Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums General Lounge Split login fail condition in 2 conditions to cover “account inactive” case
Split login fail condition in 2 conditions to cover “account inactive” case
  • Offline Ajax30
    Member
  • ***
  • Posts: 71
    Threads: 46
    Joined: Aug 2017
    Reputation: 0
#3
10-15-2017, 06:52 AM
(This post was last modified: 10-15-2017, 06:54 AM by Ajax30.)

(10-15-2017, 06:43 AM)JayAdra Wrote: This is because your first if statement is:

PHP Code:
if ($current_user) { 

Which will return false for an inactive user, as your query is:

PHP Code:
$query $this->db->get_where('users', ['email' => $email'password' => md5($password), 'active' => 1]); 

Notice, the check for "active" => 1, meaning it won't return any records for inactive users.

So your first if statement returns false, hence going to the else clause which has:

PHP Code:
$this->session->set_flashdata("signin_failure""Incorrect email or password"); 

So you probably need to check if the user is active first, before checking if their username/password is correct.

I'd suggest splitting your "user_login" function into two distinct functions. One to check if the user is active, and one to test the user/pass combo.

Lastly, I noticed you're storing your password as md5 strings... this is a bad idea. It's not secure. Use bcrypt or similar.

It worke! Thx!
Reply


Messages In This Thread
RE: Split login fail condition in 2 conditions to cover “account inactive” case - by Ajax30 - 10-15-2017, 06:52 AM



Theme © iAndrew 2016 - Forum software by © MyBB