Welcome Guest, Not a member yet? Register   Sign In
Help session grab user_id from database
#31

[eluser]the_unforgiven[/eluser]
I actually have:

Code:
function getCustomer()
  {
    $data = array();

    $Q = $this->db->get('users');
    if ($Q->num_rows() > 0){
         $data = $Q->result_array();
    }
      $Q->free_result();    
      return $data;
  }
the 14 was something i was testing and even with what ive just posted yes it says test is logged in but then go to the account and is the me user account thats their.
#32

[eluser]the_unforgiven[/eluser]
This is still causing me problems, if i logged in with user test it shows me the other user like it's still grabbing the id 14 i inputted manually earlier in these posts.

The last post just above this one is the correct code but is now just throwing a "1" at me nothing else even though print_r states some of the details are correct all i can think of is either then query in the "getCustomer" model is wrong, or the query in the controller, please help me!
#33

[eluser]Samus[/eluser]
[quote author="the_unforgiven" date="1337961420"]This is still causing me problems, if i logged in with user test it shows me the other user like it's still grabbing the id 14 i inputted manually earlier in these posts.

The last post just above this one is the correct code but is now just throwing a "1" at me nothing else even though print_r states some of the details are correct all i can think of is either then query in the "getCustomer" model is wrong, or the query in the controller, please help me![/quote]
Would ya mind posting the current code again
#34

[eluser]Ed Robindon[/eluser]
Here's a login page that I wrote to test with. Session and database are autoloaded in autoload.php. It has no validation just DB access:

Controller:
Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Login extends CI_Controller {
  
  public function index()
{
  $this->load->view('login');
}
  
  public function checkuser()
  {
    $uid = $this->input->post('userid');
    $pwd = $this->input->post('password');
    $q = $this->db->query("select * from users where user = '$uid'");    
    $row = $q->row();
    $data = array('row'=>$row);
    $this->session->set_userdata($data);
    echo '<pre>';
    print_r($this->session->userdata);
    echo 'User record id: '.$this->session->userdata['row']->id;
  }
}

/* End of file login.php */
/* Location: ./application/controllers/login.php */

View:

Code:
<!DOCTYPE html>
&lt;html&gt;
&lt;head&gt;
&lt;title&gt;Login/Session Testing&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
&lt;form method="post" action="/ciproject/index.php/login/checkuser"&gt;
<label>User Id:</label>
&lt;input type="text" id="userid" name="userid"/&gt;&lt;br/>
<label>Password:</label>
&lt;input type="text" id="password" name="password"/&gt;&lt;br/>
&lt;input type="submit" value="Submit"/&gt;
&lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;

I open a copy of FF and run it and it shows me one id based on the user I use.

I open another copy of FF and run it as a different user and I get a different session id as well as the proper user.

Thus, I must conclude that the CI sessions handler is working properly...

Don't know what else to tell you. Sad
#35

[eluser]Samus[/eluser]
[quote author="Ed Robindon" date="1338002967"]Here's a login page that I wrote to test with. Session and database are autoloaded in autoload.php. It has no validation just DB access:

Controller:
Code:
&lt;?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Login extends CI_Controller {
  
  public function index()
{
  $this->load->view('login');
}
  
  public function checkuser()
  {
    $uid = $this->input->post('userid');
    $pwd = $this->input->post('password');
    $q = $this->db->query("select * from users where user = '$uid'");    
    $row = $q->row();
    $data = array('row'=>$row);
    $this->session->set_userdata($data);
    echo '<pre>';
    print_r($this->session->userdata);
    echo 'User record id: '.$this->session->userdata['row']->id;
  }
}

/* End of file login.php */
/* Location: ./application/controllers/login.php */

View:

Code:
<!DOCTYPE html>
&lt;html&gt;
&lt;head&gt;
&lt;title&gt;Login/Session Testing&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
&lt;form method="post" action="/ciproject/index.php/login/checkuser"&gt;
<label>User Id:</label>
&lt;input type="text" id="userid" name="userid"/&gt;&lt;br/>
<label>Password:</label>
&lt;input type="text" id="password" name="password"/&gt;&lt;br/>
&lt;input type="submit" value="Submit"/&gt;
&lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;

I open a copy of FF and run it and it shows me one id based on the user I use.

I open another copy of FF and run it as a different user and I get a different session id as well as the proper user.

Thus, I must conclude that the CI sessions handler is working properly...

Don't know what else to tell you. Sad[/quote]
Prone to SQL injection mate. Wink
#36

[eluser]the_unforgiven[/eluser]
Right here's my login page, check login, model and controller:

Code:
Login Form:

&lt;?php echo form_open('user/check');?&gt;
<table>
  <tr><td>Username:</td><td>&lt;?php echo form_input('username'); ?&gt;&lt;?php echo form_error('username'); ?&gt;</td></tr>
  <tr><td>Password:</td><td>&lt;?php echo form_password('password'); ?&gt;&lt;?php echo form_error('password'); ?&gt;</td></tr>
  <tr><td>&lt;input type="submit" name="submit" value="Login" class="buttonx buttonx-add" /&gt;&lt;/td></tr>
</table>
&lt;?php echo form_close();?&gt;

Code:
Login Check:

// Logged In
function check()
{
  // Check user and password
  $query = $this->user_model->checkUser();
    
  $this->form_validation->set_rules('username', 'required|max_length[15]');
  $this->form_validation->set_rules('password', 'required|sha1');
    
  if ($this->form_validation->run() == FALSE) {
  
   $data['title'] = "Customer Login";
   $this->load->view('user/logon', $data);
  }
  else {
   if($query) {
    
     $result = $this->user_model->getCustomer();
    
     foreach($result as $res) {
         $data = array(
           'username'    => $this->input->post('username'),
           'is_user'     => true,
           'is_logged_in'=> true,
           'last_login'  => time(),
           'customer_id' => $res['id'],
           'acc_number'  => $res['acc_number'],
       'name'        => $res['name']
                );
  
     $this->session->set_userdata($data);
     redirect('user/myaccount');
      }
   }
  }
}
Once they are loged in it should keep the session of how it is then move them to a my account page
Code:
My Account:

<div id="tab1">
     &lt;?php if ($this->session->userdata('is_logged_in') && $this->session->userdata('is_user') == TRUE) { ?&gt;
    Welcome back,&nbsp;&lt;?php echo $cust_name; ?&gt;
  &lt;?php } ?&gt;
   </div>

<div id="tab2">
&lt;?php // echo'<code>'; print_r($this->session->userdata); echo'</code>'; echo '<br /><br /><br />'; ?&gt;
Your unique account number: &lt;?php echo $cust_acc; ?&gt;<br /><br />
Update your details:<br /><br />
&lt;form method="post" action="&lt;?php echo base_url(); ?&gt;&lt;?php echo $this-&gt;uri-&gt;uri_string(); ?&gt;" name="update"&gt;
  <table>
   <tr><td>Name:</td><td>&lt;input type="text" name="name" value="&lt;?php echo $customer['name']; ?&gt;" /&gt;&lt;/td></tr>
   <tr><td>Business Name:</td><td>&lt;input type="text" name="businessname" value="&lt;?php echo $customer['businessname']; ?&gt;" /&gt;&lt;/td></tr>
   <tr><td>Address:</td><td>&lt;textarea name="address"&gt;&lt;?php echo $customer['address']; ?&gt;&lt;/textarea&gt;&lt;/td></tr>
   <tr><td>Email:</td><td>&lt;input type="text" name="email" value="&lt;?php echo $customer['email'];?&gt;" /&gt;&lt;/td></tr>
   <tr><td>Phone:</td><td>&lt;input type="text" name="phone" value="&lt;?php echo $customer['tel'];?&gt;" /&gt;&lt;/td></tr>
   <tr><td>Username:</td><td>&lt;input type="text" name="username" value="&lt;?php echo $customer['username'];?&gt;" /&gt;&lt;/td></tr>
   <tr><td>Password:</td><td>&lt;input type="password" name="password" value="" /&gt;&lt;/td><td>Password Again:</td><td>&lt;input type="conf_password" name="conf_password" value="" /&gt;&lt;/td><td><small>Only enter a password if you are changing it, otherwise it will still the same</small></td></tr>
   <tr><td>Website:</td><td>&lt;input type="text" name="website" value="&lt;?php echo $customer['website']; ?&gt;" /&gt;&lt;/td></tr>
   <tr><td>&nbsp;</td><td>&lt;input type="submit" name="submit" value="Update" /&gt;&lt;/td></tr>
  </table>
&lt;/form&gt;
</div>

Code:
Model:

// Check user againest the login details
function checkUser()
{
  $this->db->where('username', $this->input->post('username'));
  $this->db->where('password', sha1($this->input->post('password')));
  
  $query = $this->db->get('users');

  if($query->num_rows() == 1)
  {
   return TRUE;
  }
  else {
   if (empty($username) || empty($password))
    {
     $this->session->set_flashdata('message','<strong>Ooops!</strong><br />Username and/or Password cannot be empty, please try again.');
     redirect('user/', 'refresh');
    }
  }
}

// Get Customer
function getCustomer()
  {
    $data = array();
    
    $username = $this->input->post('username');
    
    $this->db->limit(1);
    $this->db->where('id',$this->session->userdata('customer_id'));
    $this->db->where('username' ,$username);
    $gC = $this->db->get('users');
    if ($gC->num_rows() > 0){
         $data = $gC->row_array();
    }
      $gC->free_result();    
      return $data;
}
#37

[eluser]Samus[/eluser]
I'll rewrite it for you how I would write it and you let me know how that works.

Login check:

Code:
Login Check:

// Logged In
function check()
{
  
    
  $this->form_validation->set_rules('username', 'required|max_length[15]');
  $this->form_validation->set_rules('password', 'required|sha1');
    
  if ($this->form_validation->run() == FALSE) {
  
   $data['title'] = "Customer Login";
   $this->load->view('user/logon', $data);
  }
  else {

// Check user and password
  $query = $this->user_model->checkUser($this->input->post('username'), sha1($this->input->post('password')));
   if($query['true']) {
    
     $result = $query['result'];
    
     foreach($result as $res) {
         $session_data = array(
           'username'     => $res['username'],
           'is_user'      => true,
           'is_logged_in' => true,
           'last_login'   => time(),
           'customer_id'  => $res['id'],
           'acc_number'   => $res['acc_number'],
           'name'         => $res['name']
                );
  
     $this->session->set_userdata($session_data);
     redirect('user/myaccount');
      }
   }
   else {
    // username or password incorrect, should probably create a callback instead
   }
  }
}
Code:
function checkUser($username, $password)
{

  $query = $this->db->get_where('users', array('username' => $username, 'password' => $password));

  if($query->num_rows() == 1)
  {
    $data['true'] = TRUE;
    $data['result'] = $query->result_array();
  }
  else {
    $data['true'] = FALSE;
  }
return $data;
}

You should probably do a callback in your validation rules to check if the username / password match.
#38

[eluser]Ed Robindon[/eluser]
Samus,

I suppose my test page would be prone to all sorts of problems if it were used in production. It is simply a test page to prove that the CI session class is working properly.:cheese:
#39

[eluser]CroNiX[/eluser]
You are getting data for ONE user, yet you are returning a result_array(), which is a multidimensional array assuming it has at least one result. Then you loop through this data (you shouldn't have to loop for 1 record, you would only loop through multiple records) and in that loop assign variables to the session.

1) fix your model to only return a row_array().
2) get rid of your loop where you are setting the session data and just set it to the result in one go.
#40

[eluser]the_unforgiven[/eluser]
thanx all ,think i need to do what chronix says n thats what ill do




Theme © iAndrew 2016 - Forum software by © MyBB