loged in it should keep the session of how it is then move them to a my account page
Code: My Account:
<div id="tab1">
<?php if ($this->session->userdata('is_logged_in') && $this->session->userdata('is_user') == TRUE) { ?>
Welcome back, <?php echo $cust_name; ?>
<?php } ?>
</div>
<div id="tab2">
<?php // echo'<code>'; print_r($this->session->userdata); echo'</code>'; echo '<br /><br /><br />'; ?>
Your unique account number: <?php echo $cust_acc; ?><br /><br />
Update your details:<br /><br />
<form method="post" action="<?php echo base_url(); ?><?php echo $this->uri->uri_string(); ?>" name="update">
<table>
<tr><td>Name:</td><td><input type="text" name="name" value="<?php echo $customer['name']; ?>" /></td></tr>
<tr><td>Business Name:</td><td><input type="text" name="businessname" value="<?php echo $customer['businessname']; ?>" /></td></tr>
<tr><td>Address:</td><td><textarea name="address"><?php echo $customer['address']; ?></textarea></td></tr>
<tr><td>Email:</td><td><input type="text" name="email" value="<?php echo $customer['email'];?>" /></td></tr>
<tr><td>Phone:</td><td><input type="text" name="phone" value="<?php echo $customer['tel'];?>" /></td></tr>
<tr><td>Username:</td><td><input type="text" name="username" value="<?php echo $customer['username'];?>" /></td></tr>
<tr><td>Password:</td><td><input type="password" name="password" value="" /></td><td>Password Again:</td><td><input type="conf_password" name="conf_password" value="" /></td><td><small>Only enter a password if you are changing it, otherwise it will still the same</small></td></tr>
<tr><td>Website:</td><td><input type="text" name="website" value="<?php echo $customer['website']; ?>" /></td></tr>
<tr><td> </td><td><input type="submit" name="submit" value="Update" /></td></tr>
</table>
</form>
</div>
Code: Model:
// Check user againest the login details
function checkUser()
{
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', sha1($this->input->post('password')));
$query = $this->db->get('users');
if($query->num_rows() == 1)
{
return TRUE;
}
else {
if (empty($username) || empty($password))
{
$this->session->set_flashdata('message','<strong>Ooops!</strong><br />Username and/or Password cannot be empty, please try again.');
redirect('user/', 'refresh');
}
}
}
// Get Customer
function getCustomer()
{
$data = array();
$username = $this->input->post('username');
$this->db->limit(1);
$this->db->where('id',$this->session->userdata('customer_id'));
$this->db->where('username' ,$username);
$gC = $this->db->get('users');
if ($gC->num_rows() > 0){
$data = $gC->row_array();
}
$gC->free_result();
return $data;
}
Help session grab user_id from database - El Forum - 05-26-2012
[eluser]Samus[/eluser]
I'll rewrite it for you how I would write it and you let me know how that works.
Login check:
Code: Login Check:
// Logged In
function check()
{
$this->form_validation->set_rules('username', 'required|max_length[15]');
$this->form_validation->set_rules('password', 'required|sha1');
if ($this->form_validation->run() == FALSE) {
$data['title'] = "Customer Login";
$this->load->view('user/logon', $data);
}
else {
// Check user and password
$query = $this->user_model->checkUser($this->input->post('username'), sha1($this->input->post('password')));
if($query['true']) {
$result = $query['result'];
foreach($result as $res) {
$session_data = array(
'username' => $res['username'],
'is_user' => true,
'is_logged_in' => true,
'last_login' => time(),
'customer_id' => $res['id'],
'acc_number' => $res['acc_number'],
'name' => $res['name']
);
$this->session->set_userdata($session_data);
redirect('user/myaccount');
}
}
else {
// username or password incorrect, should probably create a callback instead
}
}
}
Code: function checkUser($username, $password)
{
$query = $this->db->get_where('users', array('username' => $username, 'password' => $password));
if($query->num_rows() == 1)
{
$data['true'] = TRUE;
$data['result'] = $query->result_array();
}
else {
$data['true'] = FALSE;
}
return $data;
}
You should probably do a callback in your validation rules to check if the username / password match.
Help session grab user_id from database - El Forum - 05-26-2012
[eluser]Ed Robindon[/eluser]
Samus,
I suppose my test page would be prone to all sorts of problems if it were used in production. It is simply a test page to prove that the CI session class is working properly.:cheese:
Help session grab user_id from database - El Forum - 05-26-2012
[eluser]CroNiX[/eluser]
You are getting data for ONE user, yet you are returning a result_array(), which is a multidimensional array assuming it has at least one result. Then you loop through this data (you shouldn't have to loop for 1 record, you would only loop through multiple records) and in that loop assign variables to the session.
1) fix your model to only return a row_array().
2) get rid of your loop where you are setting the session data and just set it to the result in one go.
Help session grab user_id from database - El Forum - 05-28-2012
[eluser]the_unforgiven[/eluser]
thanx all ,think i need to do what chronix says n thats what ill do
|