• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Split login fail condition in 2 conditions to cover “account inactive” case

#1
I have made a Registration and Login application with Codeigniter 3.

When someone fills the *Registration form* and submits it successfully, the "active" column of the "users" table receives the value 0, as visible in the image bellow:

[Image: 6oeby.png]

Users will have to activate their accounts before being able to sign in.

The user_login() function inside the Usermodel:

   
PHP Code:
public function user_login($email$password$active) {
      $query $this->db->get_where('users', ['email' => $email'password' => md5($password), 'active' => 1]);
      return $query->row();
 


In the Signin.php controller I have the signin() method: 

 
PHP Code:
 public function signin()
      {  
      $this
->form_validation->set_rules('email''Email''required|trim|valid_email');
      $this->form_validation->set_rules('password''Password''required|trim');
      $this->form_validation->set_error_delimiters('<p class="error">''</p>');
      if ($this->form_validation->run())
      {
        $email $this->input->post('email');
        $password $this->input->post('password');
        $this->load->model('Usermodel');
        $current_user $this->Usermodel->user_login($email$password);
          // If we find a user
        if ($current_user) {
          // If the user found is active
          if ($current_user->active == 1) {
            $this->session->set_userdata(
             array(
              'user_id' => $current_user->id,
              'user_email' => $current_user->email,
              'user_first_name' => $current_user->fname,
              'user_active' => $current_user->active,
              'is_logged_in' => TRUE
              
)
             );
            redirect('home');  
          
} else {
            // If the user found is NOT active
            $this->session->set_flashdata("signin_failure""Your account has not been activated");
            redirect('signin'); 
          
}
        } else {
          // If we do NOT find a user
          $this->session->set_flashdata("signin_failure""Incorrect email or password");
          redirect('signin'); 
        
}
      }
      else
      {
       $this->load->view('signin');
     }
 


but there is a flaw in it because even when the email and password are correct, but the user is inactive, the message is: "Incorrect email or password" Instead of "Your account has not been activated".
Reply


Messages In This Thread
Split login fail condition in 2 conditions to cover “account inactive” case - by Ajax30 - 10-15-2017, 06:39 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.