I am using password password_verify for my password to check if correct.
How ever I am entering the correct password but it keeps on returning false when submit form.
And it is getting the secured_password from database OK.
I am not sure why it keeps on returning false any suggestions?
PHP Code:
<?php class Login_model extends CI_Model { private $customer_id ; public function __construct () { parent :: __construct (); } public function login ( $username_or_email , $password ) { if ( password_verify ( $password , $this -> secure_password ( $username_or_email ))) { $this -> db -> where ( 'username' , $username_or_email ); $this -> db -> or_where ( 'email' , $username_or_email ); $customer_query = $this -> db -> get ( $this -> db -> dbprefix . 'customer' ); if ( $customer_query -> num_rows () == 1 ) { $customer_info = $customer_query -> row_array (); $this -> customer_id = $customer_info [ 'customer_id' ]; return true ; } else { return false ; } } } public function is_logged_in () { return $this -> customer_id ; } public function secure_password ( $username_or_email ) { $this -> db -> where ( 'username' , $username_or_email ); //$this->db->or_where('email', $username_or_email); $query = $this -> db -> get ( $this -> db -> dbprefix . 'customer' ); if ( $query -> num_rows () > 0 ) { $row = $query -> row_array (); return $row [ 'password' ]; } else { return false ; } } }
Controller
PHP Code:
<?php class Login extends MX_Controller { public function __construct () { parent :: __construct (); $this -> load -> library ( 'form_validation' ); $this -> load -> model ( 'catalog/account/login_model' ); } public function index () { $this -> form_validation -> set_rules ( 'username_or_email' , 'Username Or Email' , 'required' ); $this -> form_validation -> set_rules ( 'password' , 'Password' , 'required' ); if ( $this -> form_validation -> run () == false ) { $data [ 'header' ] = Modules :: run ( 'catalog/common/header/index' ); $data [ 'footer' ] = Modules :: run ( 'catalog/common/footer/index' ); $this -> load -> view ( 'account/login_view' , $data ); } else { $username_or_email = $this -> input -> post ( 'username_or_email' ); $password = $this -> input -> post ( 'password' ); $query = $this -> login_model -> login ( $username_or_email , $password ); if ( $query ) { echo 'Success:: ' . $this -> login_model -> is_logged_in (); } else { /* Testing code below Only */ echo 'False:: ' . $this -> login_model -> secure_password ( $username_or_email ); } } } }
Update: I have been trying to figure it out for some reason it does not like when I try to get my password from my database but when I hard code password in it works fine I think its some thing to do with model function any ideas?
PHP Code:
$username = $this -> input -> post ( 'username' ); $password = $this -> input -> post ( 'password' ); //$database_password = $this->login_model->secure_password($username); $database_password = '$2y$10$QwzeK7iYqOkbyELLK57N2.Glo6MzgWn5vGFJHWRlehUhzB1lFom7K' ; // Works fine copied from db $verify = password_verify ( $password , $database_password ); if ( $verify ) { echo 'Hello' ; } else { echo 'Not Working' ; }
PHP Code:
public function secure_password ( $username ) { $this -> db -> select ( '*' ); $this -> db -> from ( $this -> db -> dbprefix . 'customer' ); $this -> db -> where ( 'username' , $username ); $query = $this -> db -> get (); return $query -> row ()-> password ; }
Attached Files
Login.php (Size: 1.06 KB / Downloads: 52)
Login_model.php (Size: 1.12 KB / Downloads: 58)
There's only one rule - please don't tell anyone to go and read the manual. Sometimes the manual just SUCKS!