Welcome Guest, Not a member yet? Register   Sign In
Reassigning a value to a session variable
#1

[eluser]xtremer360[/eluser]
Trying to figure out why when the failed_logins variable is less than the config item it doesn't increase the failed_logins variable and then reassign that number to the session userdata.

Code:
$failed_logins = $this->session->userdata('failed_logins');  
        if (is_numeric($failed_logins))
        {
            echo 'failed logins:'.$failed_logins;
            echo '<br />';
            echo 'failed_login_limit:'.$this->config->item('failed_login_limit');
            if ($failed_logins < $this->config->item('failed_login_limit'))
            {
                $failed_logins++;
                $this->session->set_userdata('failed_logins', $failed_logins);
                return FALSE;
            }
            else
            {
                $this->session->unset_userdata('failed_logins');
                return TRUE;
            }
        }
        else
        {
            $this->session->set_userdata('failed_logins', 1);
            return FALSE;
        }
#2

[eluser]theprodigy[/eluser]
Since it isn't doing what you want it to do, what is it doing?
#3

[eluser]xtremer360[/eluser]
I redid the submit function and here's the section of code being questioned. When it gets down to the else statement were I have the var_dump on the $failed logins varible it keeps coming back with bool(false). I should be set when I set it to 1 on the first login attempt.

Code:
$regenerated_post_password = $this->functions_model->regenerate_password_hash($post_password, $user_data->password_hash);
                    $failed_logins = $this->session->userdata('failed_logins');
                    if ($regenerated_post_password == $user_data->password)
                    {
                        $profile_data = $this->users_model->get_profile_data($user_data->user_id);
                        $this->session->set_userdata(array('xtr' => 'yes', 'user_id'  => $user_data->user_id, 'username' => $user_data->username, 'role' => $user_data->user_roles_id, 'default_roster_id' => $profile_data->default_roster_id));
                        $this->users_model->insert_session($this->session->userdata('session_id'), $user_data->username, $this->input->ip_address(), $this->session->userdata('user_agent'));
                        $this->session->unset_userdata('failed_logins');
                        $output_array = array('error' => FALSE, 'message' => 'Successful login! Going to the dashboard!');
                    }
                    else if (is_numeric($failed_logins) && $failed_logins == (int)$this->config->item('failed_login_limit'))
                    {
                        $this->email->from('[email protected]', 'KOW Management Team');
                        $this->email->to($user_data->email_address);
                        $this->email->subject('KOW Manager Max Login Attempts');
                        $this->email->message('Hello '.$user_data->first_name.' '.$user_data->last_name.',<br /><br />We would like to inform you that you or someone else is trying to access your account. They have failed at 5 attempts with your username and password that we have on file. If this is you, you may wait the 30 minutes needed to try again or you may fill out either the forgot username or forgot password forms. Those links are in this email. If this was not you please send an email to the KOW Management Team.<br /><br /><a href="forgotusername">Forgot Username</a><br /><a href="forgotpassword">Forgot Password</a>');
                        $this->email->send();
                        $this->users_model->lock_out_user($post_username, date('Y-m-d H:i:s', $this->config->item('wait_time')));
                        $output_array = array('error' => TRUE, 'message' => 'Your account is currently locked, we appologize for the inconvienence. You must wait 30 minutes before you can login again! An email was sent to the owner of this account! Forgotten your username or password? <a href="forgotusername">Forgot Username</a> or <a href="forgotpassword">Forgot Password</a>');
                    }
                    else
                    {
                        var_dump($failed_logins);
                        if (!is_numeric($failed_logins))
                        {
                            $this->session->set_userdata('failed_logins', 1);    
                        }
                        else
                        {
                            $failed_logins++;
                            $this->session->set_userdata('failed_logins', $failed_logins);  
                        }
                        $this->users_model->increase_login_attempt($this->input->ip_address(), $post_username);
                        $output_array = array('error' => TRUE, 'message' => 'Incorrect username and password combination!');  
                    }
#4

[eluser]theprodigy[/eluser]
I don't really see anything wrong with your code.

Are you having CI store session in a db, and if so, have you kept an eye on your ci_session table to make sure it's not making a new session each time, and thereby no keeping track of your failed_logins value?

Another thing to check is everywhere you might be unsetting the session value. I see it once in your first IF condition. Do you happen to have it anywhere else that may be removing it?
#5

[eluser]xtremer360[/eluser]
I don't have it unsetting anywhere else. Here's the full code. Thanks for the reply.

http://pastebin.com/M1iMaQmq
#6

[eluser]xtremer360[/eluser]
With some debugging I tested the if statement on 122 of the pastebin and it proved to be true so for some reason this line of code doesn't run.

Code:
$this->session->set_userdata('failed_logins', 1);
#7

[eluser]theprodigy[/eluser]
If I'm reading your code correctly, the first time through,
Code:
$failed_logins = $this->session->userdata('failed_logins');
will return a FALSE because it currently isn't in session, right?

Then why not change your last IF to
Code:
if ($failed_logins === FALSE)
{
    $this->session->set_userdata('failed_logins', 1);    
}
else
{
    $failed_logins++;
    $this->session->set_userdata('failed_logins', $failed_logins);  
}




Theme © iAndrew 2016 - Forum software by © MyBB