Cleaning up reset password module |
[eluser]RalphLeMouf[/eluser]
btw I got rid of the first error because I forgot to take out $data in this function in the controller after I took it out of the model public function reset_password()
[eluser]RalphLeMouf[/eluser]
the name of the model is user_model and here is the code in the class user_model Yes, it's the user_model class User_model extends CI_Model { /** * Constructor */ function __construct() { // Call the Model constructor parent::__construct(); } //CREATE SALT public function _salt( $length = 32 ) { // Load the string helper $this->load->helper('string'); // Return the random string return random_string('alnum', $length); } //CHECK THE EMAIL THE USER ENTERED TO RESET THEIR PASSWORD AGAINST THE MATCHING ONE IN THE DB public function validate_retrieve($data) { $query = $this->db->where($data)->get('users', '1'); foreach ($query->result() as $user) { $user->email; $user->salt; $user->id; } $reset_token = array( 'token' => sha1($user->email.$user->salt).dechex($user->id), 'email' => $user->email ); $insert = $this->db->insert('reset', $reset_token, '1'); return $reset_token; } public function reset_password() { $salt = $this->_salt(); $query = $this->db->get('reset', 1); foreach ($query->result() as $row) { echo $row->token; echo $row->email; echo $row->id; } $data = array( 'password' => $this->encrypt->sha1($salt . $this->encrypt->sha1($this->input->post('password'))), 'salt' => $salt ); $this->db->where('email', $row->email); $this->db->update('users', $data); } //CHECK USERS ENTERED INFO AGAINST WHAT IS STORED IN THE DB TO SIGN IN TO VIA LOGIN VIEW public function validate($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } } //CHECK USERS ENTERED INFO AGAINST WHAT IS STORED IN TEH DB TO SIGN IN VIA HOME PAGE VIEW public function validate_home_login($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } } //CONFIRM USER AS A MEMEBER AND MARK THEIR PENDING STATUS TO ACTIVE IN THE DB public function validate_confirm($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->query('SELECT * FROM users order by id desc LIMIT 1'); foreach ($query->result() as $user){ $data = array( 'status' => 'active' ); $this->db->where('id', $user->id); $this->db->update('users', $data); } } //INSERTING NEW MEMBERS CRITERIA IN THE DB public function create_member() { $salt = $this->_salt(); $this->load->library('encrypt'); $new_member_insert_data = array( 'first_name' => $this->input->post('first_name'), 'last_name' => $this->input->post('last_name'), 'email' => $this->input->post('email'), 'password' => $this->encrypt->sha1($salt . $this->encrypt->sha1($this->input->post('password'))), 'salt' => $salt, 'status' => 'pending' ); $insert = $this->db->insert('users', $new_member_insert_data); return $insert; } }
[eluser]apodner[/eluser]
//MODEL Code: class user_model extends CI_Model // CONTROLLER Code: public function reset_password($data)
[eluser]apodner[/eluser]
Now that I have seen your whole model, I want to make a couple of revisions to what I told you previously. See below. This should get you much much closer. //CONTROLLER Code: public function reset_password() //MODEL Code: public function verify_token($token)
[eluser]RalphLeMouf[/eluser]
That was very helpful to see how you did that. It gave me a good idea on how to simplify better. The only thing is that I tried what you wrote ( although it did it's job with the database and inserting) I am getting a blank white page with Code: http://www.mysite/index.php/auth/reset_password thanks
[eluser]apodner[/eluser]
You are correct, on the failure of the if statement test, there is no else to display another view. My advice would be to start with a simpler encryption method first. Maybe just md5 the password and get that working right, or don't encrypt at all. This will allow you the chance to make sure all the mechanics of the form and the validation are working right. Once you have that stable, then add your encryption schema in one piece at a time. Add in some echo statements after each step to see the value of the variables and make sure they are coming up the way you want them to. One other thing, in order to get a TRUE returned in the token validation, there can only be one matching row in the reset table, any chance there are multiple rows with the same token value? Also look at the 2nd time I posted that method, I had a typo the first time, and didn't call the $this->db->num_rows() method correctly.
[eluser]RalphLeMouf[/eluser]
Great news. Got everything to work error free! The final step is to get the form validation to work properly and all of the errors to pose as they should. I really appreciate your help on this - you actually taught me a lot and helped get me on the right track in a major way. Here is the final code that ended up working: //CONTROLLER Code: public function reset_password() //MODEL Code: public function verify_token($token)
[eluser]apodner[/eluser]
I am glad you were able to get everything going the right way. Glad to be of help.
[eluser]RalphLeMouf[/eluser]
Ok- so unfortunately this problem has not been solved as I thought. I noticed that the token that is created in the first email that gets inserted to the reset table is DIFFERENT then the one that is sent in the email to take user to reset page. I'm assuming those are supposed to be the same in order to match and pass validation. I can't quite syntactically figure out how to pass the same token that is created in the controller and to be used in the model to insert into db ( to make them the same one ) I think that's why on the actual reset page validation is never passing. aka can't reset password. Here is the model and controller for the sending token functions Code: public function validate_retrieve($data) { Code: public function retrieve() and here is the model and controller for the actual reset page. PLEASE HELP thanks in advance Code: public function verify_token($token) Code: public function reset_password() |
Welcome Guest, Not a member yet? Register Sign In |