Login script with validation

[eluser]codex[/eluser]
Yeah, I know that there's a few scripts out there, but I want to understand how and why things work like they do, just for a better overall understanding.

Imagine a homepage with a small loginbox (username, password, submit). The data needs to be checked against a database. You know the drill.

Using validation and callback, how would you go about? I've made a callback for the username, but there seems to be no way to send the password for checking also. Should I make 2 seperate callbacks instead of trying to do it in one? Is it even possible?


da rules:

Code:

$rules['user_name']            = "required|callback_check_logindata";
        $rules['user_password']        = "required";
        $this->validation->set_rules($rules);

da callback:

Code:

function check_logindata($username, $password)
    {
        if (!$this->login_model->check_login_data($username, $password)) {
            $this->validation->set_message('check_logindata', 'Logindata incorrect!');
            return FALSE;
        }
    }

[eluser]Michael Wales[/eluser]
You can access any field from the form if you have assigned the fields names using $this->validation->[fieldname]:

Code:

$rules['username'] = 'trim|required|callback__check_logindata';
$rules['password'] = 'trim|required';
$this->validation->set_rules($rules);
$fields['username'] = 'username';
$fields['password'] = 'password';
$this->validation->set_fields($fields);

Code:

function _check_logindata($username) {
  $password = $this->validation->password;
  if ($this->login_model->check_login_data($username, $password) !== FALSE) {
    $this->validation->set_message('check_logindata', 'Logindata incorrect!');
    return FALSE;
  } else {
    return TRUE;
  }

Note: I also changed your callback function by prepending an underscore - now it won't be accessible via the URL - without that underscore people could access it via controller/check_logindata

[eluser]codex[/eluser]
[quote author="walesmd" date="1187140896"]You can access any field from the form if you have assigned the fields names using $this->validation->[fieldname]:

Code:

$rules['username'] = 'trim|required|callback__check_logindata';
$rules['password'] = 'trim|required';
$this->validation->set_rules($rules);
$fields['username'] = 'username';
$fields['password'] = 'password';
$this->validation->set_fields($fields);

Code:

function _check_logindata($username) {
  $password = $this->validation->password;
  if ($this->login_model->check_login_data($username, $password) !== FALSE) {
    $this->validation->set_message('check_logindata', 'Logindata incorrect!');
    return FALSE;
  } else {
    return TRUE;
  }

Note: I also changed your callback function by prepending an underscore - now it won't be accessible via the URL - without that underscore people could access it via controller/check_logindata[/quote]

Hey thanks! I was just about to give up on CI ;-)

I've tried it, but it doesn't work properly. The required rules apply, but even with a false username you're being redirected. Maybe the model is no good?

Model:

Code:

<?php
class Login_model extends Model {

// ------------------------------------------------------------------------

    function Login_model()
    {
        parent::Model();
    }

// ------------------------------------------------------------------------
    
    # /////////////////////////
    function check_login_data($username, $password)
    {
        $query = $this->db->select('user_id, user_password');
        $query = $this->db->from('users');
        $query = $this->db->where('user_name', $username);
        $query = $this->db->where('user_password', md5($password));
        $query = $this->db->get();
        
        if($query->num_rows() > 0) {
            return $query->result();
        }
        else {
            return false;
        }
    }

// ------------------------------------------------------------------------
    
}
?>

Controller:

Code:

<?php
class Home extends Controller {

// ========================================================================

    function Home()
    {
        parent::Controller();    
    }

// ========================================================================
    
    function index()
    {    
        # Validations
          $this->load->library('validation');
        $this->load->model('login_model');
        
          $rules['user_name']     = 'trim|required|callback__check_logindata';
        $rules['user_password'] = 'trim|required';
        $this->validation->set_rules($rules);
        
        $fields['user_name']     = 'user_username';
        $fields['user_password'] = 'user_password';
        $this->validation->set_fields($fields);
        
        $data['title']             = "Welkom";
        
        $this->validation->set_error_delimiters('<p class="alert">', '</p>');
        
        if ($this->validation->run() == FALSE)
        {
            $template['content'] = $this->load->view('home/home_view', $data, true);
            $this->load->view('main_template', $template);
        }
        else
        {
            redirect('start/');
        }    
    }
    
    // check logindata
    // --------------------------------------------------------------
    function _check_logindata($username) {
    
          $password = $this->validation->user_password;
          
        if ($this->login_model->check_login_data($username, $password) !== FALSE) {
          
         $this->validation->set_message('check_logindata', 'Logindata incorrect!');
                return FALSE;
          } else {
            return TRUE;
      }

// ========================================================================    
    }
}
?&gt;

View:

Code:

<?php echo form_open();?>
<label for="user_name">Gebruikersnaam</label>
<p class="pb-10">&lt;?php echo input_text("user_name", 20, "input_text", $this->validation->user_name)?&gt;</p>
&lt;?=$this->validation->user_name_error; ?&gt;
<label for="user_password">Wachtwoord</label>
<p class="pb-10">&lt;?php echo input_password("user_password", 20, "input_text", $this->validation->user_password)?&gt;</p>
&lt;?=$this->validation->user_password_error; ?&gt;
<p class="pb-20"><label for="login"></label> <a href="/forgot_pass">Wachtwoord vergeten?</a></p>
<p><label for="login"></label>
&lt;?php echo input_submit("login", "input_submit", "Naar binnen")?&gt;</p>
&lt;/form&gt;

[eluser]codex[/eluser]
Ah, this bit had something to do with it:

Code:

if ($this->login_model->check_login_data($username, $password) !== FALSE) {

Should be:

Code:

if ($this->login_model->check_login_data($username, $password) == FALSE) {

But now I get a different error when making an intended error:

Code:

Unable to access an error message corresponding to your field name.

:roll:

[eluser]codex[/eluser]
Of course, 'check_logindata' should be '_check_logindata', I'm blind ;-)

[eluser]Michael Wales[/eluser]
Yeah sorry - I didn't really look over the code at all to ensure it was logically correct - was just shooting for the basic idea on that one.

[eluser]codex[/eluser]
Nahh man, I'm glad you could help out. Works like a charm! And I've learned something ;-)