Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Authentication by email and group/access level
Authentication by email and group/access level
  • El Forum
    Guest
  •  
#1
10-14-2009, 04:22 AM

[eluser]doubleplusgood[/eluser]
Hi there,
I have built and admin controller and would like the is_valid_user function to check the email address and also check that that user has a particular group/access level.

My login and is_valid_user functions are as follows;

Code:
function login()
{
    $email = $this->input->post('email');
    $password = $this->input->post('password');
    
    if ( empty($email) || empty($password) )
    {
        die('fill it in!');
    }
    
    $logged_in = $this->auth->login($email, $password);
    
    redirect('admin');
}

function is_valid_user($email)
{    
    $this->db->where('email', $email);
    $query = $this->db->get('users', 1);
    
    if ( $query->num_rows() == 1 )
    {
        return TRUE;
    }
    else
    {
        $this->form_validation->set_message('is_valid_user', 'This user is not registered!');
        
        return FALSE;
    }
}

I attempted the following query to check the email and groupid (access level);

Code:
$sql = "SELECT * FROM users WHERE email = ? AND groupid = ?";
$this->db->query($sql, array($email,5));
            
$query = $this->db->get('users', 1);

I wondered if anyone had any ideas on how to get this working? Thank you.
  • El Forum
    Guest
  •  
#2
10-14-2009, 06:22 AM

[eluser]davidbehler[/eluser]
Either do this
Code:
$sql = "SELECT * FROM users WHERE email = ? AND groupid = ? LIMIT 0,1";
$query = $this->db->query($sql, array($email,5));
or this
Code:
$this->db->where('email', $email);
$this->db->where('groupid', 5);
$query = $this->db->get('users', 1);
You can't mix Active Record and 'simple' sql.
  • El Forum
    Guest
  •  
#3
10-14-2009, 07:03 AM

[eluser]doubleplusgood[/eluser]
Thanks man. Looks like I need to do some additional check as my site still lets me log in to the admin area even though my group isn't 5. This is my Admin controller for logging in.

So in theory, if i'm logging in as a user with groupid of 4, then it should redirect me to the admin/index view.

Code:
<?php

    class Admin extends Controller {
        
        function Admin()
        {
            parent::Controller();
        }
        
        function index()
        {
            $view_data = array();
            
            if ( $this->auth->logged_in() )
            {
                $view_data['view_file'] = 'admin/dashboard';
                $this->load->view('admin/dashboard', $view_data);
            }
            else
            {
                $view_data['view_file'] = 'admin/index';
                $this->load->view('admin/index', $view_data);
            }
            
            //$this->load->view('layout', $view_data);
        }
        
        function login()
        {
            $email = $this->input->post('email');
            $password = $this->input->post('password');
            
            if ( empty($email) || empty($password) )
            {
                die('fill it in!');
            }
            
            $logged_in = $this->auth->login($email, $password);
            
            redirect('admin');
        }
        
        function logout()
        {
            $this->auth->logout();
            
            redirect('admin/index');
        }
        
        function is_valid_user($email)
        {
            $this->db->where('email', $email);
            $this->db->where('groupid', 5);
            $query = $this->db->get('users', 1);
            
            if ( $query->num_rows() == 1 )
            {
                return TRUE;
            }
            else
            {
                $this->form_validation->set_message('is_valid_user', 'This user is not registered!');
                
                return FALSE;
            }
        }
        
        function is_not_user($email)
        {
            $this->db->where('email', $email);
            $this->db->where('groupid', 4);
            $query = $this->db->get('users', 1);
            
            if ( $query->num_rows() == 1 )
            {
                $this->form_validation->set_message('is_not_user', 'This user is already registered!');
                return FALSE;
            }
            else
            {
                return TRUE;
            }
        }
    }




Theme © iAndrew 2016 - Forum software by © MyBB