[eluser]Unknown[/eluser]
To avoid the bloat of other login systems, I have attempted to create my own. I am following
this guide, but have changed a few things because I am using jQuery UI to replace views that aren't needed. There are some problems though. The login system doesn't work. I am not getting any errors either. I was hoping that someone could review the code and see where I might have gone wrong. Thanks.
I created the database and all tables that are required for the project and inserted a user via SQL.
Code:
CREATE TABLE `users` (
`id` tinyint(4) NOT NULL AUTO_INCREMENT,
`username` varchar(10) NOT NULL,
`password` varchar(100) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
Code:
insert into users (username, password) values ('Will', SHA1('my_password'));
Additionally, I am using SHA1 instead of MD5. (Would like to use sha512 and add salt, but for now, I just need functionality)
models/user.php model:
Code:
<?php
Class User extends CI_Model
{
function login($username, $password)
{
$this -> db -> select('id, username, password');
$this -> db -> from('users');
$this -> db -> where('username = ' . "'" . $username . "'");
$this -> db -> where('password = ' . "'" . SHA1($password) . "'");
$this -> db -> limit(1);
$query = $this -> db -> get();
if($query -> num_rows() == 1)
{
return $query->result();
}
else
{
return false;
}
}
}
?>
controllers/admin.php
Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Admin extends CI_Controller {
public function __construct()
{
parent::__construct();
$this->load->model('user','',TRUE);
}
public function index()
{
}
function verify()
{
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
if($this->form_validation->run() == FALSE)
{
//NEED TO DISPLAY ERROR MESSAGE FOR LOGIN FAILED
// Message will live for 5 seconds in a jquery div at the top of views/header.php.
redirect('main', 'refresh');
}
else
{
//NEED TO DISPLAY ERROR MESSAGE FOR LOGIN SUCCESSFUL
// Message will live for 5 seconds in a jquery div at the top of views/header.php.
redirect('main', 'refresh');
}
}
function check_database($password)
{
$username = $this->input->post('username');
$result = $this->user->login($username, $password);
if($result)
{
$sess_array = array();
foreach($result as $row)
{
$sess_array = array(
'id' => $row->id,
'username' => $row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
}
else
{
$this->form_validation->set_message('check_database', 'Invalid username or password');
return false;
}
}
function logout()
{
$this->session->unset_userdata('logged_in');
session_destroy();
redirect('main', 'refresh');
}
}
controllers/main.php
Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Main extends CI_Controller {
public function __construct()
{
parent::__construct();
$this->load->view('header');
}
public function index()
{
if ($this->session->userdata('logged_in'))
{
$session_data = $this->session->userdata('logged_in');
$data['username'] = $session_data['username'];
}
$this->load->view('blog');
$this->load->view('footer');
}
}
views/header.php
Code:
...
<div id="login_form" title="Login">
<?php echo validation_errors(); ?>
<?php echo form_open('admin/verify'); ?>
<input id="username" type="text" name="login_username" value="">
<input id="password" type="password" name="login_password" value="">
<input id="login_button" type="submit" name="submit_login" value="Login">
</form>
</div>
<?php if ($this->session->userdata('logged_in'))
{
$this->load->view('panel');
} ?>
...
As i stated before, I am going to eventually add SHA512 and Salt, and I am going to add a password reset feature as well, but for now, I would just like to get something working first. Thanks for the help in advance.
