Welcome Guest, Not a member yet? Register   Sign In
Activate Account - Status Not Change
#1
Exclamation 
(This post was last modified: 11-01-2016, 01:23 AM by bagusbal.)

Hai, 

i'm try to create login and register user activate their account via email.
Link is sended to user email, and confirm is successfull, but the 'status' on database is not change. Can someone help me to check my code, maybe something error in there.

Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Voter_model extends CI_Model
{
    
        
    function __construct()
    {
         // Call the Model constructor
         parent::__construct();
    }

    //get the username & password from tbl_usrs
    function get_user($username, $password)
    {
         $sql = "select * from user where username = '" . $username . "' and password = '" . $password . "' and status = '1'";
         $query = $this->db->query($sql);
         return $query->num_rows();
    }
    
    
     //insert into user table
   function insertUser($data)
   {
       return $this->db->insert('user', $data);
   }
   
   //send verification email to user's email id
   function sendEmail($to_email)
   {
       $from_email = '[email protected]'; //change this to yours
       $subject = 'Aktivasi Akun';
       $message = 'Hallo'. $username .'<br /><br />Silakan klik link dibawah ini untuk mengkonfirmasi akun Anda pada Sistem E-voting Desa Pakraman Cucukan.<br /><br />
 '. site_url('voter/voter_register/verify/'.md5($to_email)) . '<br /><br /><br />Terima Kasih<br />Admin Evoting';
       
       //configure email settings
       $config['protocol'] = 'smtp';
       $config['smtp_host'] = 'ssl://smtp.googlemail.com'; //smtp host name
       $config['smtp_port'] = '465'; //smtp port number
       $config['smtp_user'] = $from_email;
       $config['smtp_pass'] = 'evoting2016'; //$from_email password
       $config['mailtype'] = 'html';
       $config['charset'] = 'iso-8859-1';
       $config['wordwrap'] = TRUE;
       $config['newline'] = "\r\n"; //use double quotes
       $this->email->initialize($config);
       
       //send mail
       $this->email->from($from_email, 'Admin Evoting');
       $this->email->to($to_email);
       $this->email->subject($subject);
       $this->email->message($message);
       return $this->email->send();
   }
   
   //activate user account
   function verifyEmailID($key)
    {
   $data = array('status' => 1);
   $this->db->where('email', $key);
   $verify=$this->db->update('user', $data);
    if($verify==true)
         {
          return true;
        }
          return false;
    }

    
    
}?>

and my controller, is

Code:
<?php
class Voter_register extends CI_Controller
{
   public function __construct()
   {
       parent::__construct();
       $this->load->helper(array('form','url'));
       $this->load->library(array('session', 'form_validation', 'email'));
       $this->load->database();
       $this->load->model('Voter_model');
   }
   
   function index()
   {
       $this->register();
   }
    
    
    
   function register()
   {
       //set validation rules
       
       $this->form_validation->set_rules('email', 'Email ID', 'trim|required|valid_email|is_unique[user.email]');
       $this->form_validation->set_rules('password', 'Password', 'trim|required|matches[cpassword]');
       $this->form_validation->set_rules('cpassword', 'Confirm Password', 'trim|required');
       
       //validate form input
       if ($this->form_validation->run() == FALSE)
       {
           // fails
           $this->load->view('voter/voter_register');
       }
       else
       {
           //insert the user registration details into database
           $data = array(
               'fname' => $this->input->post('fname'),
               'lname' => $this->input->post('lname'),
               'email' => $this->input->post('email'),
               'password' => $this->input->post('password'),
                 'username' => $this->input->post('username'),
                 'voting'=> 1
                
                
           );
           
           // insert form data into database
           if ($this->Voter_model->insertUser($data))
           {
               // send email
               if ($this->Voter_model->sendEmail($this->input->post('email')))
               {
                   // successfully sent mail
                   $this->session->set_flashdata('msg','<div class="alert alert-success text-center">Registrasi Sukses, silakan cek e-mail Anda untuk melakukan konfirmasi dan aktivasi akun.</div>');
                   redirect('admin_voter');
               }
               else
               {
                   // error
                   $this->session->set_flashdata('msg','<div class="alert alert-info text-center">Registrasi Sukses, gagal mengirim e-mail verifikasi.</div>');
                   redirect('admin_voter');
               }
           }
           else
           {
               // error
               $this->session->set_flashdata('msg','<div class="alert alert-danger text-center">Oops! Error.  Please try again later!!!</div>');
               redirect('admin_voter');
           }
       }
   }
   
   function verify($hash)
   {
        $this->load->helper('url');
        $this->load->model('voter_model');

       if ($this->voter_model->verifyEmailID($hash))
       {
           
          redirect('voter/voter_aktivasiok');
       }
       else
       {
         
           redirect('voter/voter_aktivasifail');
       }
   }
}
?>

Thanks
Reply
#2

Your database query is looking for a record where the email address matches the hash that was passed by the verify method. That won't give any result.
In stead of 'email', you should look for md5(email).
Reply
#3

(11-01-2016, 04:49 AM)Wouter60 Wrote: Your database query is looking for a record where the email address matches the hash that was passed by the verify method. That won't give any result.
In stead of 'email', you should look for md5(email).

Already try it to, but got an database error. When i change it into 'email' only it say Success but nothing change in 'status' on user account.
Reply
#4

This is the 3rd thread/topic for the same question/issue!

What is the error if you use md5(email)?
A good decision is based on knowledge and not on numbers. - Plato

Reply
#5

(11-01-2016, 05:04 AM)salain Wrote: This is the 3rd thread/topic for the same question/issue!

What is the error if you use md5(email)?

Im sorry if i post more than one, i will delete it later.
Error with the hash md5
Reply
#6

You will need to give more detail on the error you get in order to get help.
A good decision is based on knowledge and not on numbers. - Plato

Reply
#7

(11-01-2016, 05:47 AM)salain Wrote: You will need to give more detail on the error you get in order to get help.

md5 is fixed, its just cant change the 'status' after success verify the email address. Only this problem. Change status from '0' to '1', already set in code on top, but nothing change in 'status' on database.

NB: 0=inactive , 1=active
Reply
#8

Try to echo your query after the update to see if it is right



PHP Code:
$verify $this->db->update('user',$data);
echo 
$this->db->last_query(); 
A good decision is based on knowledge and not on numbers. - Plato

Reply
#9

Hi,

What you are asking is very difficult to debug as the error could potentially lay in any number of places.

Doing a secure register, confirmation email, login script is (apart from actually taking online payments) possibly one of the most difficult things to achieve, so if you are experiencing issues, rest assured, we have all experienced them.

I recently used peopleperhour.com and was mightily impressed with how they had streamlined the entire registration and login process. Be aware that site like this are really raising the bar for what users expect in terms of a login and authentication procedure.

In a recent site I built (which I was quite pleased with) the user simply entered their email address and a password was emailed to them. The first time they logged in, they got a welcome screen with an immediate "set your own password" demand before being given access. I do not know a simpler way to do this (apart from peopleforhour whose link logged you in immediately and then you got an email about setting a password, which for them was most certainly the right way to do it).

Using MD5 for encryption is not recommended, especially for passwords etc.

There are some fabulous libraries available, such as ionauth, but that is not the only one, but using a library for these functions is highly recommended. They often take into account factors we easily overlook, and even if doing an auth system for yourself is great experience, it is unlikely we are ever going to be expert or knowledgeable enough about security considerations to ever produce anything that will equal what these libraries offer, especially given their age, history, development and best practices they implement. So whatever the learning curve is in choosing and then getting to know the library you select, it is probably best to spend the time getting to know them and to work within them, rather than crafting you own from scratch, even as tempting as that idea might at first appear.

Just my two penneth, I am sorry I cannot add anything to the problem you have outlined here.

Best wishes,

Paul.
Reply
#10

(This post was last modified: 11-01-2016, 11:37 PM by bagusbal.)

(11-01-2016, 01:23 PM)PaulD Wrote: Hi,

What you are asking is very difficult to debug as the error could potentially lay in any number of places.

Doing a secure register, confirmation email, login script is (apart from actually taking online payments) possibly one of the most difficult things to achieve, so if you are experiencing issues, rest assured, we have all experienced them.

I recently used peopleperhour.com and was mightily impressed with how they had streamlined the entire registration and login process. Be aware that site like this are really raising the bar for what users expect in terms of a login and authentication procedure.

In a recent site I built (which I was quite pleased with) the user simply entered their email address and a password was emailed to them. The first time they logged in, they got a welcome screen with an immediate "set your own password" demand before being given access. I do not know a simpler way to do this (apart from peopleforhour whose link logged you in immediately and then you got an email about setting a password, which for them was most certainly the right way to do it).

Using MD5 for encryption is not recommended, especially for passwords etc.

There are some fabulous libraries available, such as ionauth, but that is not the only one, but using a library for these functions is highly recommended. They often take into account factors we easily overlook, and even if doing an auth system for yourself is great experience, it is unlikely we are ever going to be expert or knowledgeable enough about security considerations to ever produce anything that will equal what these libraries offer, especially given their age, history, development and best practices they implement. So whatever the learning curve is in choosing and then getting to know the library you select, it is probably best to spend the time getting to know them and to work within them, rather than crafting you own from scratch, even as tempting as that idea might at first appear.

Just my two penneth, I am sorry I cannot add anything to the problem you have outlined here.

Best wishes,

Paul.

Already remove the md5 right now. It's make me confused, code is fix when i remove the md5, damn it.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB