Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Simple user login - How to set errors after validation is ran
Simple user login - How to set errors after validation is ran
  • El Forum
    Guest
  •  
#1
01-04-2011, 04:16 PM

[eluser]Medikal[/eluser]
Hey guys, I've managed to get a simple registration working, I'm using sha256 encryption against a password.salt combination, their user-specific salt is stored in the database and then added onto their post password to verify, though that's a bit off topic since that bit works.

My code is posted below, and well the main issue is it doesn't set an error up if something is wrong. As you can see if the user doesn't exist, if the password is wrong, I want the same error to be pretty vague for security reasons. The entire script is function since it echos nothing if it's wrong, and echos valid if it's valid. So just need help with the error setting, thanks guys!

Code:
// Set parameters for registration
        $this->form_validation->set_rules("username", "Username", "required|min_length[4]|max_length[20]");
        $this->form_validation->set_rules("password", "Password", "required|min_length[6]|max_length[16]");

        // If the form validation runs, or it hasn't been submitted yet
        if ($this->form_validation->run() == FALSE)
        {
            $template['mainContent'] = "login_view";
            $this->load->view("layout", $template);
        } else {
            $specificSalt = $this->db->get_where(USERS, array("username" => $this->input->post("username")), 1);
            $specificSalt = $specificSalt->row_array();
            // If no result for that username...
            if (empty($specificSalt))
            {
                $this->form_validation->set_message("failedAttempt", "Login attempt failed, Invalid username or password.");
            } else {
                $this->db->where("password", $this->user->saltPassword($this->input->post("password"), $specificSalt["salt"]));
                $this->db->from(USERS);
                $validInfo = $this->db->count_all_results();

                if ($validInfo==0)
                {
                   $this->form_validation->set_message("failedAttempt", "Login attempt failed, Invalid username or password.");
                } elseif ($validInfo==1) {
                    // set session
                    echo "valid";
                }
            }
        }
  • El Forum
    Guest
  •  
#2
01-05-2011, 04:03 AM

[eluser]Cristian Gilè[/eluser]
Hi Medikal,

when you set the message error form validation is already run so validation_errors is empty.

Why not create two callback one for username and one for password?
Code:
function salt_check($str)
{    
    $specificSalt = $this->db->get_where('USERS', array("username" => $str), 1);
    $specificSalt = $specificSalt->row_array();
    // If no result for that username...
    if (empty($specificSalt))
    {
        $this->form_validation->set_message("salt_check", "Login attempt failed, Invalid username or password.");
        return FALSE;
    }
    return TRUE;
}

and put it in the username rules:

Code:
$this->form_validation->set_rules("username", "Username", "required|min_length[4]|max_length[20]|callback_salt_check");

Create a similar callback for the password field.

Now, your code is more clean.

You can put these rules in your form validation library if you want reusable code.
  • El Forum
    Guest
  •  
#3
03-04-2011, 03:42 PM

[eluser]Unknown[/eluser]
After the validation is ran, I set a variable inside the form_validation property:

Code:
$this->form_validation->_my_custom_error_list['my_error_element'] = 'My Info';

Then, in the place I need to print my error, I evaluate if that variable exists:

Code:
if( isset( $this->form_validation->_my_custom_error_list['my_error_element'] ) ) {
    echo '<span class="error">my_error_element has an error!!!</span>';
}

Not a nice way, but it solved my problem.




Theme © iAndrew 2016 - Forum software by © MyBB