Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming password and username verification
password and username verification
  • El Forum
    Unregistered
  •  
#1
12-31-2011, 02:48 PM

[eluser]terry101[/eluser]
I created a username/password check before and it worked fine for my login. I was trying to add a session with what i had before but i realized that now my password and username verification isnt work where it returns false. I don’t see any difference in what i had before, not sure where i could have messed it up. I dont get any errors but when i type in a valid username/password (already stored in database) it gives me



Code:
echo 'Username or password is invalid, try again';

i tried
Code:
$this->output->enable_profiler(1);
and i see the query in the model is correct, its doing its job. Assistance needed.

Controller
Code:
function login()    {
        
                $this->load->library('form_validation');
        
        $this->form_validation->set_rules('username', 'Username','required|xss_clean|trim');
        $this->form_validation->set_rules('password', 'Password','required|xss_clean|trim');
        
        
        if ($this->form_validation->run() == FALSE) {
            
            $this->load->view('loginview');
        }
        else {
        
                $this->load->model('loginmodel');
                 $username = $this->input->post('username');
         $password = $this->input->post('password');
                if ($this->loginmodel->check_login($username, $password)){
                    
                    echo 'your in';
                        //$this->userlogin->start_session();
                    }
            
            else {
                
                echo 'Username or password is invalid, try again';
            
            }            
        }
    }
    
    function start_session() {
        
            // loading sessions
                $this->load->library('session');
                
                //$store_sess_data  = array ('logged_in' => TRUE, 'user_id' => $username, 'last_active' => 'timestamp')
                $this-> session->set_userdata(array (
                'logged_in' => TRUE,
                'user_id' => $username,
                'last_active' => 'timestamp')
                
                );
                  redirect('sessionview');
    }

Model
Code:
function check_login ($username, $password) {
        $en_password = MD5($password);
                
        $checklogin = array('username' => $username, 'password' => $en_password);
        $verifylogin = $this->db->get_where('tbregister',$checklogin);
    
        if ($verifylogin->num_rows() == 1) {
        var_dump($verifylogin);
            return TRUE;
        }
        else {
            
            return FALSE;
        }
    }
  • El Forum
    Unregistered
  •  
#2
01-25-2012, 11:21 AM

[eluser]jjDeveloper[/eluser]
Looks like your session_start is using an undefined variable. Try setting your variables to the global scope of the class using.

Code:
$this->username = 'username';

or pass the variable to the function.

I don't know that this will fix your issue because I am limited as to what I can see from your code but it is one problem I noticed.
  • El Forum
    Unregistered
  •  
#3
01-25-2012, 11:19 PM

[eluser]JoostV[/eluser]
Could it be that you have more than one user with that usename/password combination in your db? If so, your model's check_login() will return false.

On a side note, you may want to run your username through xss filter.
Code:
 $username = $this->input->post('username', TRUE);
  • El Forum
    Unregistered
  •  
#4
01-25-2012, 11:24 PM

[eluser]InsiteFX[/eluser]
Also you should autoload the session library for something like that!

And you do not need to use session_start...

Your problem is in the get_where you can not pass an associated array
to it with two parameters!

Something like this!
Code:
// --------------------------------------------------------------------

/**
  * verify_user()
  *
  * Description:
  *
  * @access public
  * @param string
  * @param string
  * @return void
  */
public function verify_user($user, $password)
{
  $this->db->select('id, user_name, password');
  $this->db->where('user_name', $user);
  $this->db->where('password', $this->hash_password($user, $password));
  $this->db->where('status', 'active');
  $this->db->limit(1);

  $query = $this->db->get('admins');

  if ($query->num_rows() > 0)
  {
   $row = $query->row_array();

   $this->session->set_userdata('user_id', $row['id']);
   $this->session->set_userdata('user_name', $row['user_name']);
  }
  else
  {
   $this->session->set_flashdata('error', 'Sorry, your username or password is incorrect!');
  }
}

// -----------------------------------------------------------------------

/**
  * hash_password()
  *
  * Hashes the users user_name, password and CI 32-bit encryption key
  * using SHA-512. I place this in my user_model.
  *
  * You can also pass in the user and password fields to
  * this method to generate the encryption key then echo the returned value.
  *
  * NOTE: The Database password field needs to be varchar(128)
  *
  * @access public
  * @param string - $user_name
  * @param string - $password
  * @retrun string - the 128 char encrypted password
  */
public function hash_password($user_name, $password)
{
  $salt = config_item('encryption_key');

  return hash('SHA512', $user_name . $password . $salt);
}




Theme © iAndrew 2016 - Forum software by © MyBB