[eluser]the_unforgiven[/eluser]
I actually have:
Code: function getCustomer()
{
$data = array();
$Q = $this->db->get('users');
if ($Q->num_rows() > 0){
$data = $Q->result_array();
}
$Q->free_result();
return $data;
}
the 14 was something i was testing and even with what ive just posted yes it says test is logged in but then go to the account and is the me user account thats their.
[eluser]the_unforgiven[/eluser]
This is still causing me problems, if i logged in with user test it shows me the other user like it's still grabbing the id 14 i inputted manually earlier in these posts.
The last post just above this one is the correct code but is now just throwing a "1" at me nothing else even though print_r states some of the details are correct all i can think of is either then query in the "getCustomer" model is wrong, or the query in the controller, please help me!
[eluser]Samus[/eluser]
[quote author="the_unforgiven" date="1337961420"]This is still causing me problems, if i logged in with user test it shows me the other user like it's still grabbing the id 14 i inputted manually earlier in these posts.
The last post just above this one is the correct code but is now just throwing a "1" at me nothing else even though print_r states some of the details are correct all i can think of is either then query in the "getCustomer" model is wrong, or the query in the controller, please help me![/quote]
Would ya mind posting the current code again
[eluser]Ed Robindon[/eluser]
Here's a login page that I wrote to test with. Session and database are autoloaded in autoload.php. It has no validation just DB access:
Controller:
Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
public function index()
{
$this->load->view('login');
}
public function checkuser()
{
$uid = $this->input->post('userid');
$pwd = $this->input->post('password');
$q = $this->db->query("select * from users where user = '$uid'");
$row = $q->row();
$data = array('row'=>$row);
$this->session->set_userdata($data);
echo '<pre>';
print_r($this->session->userdata);
echo 'User record id: '.$this->session->userdata['row']->id;
}
}
/* End of file login.php */
/* Location: ./application/controllers/login.php */
View:
Code: <!DOCTYPE html>
<html>
<head>
<title>Login/Session Testing</title>
</head>
<body>
<form method="post" action="/ciproject/index.php/login/checkuser">
<label>User Id:</label>
<input type="text" id="userid" name="userid"/><br/>
<label>Password:</label>
<input type="text" id="password" name="password"/><br/>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
I open a copy of FF and run it and it shows me one id based on the user I use.
I open another copy of FF and run it as a different user and I get a different session id as well as the proper user.
Thus, I must conclude that the CI sessions handler is working properly...
Don't know what else to tell you.
[eluser]Samus[/eluser]
[quote author="Ed Robindon" date="1338002967"]Here's a login page that I wrote to test with. Session and database are autoloaded in autoload.php. It has no validation just DB access:
Controller:
Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
public function index()
{
$this->load->view('login');
}
public function checkuser()
{
$uid = $this->input->post('userid');
$pwd = $this->input->post('password');
$q = $this->db->query("select * from users where user = '$uid'");
$row = $q->row();
$data = array('row'=>$row);
$this->session->set_userdata($data);
echo '<pre>';
print_r($this->session->userdata);
echo 'User record id: '.$this->session->userdata['row']->id;
}
}
/* End of file login.php */
/* Location: ./application/controllers/login.php */
View:
Code: <!DOCTYPE html>
<html>
<head>
<title>Login/Session Testing</title>
</head>
<body>
<form method="post" action="/ciproject/index.php/login/checkuser">
<label>User Id:</label>
<input type="text" id="userid" name="userid"/><br/>
<label>Password:</label>
<input type="text" id="password" name="password"/><br/>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
I open a copy of FF and run it and it shows me one id based on the user I use.
I open another copy of FF and run it as a different user and I get a different session id as well as the proper user.
Thus, I must conclude that the CI sessions handler is working properly...
Don't know what else to tell you. [/quote]
Prone to SQL injection mate.
[eluser]the_unforgiven[/eluser]
Right here's my login page, check login, model and controller:
Code: Login Form:
<?php echo form_open('user/check');?>
<table>
<tr><td>Username:</td><td><?php echo form_input('username'); ?><?php echo form_error('username'); ?></td></tr>
<tr><td>Password:</td><td><?php echo form_password('password'); ?><?php echo form_error('password'); ?></td></tr>
<tr><td><input type="submit" name="submit" value="Login" class="buttonx buttonx-add" /></td></tr>
</table>
<?php echo form_close();?>
Code: Login Check:
// Logged In
function check()
{
// Check user and password
$query = $this->user_model->checkUser();
$this->form_validation->set_rules('username', 'required|max_length[15]');
$this->form_validation->set_rules('password', 'required|sha1');
if ($this->form_validation->run() == FALSE) {
$data['title'] = "Customer Login";
$this->load->view('user/logon', $data);
}
else {
if($query) {
$result = $this->user_model->getCustomer();
foreach($result as $res) {
$data = array(
'username' => $this->input->post('username'),
'is_user' => true,
'is_logged_in'=> true,
'last_login' => time(),
'customer_id' => $res['id'],
'acc_number' => $res['acc_number'],
'name' => $res['name']
);
$this->session->set_userdata($data);
redirect('user/myaccount');
}
}
}
}
Once they are loged in it should keep the session of how it is then move them to a my account page
Code: My Account:
<div id="tab1">
<?php if ($this->session->userdata('is_logged_in') && $this->session->userdata('is_user') == TRUE) { ?>
Welcome back, <?php echo $cust_name; ?>
<?php } ?>
</div>
<div id="tab2">
<?php // echo'<code>'; print_r($this->session->userdata); echo'</code>'; echo '<br /><br /><br />'; ?>
Your unique account number: <?php echo $cust_acc; ?><br /><br />
Update your details:<br /><br />
<form method="post" action="<?php echo base_url(); ?><?php echo $this->uri->uri_string(); ?>" name="update">
<table>
<tr><td>Name:</td><td><input type="text" name="name" value="<?php echo $customer['name']; ?>" /></td></tr>
<tr><td>Business Name:</td><td><input type="text" name="businessname" value="<?php echo $customer['businessname']; ?>" /></td></tr>
<tr><td>Address:</td><td><textarea name="address"><?php echo $customer['address']; ?></textarea></td></tr>
<tr><td>Email:</td><td><input type="text" name="email" value="<?php echo $customer['email'];?>" /></td></tr>
<tr><td>Phone:</td><td><input type="text" name="phone" value="<?php echo $customer['tel'];?>" /></td></tr>
<tr><td>Username:</td><td><input type="text" name="username" value="<?php echo $customer['username'];?>" /></td></tr>
<tr><td>Password:</td><td><input type="password" name="password" value="" /></td><td>Password Again:</td><td><input type="conf_password" name="conf_password" value="" /></td><td><small>Only enter a password if you are changing it, otherwise it will still the same</small></td></tr>
<tr><td>Website:</td><td><input type="text" name="website" value="<?php echo $customer['website']; ?>" /></td></tr>
<tr><td> </td><td><input type="submit" name="submit" value="Update" /></td></tr>
</table>
</form>
</div>
Code: Model:
// Check user againest the login details
function checkUser()
{
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', sha1($this->input->post('password')));
$query = $this->db->get('users');
if($query->num_rows() == 1)
{
return TRUE;
}
else {
if (empty($username) || empty($password))
{
$this->session->set_flashdata('message','<strong>Ooops!</strong><br />Username and/or Password cannot be empty, please try again.');
redirect('user/', 'refresh');
}
}
}
// Get Customer
function getCustomer()
{
$data = array();
$username = $this->input->post('username');
$this->db->limit(1);
$this->db->where('id',$this->session->userdata('customer_id'));
$this->db->where('username' ,$username);
$gC = $this->db->get('users');
if ($gC->num_rows() > 0){
$data = $gC->row_array();
}
$gC->free_result();
return $data;
}
[eluser]Samus[/eluser]
I'll rewrite it for you how I would write it and you let me know how that works.
Login check:
Code: Login Check:
// Logged In
function check()
{
$this->form_validation->set_rules('username', 'required|max_length[15]');
$this->form_validation->set_rules('password', 'required|sha1');
if ($this->form_validation->run() == FALSE) {
$data['title'] = "Customer Login";
$this->load->view('user/logon', $data);
}
else {
// Check user and password
$query = $this->user_model->checkUser($this->input->post('username'), sha1($this->input->post('password')));
if($query['true']) {
$result = $query['result'];
foreach($result as $res) {
$session_data = array(
'username' => $res['username'],
'is_user' => true,
'is_logged_in' => true,
'last_login' => time(),
'customer_id' => $res['id'],
'acc_number' => $res['acc_number'],
'name' => $res['name']
);
$this->session->set_userdata($session_data);
redirect('user/myaccount');
}
}
else {
// username or password incorrect, should probably create a callback instead
}
}
}
Code: function checkUser($username, $password)
{
$query = $this->db->get_where('users', array('username' => $username, 'password' => $password));
if($query->num_rows() == 1)
{
$data['true'] = TRUE;
$data['result'] = $query->result_array();
}
else {
$data['true'] = FALSE;
}
return $data;
}
You should probably do a callback in your validation rules to check if the username / password match.
[eluser]Ed Robindon[/eluser]
Samus,
I suppose my test page would be prone to all sorts of problems if it were used in production. It is simply a test page to prove that the CI session class is working properly.:cheese:
[eluser]CroNiX[/eluser]
You are getting data for ONE user, yet you are returning a result_array(), which is a multidimensional array assuming it has at least one result. Then you loop through this data (you shouldn't have to loop for 1 record, you would only loop through multiple records) and in that loop assign variables to the session.
1) fix your model to only return a row_array().
2) get rid of your loop where you are setting the session data and just set it to the result in one go.
[eluser]the_unforgiven[/eluser]
thanx all ,think i need to do what chronix says n thats what ill do
|