Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers Redux Authentication 1.4a (24th July 2008)
Redux Authentication 1.4a (24th July 2008)
  • El Forum
    Guest
  •  
#231
07-28-2008, 09:18 PM

[eluser]lizaaard[/eluser]
that's right.. the same line added in my script, and works fine =)
  • El Forum
    Guest
  •  
#232
07-28-2008, 09:31 PM

[eluser]kvait[/eluser]
Raiko, read post by CI andrea and maybe above fix will make sense to you.

Basically I added (string) => switch ((string) $redux)
So $redux is compared as string, not integer (in case value is true).

You can also read comments from php.net regarding mixed types of values in switch statement here PHP: switch - Manual
  • El Forum
    Guest
  •  
#233
07-28-2008, 09:44 PM

[eluser]Raiko[/eluser]
[quote author="kvait" date="1217319372"]I think query for _login() should be this:
Code:
$i = $this->ci->db->select($users_tbl.'.password, '.
                $users_tbl.'.hash, '.
                $users_tbl.'.id, '.
                $users_tbl.'.username, '.
                $users_tbl.'.activation_code, '.
                $users_tbl.'.banned_id, '.
                $banned_tbl.'.reason')
banned_id - added.

Now it works for me.[/quote]

Odd.. shouldn't need to select it. Oh well
  • El Forum
    Guest
  •  
#234
07-29-2008, 05:19 AM

[eluser]Popcorn[/eluser]
kvait spotted and fixed both bugs.

The redux login method is actually returning the correct result and still logs you in, but the switch statement is buggered. Type casting will fix it as stated but I will try to come up with a more elegant solution.

Without Type Casting
http://img137.imageshack.us/img137/9393/capturecb6.jpg

With Type Casting
http://img140.imageshack.us/img140/8527/capture1iy8.jpg

For now to fix the problem

Code:
switch ((string)$redux)
            {
                case "NOT_ACTIVATED";
                    echo "NOT_ACTIVATED";
                    break;
                case "BANNED";
                    echo "BANNED";
                    break;
                case false;
                    echo "false";
                    break;
                case true;
                    echo "true";
                    break;
            }
Thanks kvait,

To get the banned message you just have to echo out
Code:
$this->session->flashdata('login');

Should end up with something like this :
http://img140.imageshack.us/img140/7132/capture3gj1.jpg

Note : It's only available after a refresh.

If you can't wait for me to roll out a fix add this line to the _login method

Code:
$users_tbl.'.banned_id,'.

I'll get an update ASAP.

Hold tight. Smile
  • El Forum
    Guest
  •  
#235
07-29-2008, 07:53 AM

[eluser]gr0uch0mars[/eluser]
Hi! Thanks for redux, it's what I needed. I've been reading the user_guide and I created all the controllers and views for registering, login, and logout. But when I try to copy the code for the forgotten-pass pages, the forgotten_end controller code is wrong, as it's the same as forgotten_process.

What's the right code for this final process?

There are also some errors in the Login view code:
Code:
<?php
class User extends Controller
{
  <h1>Login</h1>
  ...
  </div>
}                
?&gt;
  • El Forum
    Guest
  •  
#236
07-29-2008, 09:07 AM

[eluser]Popcorn[/eluser]
Should of known that creating the documenation at 2am in the morning would have bad effects.

I'm already updating it with previous fixes mentioned in this topic so I might as well redo the documenation too.

forgotten_end

Code:
function forgotten_end ()
    {
        $rules['answer'] = "required";
                
        $this->validation->set_rules($rules);

        $fields['answer']= 'Answer';        
    
        $this->validation->set_fields($fields);
            
        if ($this->validation->run())
        {
            $redux = $this->redux_auth->forgotten_end($this->input->post('answer'));
            
            if ($redux) {
                // new password sent.
            }
            else {
                // failed.
            }
        }
        else
        {
            $this->load->view('users/forgotten_process');
        }        
    }

login view
Code:
<h1>Login</h1>
&lt;?php echo $this->validation->error_string; ?&gt;

&lt;?php echo form_open('user/login'); ?&gt;

    <label for="username">Email : </label><br />
    &lt;?php echo form_input('email'); ?&gt;<br /><br />
    
    <label for="password">Password : </label><br />
    &lt;?php echo form_password('password'); ?&gt;<br /><br />

    <label for="submit"> </label>
    &lt;?php echo form_submit('submit', 'Login'); ?&gt;

&lt;?php echo form_close(); ?&gt;
  • El Forum
    Guest
  •  
#237
07-29-2008, 10:36 AM

[eluser]gr0uch0mars[/eluser]
1) Thanks for the answer.
2)It happens that when I write the secret answer returns this error:
Code:
A PHP Error was encountered

Severity: Notice

Message: Trying to get property of non-object

Filename: libraries/redux_auth.php

Line Number: 312

That corresponds to:
Code:
if($dbanswer->answer === sha1($this->salt.$answer))

3) When the email at forgotten_begin is misspelled, it returns a blank page (error). I solved it by adding the check_email function before:
Code:
function forgotten_begin ()
{
...

if ($this->validation->run() == true)
{
  if($this->redux_auth->check_email($this->input->post('email')))
  {
   $redux = $this->redux_auth->forgotten_begin($this->input->post('email'));
              
   if ($redux) {
    # code...
    $this->load->view('users/forgotten_process');
   }
   else {
    # code...
    echo 'Error';
   }
  }
  else {
   # code...
   echo 'Email does not exist';
  }
}

...
}

4) By the way, when once you've updated the user guide, I can download it and translate it to Spanish, although I don't know if there are any CI Spanish user, but it could be useful anyway.
  • El Forum
    Guest
  •  
#238
07-29-2008, 11:11 AM

[eluser]Popcorn[/eluser]
The reason you are getting that error is because once you hit stage 3 the forgotten password code is removed. You'll have to start from stage 1 and go through the process again to make sure it works. Smile

forgotten_begin will return false when it can't find a result so you could also do :

Code:
$redux = $this->redux_auth->forgotten_begin($this->input->post('email'));
              
   if ($redux) {
    # code...
    $this->load->view('users/forgotten_process');
   }
   else {
    # code...
    echo 'Error';
   }

That should work, not tested.
  • El Forum
    Guest
  •  
#239
07-29-2008, 01:12 PM

[eluser]gr0uch0mars[/eluser]
Yes, it works, it was my fault.

However I don't understand what you meant about the question answer and the forgotten_password_code. What is the action of pass_code when answering the question? It seems the problem is in retrieving the answer and comparing with the $answer provided by the user, doesn't it? I don't know if I explained it clear enough... 8-/
  • El Forum
    Guest
  •  
#240
07-30-2008, 07:31 PM

[eluser]Popcorn[/eluser]
It removes the forgotten password code so you can't keep guessing the answer. Good defence against brute force attacks.

I've realised the documenation wasn't good enough for this release so I'm in the process of redoing the whole lot and more.

You can see the WIP here.

https://redux.s3-external-3.amazonaws.com/index.html

Any requests are welcome.

All the previous bugs mentioned will be fixed.

Thanks for the support.




Theme © iAndrew 2016 - Forum software by © MyBB