+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Have problems with code please help? (/showthread.php?tid=57967)
Have problems with code please help? - El Forum - 04-30-2013
[eluser]gork7478[/eluser]
I have a problem that I really hope someone can help me with. In my model I have this code the get hashed password from database.
Code:
public function getPasswordHash($email) {
$sql = 'SELECT `password` FROM users WHERE email=? LIMIT 1';
$query = $this -> db -> query($sql, array($email));
return ($query -> num_rows() > 0) ? $query -> row() : FALSE;
}Now I have a callback function that I'm trying to run to compared password in controller here's the code for that.
Code:
function _checkPassword($pass)
{
$hasher = new PhpAss();
$this->load->model('user');
$hashed_pass = $this->user->getPasswordHash($this->input->post('email'));
$hashed_pass = $hashed_pass->password;
if ($hasher->checkPassword($pass, $hashed_pass))
{
echo 'true';
}
else
{
$this->form_validation->set_message('_checkPassword', 'The Email and/or Password is incorrect. Please try again');
return false;
}
}A PHP Error was encountered
Severity: Notice
Message: Trying to get property of non-object
Filename: controllers/main.php
Line Number: 149
And this is the error I'm getting when I put the wrong password in my form. If I put the correct password it works. Any help would be greatly appreciated.
Have problems with code please help? - El Forum - 05-01-2013
[eluser]TheFuzzy0ne[/eluser]
Who is a PhpAss?
I'm assuming that this is line 149?
Code:
$hashed_pass = $hashed_pass->password;If you enter a username that doesn't exist, then FALSE will be returned. Since it's not an object, it doesn't have a property named "password".
Since your model is called "getPasswordHash", it would make more sense for it to pass back the password, rather than the database result, so:
Code:
public function getPasswordHash($email = '') {
if ( ! $email) {
return FALSE;
}
$sql = 'SELECT `password` FROM users WHERE email=? LIMIT 1';
$query = $this->db->query($sql, array($email));
return ($query->num_rows() == 1) ? $query->row()->password : FALSE;
}You then need to check for the password in your validation callback:
Code:
function _checkPassword($pass)
{
$hasher = new PhpAss();
$this->load->model('user');
$hashed_pass = $this->user->getPasswordHash($this->input->post('email'));
if ($hasher->checkPassword($pass, $hashed_pass))
{
return TRUE;
}
else
{
$this->form_validation->set_message('_checkPassword', 'The Email and/or Password is incorrect. Please try again');
return FALSE;
}
}However, I'd approach this slightly differently. I'd move the logic for validating a username and password into my model, so I'd have a model method called is_valid_login(), where you'd pass the username and password, and it will simply return TRUE or FALSE. If you ever decide to implement your login elsewhere, it would mean you don't have to repeat so much code. It also keeps your business logic separate from your controller logic.