Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Using Form_validation to check if username exists AND if password matches
Using Form_validation to check if username exists AND if password matches
  • El Forum
    Guest
  •  
#1
07-14-2010, 04:39 PM

[eluser]dallen33[/eluser]
I can't seem to get this working. The username part works fine, but I can't figure out how to check if the password matches. I know why it doesn't work, because to check the password, I also need to know the username. But the way the form validation callback works, I can't really do that. Am I doing something wrong or should I go about this another way? I just want it so if someone logs in and their password doesn't match, an error is shown.

Controller : admin.php
Code:
function login()
{
    if ($this->form_validation->run('login') == FALSE):
        $this->load->view('auth/login');
    else:
        if ($this->auth->login(array(
                        'username'    => $this->input->post('username'),
                        'password'    => $this->input->post('password')
                        )) === FALSE):
            $data['error'] = 'There was a problem logging in.';
            $this->load->view('auth/login', $data);
        else:
            $data['success'] = 'You are logged in!';
            $this->load->view('auth/login', $data);
        endif;
    endif;
}

Library - auth.php
Code:
function login($a)
{
    if ($this->ci->auth_model->login($a)):
        return TRUE;
    else:
        return FALSE;
    endif;
}

Model - auth_model.php
Code:
function login_check_password($a)
{
    if ($a):
        $query = $this->db_common->get_where('users', array('username' => $a['username']));
        if ($query->num_rows() > 0):
            $row = $query->row();
            if ($this->auth->password_md5($a['password']) == $row->password):
                return TRUE;
            endif;
        else:
            $this->form_validation->set_message('login_check_password', 'Password does not match username.');
            return FALSE;
        endif;
    else:
        return FALSE;
    endif;
}

Config - form_validation.php
Code:
'login' => array(
        array(
                'field' => 'username',
                'label' => 'Username',
                'rules' => 'trim|required|min_length[3]|max_length[24]|callback_login_check_username_model[auth_model]|xss_clean'
             ),
        array(
                'field' => 'password',
                'label' => 'Password',
                'rules' => 'trim|required|min_length[6]|max_length[50]|callback_login_check_password_model[auth_model]'
             ),
        )
  • El Forum
    Guest
  •  
#2
07-14-2010, 07:47 PM

[eluser]pickupman[/eluser]
Form validation is too make sure form fields are to be filled in the way you want them to, and to assist in repopulating the fields. I agree callback could work a little better. The easier way to do this is to check if required fields are filled out. In form->validation->run() routine pass username and password to auth library like:
Code:
if($this->form_validation->run() && $this->auth->login($user, $pass)){
    redirect('user'); //Login successful
}else{
   $this->login(); //Load login page again
}

//IN auth->login
function login($user = FALSE, $pass = FALSE){
  if($user == FALSE || $pass == FALSE) return FALSE; //We need both credentials

  $query = $this->db_common->get_where('users', array('username' => $user, 'password' => md5($pass), 1 );
  if($query->num_rows() > 0)
     return $query->row(); //Return user credentials

  return FALSE; //Sorry user wasn't found
    
}

You could add set_flashdata(), and return a message to the user why login faild.




Theme © iAndrew 2016 - Forum software by © MyBB