• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Solved] Cannot login with model my login function

#1
I am using password password_verify for my password to check if correct.

How ever I am entering the correct password but it keeps on returning false when submit form.

And it is getting the secured_password from database OK.

I am not sure why it keeps on returning false any suggestions?

PHP Code:
<?php

class Login_model extends CI_Model {

    private 
$customer_id;

    public function 
__construct() {
        
parent::__construct();
    }

    public function 
login($username_or_email$password) {
        if (
password_verify($password$this->secure_password($username_or_email))) {

            
$this->db->where('username'$username_or_email);
            
$this->db->or_where('email'$username_or_email);

            
$customer_query $this->db->get($this->db->dbprefix 'customer');

            if (
$customer_query->num_rows() == 1) {
                
                
$customer_info $customer_query->row_array();

                
$this->customer_id $customer_info['customer_id'];

                return 
true;
            
            } else {

                return 
false;

            }

        }
    }

    public function 
is_logged_in() {
        return 
$this->customer_id;
    }

    public function 
secure_password($username_or_email) {

        
$this->db->where('username'$username_or_email);
        
//$this->db->or_where('email', $username_or_email);

        
$query $this->db->get($this->db->dbprefix 'customer');

        if (
$query->num_rows() > 0) {

            
$row $query->row_array();

            return 
$row['password'];

        } else {

            return 
false;
        }
    }



Controller

PHP Code:
<?php

class Login extends MX_Controller {
    
    public function 
__construct() {
        
parent::__construct();
        
$this->load->library('form_validation');
        
$this->load->model('catalog/account/login_model');
    }

    public function 
index() {

        
$this->form_validation->set_rules('username_or_email''Username Or Email''required');
        
$this->form_validation->set_rules('password''Password''required');

        if (
$this->form_validation->run() == false) {

            
$data['header'] = Modules::run('catalog/common/header/index');
            
$data['footer'] = Modules::run('catalog/common/footer/index');

            
$this->load->view('account/login_view'$data);

        } else {

            
$username_or_email $this->input->post('username_or_email');
            
$password $this->input->post('password');

            
$query $this->login_model->login($username_or_email$password);

            if (
$query) {

                echo 
'Success:: ' $this->login_model->is_logged_in(); 

            } else {

                
/* Testing code below Only */

                
echo 'False:: ' $this->login_model->secure_password($username_or_email);
            }
        }
    }



Update: I have been trying to figure it out for some reason it does not like when I try to get my password from my database but when I hard code password in it works fine I think its some thing to do with model function any ideas?


PHP Code:
$username $this->input->post('username');
$password $this->input->post('password');
//$database_password = $this->login_model->secure_password($username);
$database_password '$2y$10$QwzeK7iYqOkbyELLK57N2.Glo6MzgWn5vGFJHWRlehUhzB1lFom7K'// Works fine copied from db

$verify password_verify($password$database_password);
                
if (
$verify) {
 
  echo 'Hello';
} else {
 
  echo 'Not Working';


PHP Code:
public function secure_password($username) {
$this->db->select('*');
$this->db->from($this->db->dbprefix 'customer');
$this->db->where('username'$username);
$query $this->db->get();
return 
$query->row()->password;



Attached Files
.php   Login.php (Size: 1.06 KB / Downloads: 52)
.php   Login_model.php (Size: 1.12 KB / Downloads: 58)
There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!
Reply

#2
Hello..

Is the value return by the secure_password() function is a hash password using php's password_hash() function?
Reply

#3
Try the below and see if it works, the hash needs to be within single quotes ''

PHP Code:
public function secure_password($username)
{
 
   $this->db->select('*');
 
   $this->db->from($this->db->dbprefix 'customer');
 
   $this->db->where('username'$username);
 
   $query $this->db->get();

 
   $row $query->row_array();

 
   return $row['password'];

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#4
(07-19-2016, 04:43 PM)InsiteFX Wrote: Try the below and see if it works, the hash needs to be within single quotes ''

PHP Code:
public function secure_password($username)
{
 
   $this->db->select('*');
 
   $this->db->from($this->db->dbprefix 'customer');
 
   $this->db->where('username'$username);
 
   $query $this->db->get();

 
   $row $query->row_array();

 
   return $row['password'];


I have found the issue.

When the password has was inserted into the database there was a extra blank space been added.

I have now fixed that that was the issue.

Thank you all for help
There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!
Reply

#5
Yes the password_hash() method will truncate at the first null byte so you need to be very careful with that. I think this only happens with the BCRYPT.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.