Welcome Guest, Not a member yet? Register   Sign In
my own user registeration and login library!
#1

[eluser]A.M.F[/eluser]
hi people,

i finished to work on my members application, and i want u to see it and see if i can improve it some how, and offcourse u can use it if u need to.

this is how i built it:
i have a Forms.php controller, that containes the login() and the register() pages, as well as a securityimg() function (to validate the forms) and emailcheck() and usercheck() functions to see that the user name and email are not allready in the DB.

Forms.php

Code:
class Forms extends Controller
{
    function Forms()
    {
        parent::Controller();
        $this->load->model('user_m');
    }

    function index()
    {
        redirect('index.php');
    }


    function securityimg()
    {
        $this->load->library('securityimg_lib');

        // get parameters
        isset($_GET['width']) ? $iWidth = (int)$_GET['width'] : $iWidth = 150;
        isset($_GET['height']) ? $iHeight = (int)$_GET['height'] : $iHeight = 30;
  
        // create new image
        $this->securityimg_lib->SecurityImage($iWidth, $iHeight);

        $this->securityimg_lib->Create();
    }
    

    //
    //Handling with the Login
    //
    function login()
    {    
        $this->load->library('validation');

        $rules['username'] = "trim|required|alpha_dash|min_length[2]|max_length[32]|prep_for_form|htmlspecialchars|xss_clean";        
        $rules['password'] = "trim|required|min_length[4]|max_length[32]|prep_for_form|htmlspecialchars|xss_clean";
        $rules['remember'] = "prep_for_form|htmlspecialchars|xss_clean";

        $this->validation->set_rules($rules);
        $this->validation->set_error_delimiters('<b>שגיאה: </b>', '<br />');

        $fields['username']  = 'השם משתמש';
        $fields['password']  = 'הסיסמא';
        $fields['remember']  = 'זכור אותי';

        $this->validation->set_fields($fields);


        if ($this->validation->run() == FALSE)
        {
            $data['message'] = $this->validation->error_string;

            //security code is wrong?
            if ((isset($_POST['send'])) && ($this->session->userdata('code') != strtoupper($_POST['securityimg'])))
            {
                $data['message'] .= "<b>שגיאה: </b>הקוד אבטחה שגוי.";
            }

            $this->layout->buildPage('login', $data);
        }

        else //all the form fields are fine
        {
            //security code is wrong?
            if ($this->session->userdata('code') != strtoupper($_POST['securityimg']))
            {
                $data['message'] = "<b>שגיאה: </b>הקוד אבטחה שגוי.";
                $this->layout->buildPage('login', $data);
            }

            else
            {
                $pass = md5(sha1($_POST['password'])); //encrypting the password

                if ($this->user_lib->login($_POST['username'], $pass)) //checking the user data
                {

                    if ((isset($_POST['remember'])) && ($_POST['remember'] == "1")) //creating coockies
                    {
                        set_cookie('user', $pass, 3600*24*365);
                        set_cookie('name', $_POST['username'], 3600*24*365);
                    }
                    else //creating short time coockies
                    {
                        $this->session->set_userdata('user', $pass);
                        $this->session->set_userdata('name', $_POST['username']);
                    }

                    redirect('index.php');
                }

                else //username or password incorrect
                {
                    $data['message'] = "<b>שגיאה: </b>שם המשתמש או הסיסמא שהכנסת אינם נכונים.";
                    $this->layout->buildPage('login', $data);

                    //show_error('An unexpected error occurred, please try again.');
                }
            }
            
        }
    }

(ran out of characters)
#2

[eluser]A.M.F[/eluser]
here is the rest of Forms.php

Code:
//
    //Handling with the registration
    //
    function register()
    {    
        $this->load->library('validation');

        $rules['username']  = "trim|required|alpha_dash|min_length[2]|max_length[32]|prep_for_form|htmlspecialchars|xss_clean|callback_username_check";        
        $rules['password']  = "trim|required|min_length[4]|max_length[32]|matches[passconf]|prep_for_form|htmlspecialchars|xss_clean";
        $rules['passconf']  = "required|prep_for_form";
        $rules['email']     = "trim|required|valid_email|matches[emailconf]|prep_for_form|htmlspecialchars|xss_clean|callback_email_check";
        $rules['emailconf'] = "required|prep_for_form";

        $this->validation->set_rules($rules);
        $this->validation->set_error_delimiters('<b>שגיאה: </b>', '<br />');

        $fields['username']  = 'השם משתמש';
        $fields['password']  = 'הסיסמא';
        $fields['passconf']  = 'האישור סיסמא';
        $fields['email']     = 'הדואר אלקטרוני';
        $fields['emailconf'] = 'אימות הדוא"ל';

        $this->validation->set_fields($fields);


        if ($this->validation->run() == FALSE)
        {
            $data['message'] = $this->validation->error_string;

            if ((isset($_POST['send'])) && ($this->session->userdata('code') != strtoupper($_POST['securityimg']))) //security code is wrong?
            {
                $data['message'] .= "<b>שגיאה: </b>הקוד אבטחה שגוי.";
            }

            $this->layout->buildPage('register', $data);
        }

        else //all the form fields are fine
        {
            if ($this->session->userdata('code') != strtoupper($_POST['securityimg'])) //security code is wrong?
            {
                $data['message'] = "<b>שגיאה: </b>הקוד אבטחה שגוי.";
                $this->layout->buildPage('register', $data);
            }
            else
            {
                if ($this->user_m->register($_POST)) //adding the user
                {
                    redirect('/show/login'); //going to the login page
                }
                else
                {
                    show_error('An unexpected error occurred, please try again.');
                }
            }
            
        }
    }

    function username_check($str) //username allready exists in the DB?
    {
        if ($this->user_m->check_match($str, 'username') == TRUE)
        {
            $this->validation->set_message('username_check', '%s שבחרת כבר נמצא בשימוש.');
            return FALSE;
        }
        else
        {
            return TRUE;
        }
    }

    function email_check($str) //email allready exists in the DB?
    {
        if ($this->user_m->check_match($str, 'email') == TRUE)
        {
            $this->validation->set_message('email_check', '%s שבחרת כבר נמצא בשימוש.');
            return FALSE;
        }
        else
        {
            return TRUE;
        }
    }

}

now, i have a model called user_m.php that for now containes two functions: register() - putting the user data inside the DB, and check_match() - used in the emailcheck() and usercheck() functions that in my Forms.php controller.

user_m.php

Code:
class User_m extends Model
{
    
    var $object;

    function User_m()
    {
        // Call the Model constructor
        parent::Model();
        $this->object =& get_instance();
    }

    
    //
    //Adding the user to the database
    //
    function register($info)
    {
        $info['password'] = md5(sha1($info['password']));
        $data = array(  'username' => $info['username'],
                        'password' => $info['password'],
                        'email'    => $info['email']
                );

        if($this->object->db->insert('users', $data))
        {
            return TRUE;
        }
        else
        {
            return FALSE;
        }
    }

    // --------------------------------------------------------------------

    /**
     * Check Match
     *
     * @access    public
     * @param    string    value
     * @param    string    field name
     *
     * @return    boolean    true or false if there's a match
     */
    function check_match($var, $field)
    {
        $query = $this->object->db->getwhere('users', array($field => $var));

        if ($query->num_rows() > 0)
        {
            return TRUE;
        }
        else
        {
            return FALSE;
        }
    }

}
#3

[eluser]A.M.F[/eluser]
the third part of my application is the user_lib.php library. in there i have the login checking and the auth() function that checks if the user has authoration and to see if he is looged with cookies or sessions.


user_lib.php
Code:
class User_lib
{

    var $object;
    
    function User_lib()
    {
        $this->object =& get_instance();
    }

    
    // --------------------------------------------------------------------

    /**
     * Checks if the login information is true
     *
     * @access    public
     * @param    string    name
     * @param    string    password
     *
     * @return    boolean    true or false if login correct
     */
    function login($user, $pass)
    {
        /*see if the username and the password matches, if so return true*/

        //$info['password'] = md5(sha1($info['password'])); //encrypting the password

        $this->object->db->from('users');
        $this->object->db->where('username', $user);
        $this->object->db->where('password', $pass);
    
        $query = $this->object->db->get();
            
        if ($query->num_rows() == 0)  //שם המשתמש או הסיסמא אינם נכונים
        {
            return FALSE;
        }
        else
        {
            $x = $query->row();

            if ($pass != $x->password) //checks if the pass entered matches the password
            {
                return FALSE;
            }
            else
            {
                return TRUE;
            }
        }
    }


    // --------------------------------------------------------------------

    /**
     * Checks if the login information is true
     *
     * @access    public
     * @param    string    cookie name
     * @param    string    cookie password
     *
     * @return    boolean    true or false has authoratoin
     */  
    function auth()
    {
        
        $cook_name = get_cookie('name');
        $cook_pass = get_cookie('user');

        if ((($cook_name == '')) || (($cook_pass == ''))) //don't have cookies? maybe have sessions
        {
            if ($this->sess_auth()) //cuz user don't want the browser to remember him
            {
                return TRUE;
            }
            else
            {
                return FALSE;
            }
        }

        if (($cook_name != '') && ($cook_pass != '')) //coockie way
        {
            if ($this->login($cook_name, $cook_pass) == TRUE)
            {
                return TRUE;
            }
            else
            {
                return FALSE;
            }
        }

        else //not loged
        {
            return FALSE;
        }
    }

    //
    //Session authoration
    //
    function sess_auth()
    {
        $sess_name = $this->object->session->userdata('name');
        $sess_pass = $this->object->session->userdata('user');

        
        if (isset($sess_name) && isset($sess_pass)) //session way
        {
            if ($this->login($sess_name, $sess_pass) == TRUE)
            {
                return TRUE;
            }
            else
            {
                return FALSE;
            }
        }

        else //not loged
        {
            return FALSE;
        }
    }
}


and that is it. what do u think?

thank u for ur time!
#4

[eluser]Neocode[/eluser]
hi I'm new in CI...

i have copy and tried your code... can ask for the securityimg_lib file. thanks Smile by the way.. when i load the page it doesn't redirect... the page will display the page isn't redirecting properly..Firefox has detected that the server is redirecting the request for this address in a way that will never complete....

please post it as soon as possible thanks Smile

if you could include the databse please include it.. the dump .sql file or so whatever..

if u can zip ur file you can send it to haro.glory@yahoo.com.

please, i will use your code for study purposes. thanks Smile
#5

[eluser]awpti[/eluser]
Seriously, Neo. Stop begging. Dogs beg. People don't. (Or..shouldn't)




Theme © iAndrew 2016 - Forum software by © MyBB