Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Storing id to the session
Storing id to the session
  • El Forum
    Guest
  •  
#1
03-10-2013, 09:06 AM

[eluser]haris244808[/eluser]
Hi there,
I have a users database where i try to get the users ID after he has logged in, so i could use that id to compare with another user_id of other table and retrive specific data based on the ID...

here is my login_model i use to login:
Code:
$sql =  "SELECT * FROM users WHERE username = ? AND password = ?";
  $query = $this->db->query($sql, array($this->input->post('username'), md5($this->input->post('password'))));

  if ($query->num_rows() > 0) {

   return $query;
  }

and here is the login controller where i try to store the id in the session:
Code:
$this->load->model('login_model');
   $query = $this->login_model->validation();

   if ($query) {
    
    $data = array(
     'username'  => $this->input->post('username'),
     'id'   => $query->id, //here is what i am trying to get (of course this is wrng, i just made an example to make the ide clear)
     'is_logged_in' => TRUE
     );

    $this->session->set_userdata($data);

    redirect('home');
   }
   else{

    $data['error_msg'] = 'Wrong username or password. Please try again!';
    $this->load->view('login_form_view', $data);
   }

can anyone help me in this problem??
  • El Forum
    Guest
  •  
#2
03-10-2013, 10:02 AM

[eluser]TheFuzzy0ne[/eluser]
Your model should be passing back $query->result(). If you only required the ID of the user, that should be all you pass back from your model. It's pointless pulling out more data than that if you don't need it.

Also, you could do with strengthening up how you encrypt your password. SHA-1 is miles better than MD5, and you should definitely use a [url="http://en.wikipedia.org/wiki/Salt_(cryptography)"]salt[/url] as well.
  • El Forum
    Guest
  •  
#3
03-10-2013, 10:13 AM

[eluser]haris244808[/eluser]
[quote author="TheFuzzy0ne" date="1362934950"]Your model should be passing back $query->result(). If you only required the ID of the user, that should be all you pass back from your model. It's pointless pulling out more data than that if you don't need it.

Also, you could do with strengthening up how you encrypt your password. SHA-1 is miles better than MD5, and you should definitely use a [url="http://en.wikipedia.org/wiki/Salt_(cryptography)"]salt[/url] as well.[/quote]

ok
Here it is the login_model:
Code:
function validation(){
  
  $sql =  "SELECT id, username, password FROM users WHERE username = ? AND password = ?";
  $query = $this->db->query($sql, array($this->input->post('username'), sha1($this->input->post('password'))));

  if ($query->num_rows() > 0) {

   return $query->result();
  }
}

but now how i shouldstore the id to the session ??
  • El Forum
    Guest
  •  
#4
03-10-2013, 10:23 AM

[eluser]TheFuzzy0ne[/eluser]
Are you not using the CodeIgniter Session class? If so, all of that is taken care of for you, and you shouldn't even need to be aware of the session ID. CodeIgniter stores it in the cookie for you, and extracts the userdata for that session upon each request.

If you do use the Session class, I recommend encrypting the cookie and storing the session in the database. This means that people can't steal other people's cookies and use them, and also it helps overcome the cookie data limit, as well as meaning your users don't have to send so much data every time they load a page.
  • El Forum
    Guest
  •  
#5
03-10-2013, 10:33 AM

[eluser]haris244808[/eluser]
[quote author="TheFuzzy0ne" date="1362936211"]Are you not using the CodeIgniter Session class? If so, all of that is taken care of for you, and you shouldn't even need to be aware of the session ID. CodeIgniter stores it in the cookie for you, and extracts the userdata for that session upon each request.

If you do use the Session class, I recommend encrypting the cookie and storing the session in the database. This means that people can't steal other people's cookies and use them, and also it helps overcome the cookie data limit, as well as meaning your users don't have to send so much data every time they load a page.[/quote]

i am using session library...
but can u help me how to retrieve that ID...
I need that ID to use in another query :
ex:
SELECT * FROM files WHERE user_id = ? ;

so the "?" will be the ID i retrieve from the login.
  • El Forum
    Guest
  •  
#6
03-10-2013, 10:36 AM

[eluser]TheFuzzy0ne[/eluser]
RTFM. Everything you need is in the user guide.
Code:
// Set userdata.
$this->session->set_userdata('id', $query->id);

// Retrieve userdata.
$id = $this->session->userdata('id');
  • El Forum
    Guest
  •  
#7
03-10-2013, 10:52 AM

[eluser]haris244808[/eluser]
[quote author="TheFuzzy0ne" date="1362936978"]RTFM. Everything you need is in the user guide.
Code:
// Set userdata.
$this->session->set_userdata('id', $query->id);

// Retrieve userdata.
$id = $this->session->userdata('id');
[/quote]

yes as i wrote in the begining i am trying to store like that:
Code:
$this->load->model('login_model');
   $query = $this->login_model->validation();

   if ($query) {

    $data = array(
     'username'  => $this->input->post('username'),
     'id'   => $query->id,
     'is_logged_in' => TRUE
     );

    $this->session->set_userdata($data);

    redirect('home');
   }
   else{

    $data['error_msg'] = 'Wrong username or password. Please try again!';
    $this->load->view('login_form_view', $data);
   }

and then make a model to query based on that id :
Code:
function select_files_based_on_user(){

  $sql = "SELECT * FROM files WHERE user_id = ? ";
  $files_query = $this->db->query($sql, array($this->session->userdata('id')));

  if ($files_query->num_rows() > 0) {
  
   return TRUE;
  }
}

and show tha data:
Code:
foreach ($files_query as $results){
         echo "<tr>";
         echo "<td>&lt;input type=\"checkbox\" class=\"checkbox\" /&gt;&lt;/td>";
         echo "<td>".$results->case_nr."</td>";
         echo "<td><a >".$results->subject."</a></td>";
         echo "<td>".$results->description."</td>";
         echo "<td>".$results->first_name." ".$results->last_name."</td>";
        }
       ?&gt;

but i get an error: Invalid argument supplied for foreach()

where is my problem?

btw: thnx dude for helping me Smile... im trying to learn codeigniter Smile
  • El Forum
    Guest
  •  
#8
03-10-2013, 10:57 AM

[eluser]haris244808[/eluser]
I tried wrapping foreach loop with :
if(is_array($files_query)){

but now it doesnt show any error but also any data...it doesnt retrieve data based on the ID :S
  • El Forum
    Guest
  •  
#9
03-10-2013, 10:57 AM

[eluser]TheFuzzy0ne[/eluser]
Same problem as before. select_files_based_on_user() is returning TRUE. It should be returning $file_query->result()

You can use logging, print_r() and var_dump() to debug values, to make sure you're getting what you expect.
  • El Forum
    Guest
  •  
#10
03-10-2013, 10:59 AM

[eluser]TheFuzzy0ne[/eluser]
In your controller, insert the line $this->output->enable_profiler(TRUE), and you'll be able to see exactly what queries are being fired at the server. Smile




Theme © iAndrew 2016 - Forum software by © MyBB