Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Have problems with code please help?
Have problems with code please help?
  • El Forum
    Guest
  •  
#1
04-30-2013, 08:03 AM

[eluser]gork7478[/eluser]
I have a problem that I really hope someone can help me with. In my model I have this code the get hashed password from database.

Code:
public function getPasswordHash($email) {
        $sql = 'SELECT `password` FROM users WHERE email=? LIMIT 1';
        $query = $this -> db -> query($sql, array($email));

        return ($query -> num_rows() > 0) ? $query -> row() : FALSE;
    }

Now I have a callback function that I'm trying to run to compared password in controller here's the code for that.

Code:
function _checkPassword($pass)
    {
        $hasher = new PhpAss();
        $this->load->model('user');
        $hashed_pass = $this->user->getPasswordHash($this->input->post('email'));
        $hashed_pass = $hashed_pass->password;

        if ($hasher->checkPassword($pass, $hashed_pass))
        {
            echo 'true';
        }
        else
        {
            $this->form_validation->set_message('_checkPassword', 'The Email and/or Password is incorrect. Please try again');
            return false;
        }
    }

A PHP Error was encountered

Severity: Notice

Message: Trying to get property of non-object

Filename: controllers/main.php

Line Number: 149

And this is the error I'm getting when I put the wrong password in my form. If I put the correct password it works. Any help would be greatly appreciated.
  • El Forum
    Guest
  •  
#2
05-01-2013, 03:47 AM

[eluser]TheFuzzy0ne[/eluser]
Who is a PhpAss? Tongue

I'm assuming that this is line 149?
Code:
$hashed_pass = $hashed_pass->password;

If you enter a username that doesn't exist, then FALSE will be returned. Since it's not an object, it doesn't have a property named "password".

Since your model is called "getPasswordHash", it would make more sense for it to pass back the password, rather than the database result, so:

Code:
public function getPasswordHash($email = '') {
    if ( ! $email) {
        return FALSE;
    }

    $sql = 'SELECT `password` FROM users WHERE email=? LIMIT 1';
    $query = $this->db->query($sql, array($email));

    return ($query->num_rows() == 1) ? $query->row()->password : FALSE;
}

You then need to check for the password in your validation callback:
Code:
function _checkPassword($pass)
{
    $hasher = new PhpAss();
    $this->load->model('user');
    $hashed_pass = $this->user->getPasswordHash($this->input->post('email'));

    if ($hasher->checkPassword($pass, $hashed_pass))
    {
        return TRUE;
    }
    else
    {
        $this->form_validation->set_message('_checkPassword', 'The Email and/or Password is incorrect. Please try again');
        return FALSE;
    }
}

However, I'd approach this slightly differently. I'd move the logic for validating a username and password into my model, so I'd have a model method called is_valid_login(), where you'd pass the username and password, and it will simply return TRUE or FALSE. If you ever decide to implement your login elsewhere, it would mean you don't have to repeat so much code. It also keeps your business logic separate from your controller logic.




Theme © iAndrew 2016 - Forum software by © MyBB