-
bagusbal
Bagus Bala
-
Posts: 12
Threads: 5
Joined: Oct 2016
Reputation:
0
11-01-2016, 01:21 AM
(This post was last modified: 11-01-2016, 01:23 AM by bagusbal.)
Hai,
i'm try to create login and register user activate their account via email.
Link is sended to user email, and confirm is successfull, but the 'status' on database is not change. Can someone help me to check my code, maybe something error in there.
Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Voter_model extends CI_Model
{
function __construct()
{
// Call the Model constructor
parent::__construct();
}
//get the username & password from tbl_usrs
function get_user($username, $password)
{
$sql = "select * from user where username = '" . $username . "' and password = '" . $password . "' and status = '1'";
$query = $this->db->query($sql);
return $query->num_rows();
}
//insert into user table
function insertUser($data)
{
return $this->db->insert('user', $data);
}
//send verification email to user's email id
function sendEmail($to_email)
{
$from_email = '[email protected]'; //change this to yours
$subject = 'Aktivasi Akun';
$message = 'Hallo'. $username .'<br /><br />Silakan klik link dibawah ini untuk mengkonfirmasi akun Anda pada Sistem E-voting Desa Pakraman Cucukan.<br /><br />
'. site_url('voter/voter_register/verify/'.md5($to_email)) . '<br /><br /><br />Terima Kasih<br />Admin Evoting';
//configure email settings
$config['protocol'] = 'smtp';
$config['smtp_host'] = 'ssl://smtp.googlemail.com'; //smtp host name
$config['smtp_port'] = '465'; //smtp port number
$config['smtp_user'] = $from_email;
$config['smtp_pass'] = 'evoting2016'; //$from_email password
$config['mailtype'] = 'html';
$config['charset'] = 'iso-8859-1';
$config['wordwrap'] = TRUE;
$config['newline'] = "\r\n"; //use double quotes
$this->email->initialize($config);
//send mail
$this->email->from($from_email, 'Admin Evoting');
$this->email->to($to_email);
$this->email->subject($subject);
$this->email->message($message);
return $this->email->send();
}
//activate user account
function verifyEmailID($key)
{
$data = array('status' => 1);
$this->db->where('email', $key);
$verify=$this->db->update('user', $data);
if($verify==true)
{
return true;
}
return false;
}
}?>
and my controller, is
Code: <?php
class Voter_register extends CI_Controller
{
public function __construct()
{
parent::__construct();
$this->load->helper(array('form','url'));
$this->load->library(array('session', 'form_validation', 'email'));
$this->load->database();
$this->load->model('Voter_model');
}
function index()
{
$this->register();
}
function register()
{
//set validation rules
$this->form_validation->set_rules('email', 'Email ID', 'trim|required|valid_email|is_unique[user.email]');
$this->form_validation->set_rules('password', 'Password', 'trim|required|matches[cpassword]');
$this->form_validation->set_rules('cpassword', 'Confirm Password', 'trim|required');
//validate form input
if ($this->form_validation->run() == FALSE)
{
// fails
$this->load->view('voter/voter_register');
}
else
{
//insert the user registration details into database
$data = array(
'fname' => $this->input->post('fname'),
'lname' => $this->input->post('lname'),
'email' => $this->input->post('email'),
'password' => $this->input->post('password'),
'username' => $this->input->post('username'),
'voting'=> 1
);
// insert form data into database
if ($this->Voter_model->insertUser($data))
{
// send email
if ($this->Voter_model->sendEmail($this->input->post('email')))
{
// successfully sent mail
$this->session->set_flashdata('msg','<div class="alert alert-success text-center">Registrasi Sukses, silakan cek e-mail Anda untuk melakukan konfirmasi dan aktivasi akun.</div>');
redirect('admin_voter');
}
else
{
// error
$this->session->set_flashdata('msg','<div class="alert alert-info text-center">Registrasi Sukses, gagal mengirim e-mail verifikasi.</div>');
redirect('admin_voter');
}
}
else
{
// error
$this->session->set_flashdata('msg','<div class="alert alert-danger text-center">Oops! Error. Please try again later!!!</div>');
redirect('admin_voter');
}
}
}
function verify($hash)
{
$this->load->helper('url');
$this->load->model('voter_model');
if ($this->voter_model->verifyEmailID($hash))
{
redirect('voter/voter_aktivasiok');
}
else
{
redirect('voter/voter_aktivasifail');
}
}
}
?>
Thanks
-
salain
Member
-
Posts: 135
Threads: 2
Joined: Nov 2014
Reputation:
12
This is the 3rd thread/topic for the same question/issue!
What is the error if you use md5(email)?
A good decision is based on knowledge and not on numbers. - Plato
-
bagusbal
Bagus Bala
-
Posts: 12
Threads: 5
Joined: Oct 2016
Reputation:
0
(11-01-2016, 05:04 AM)salain Wrote: This is the 3rd thread/topic for the same question/issue!
What is the error if you use md5(email)?
Im sorry if i post more than one, i will delete it later.
Error with the hash md5
-
bagusbal
Bagus Bala
-
Posts: 12
Threads: 5
Joined: Oct 2016
Reputation:
0
(11-01-2016, 05:47 AM)salain Wrote: You will need to give more detail on the error you get in order to get help.
md5 is fixed, its just cant change the 'status' after success verify the email address. Only this problem. Change status from '0' to '1', already set in code on top, but nothing change in 'status' on database.
NB: 0=inactive , 1=active
-
salain
Member
-
Posts: 135
Threads: 2
Joined: Nov 2014
Reputation:
12
Try to echo your query after the update to see if it is right
PHP Code: $verify = $this->db->update('user',$data); echo $this->db->last_query();
A good decision is based on knowledge and not on numbers. - Plato
-
PaulD
Posting Freak
-
Posts: 1,061
Threads: 42
Joined: Mar 2015
Reputation:
73
Hi,
What you are asking is very difficult to debug as the error could potentially lay in any number of places.
Doing a secure register, confirmation email, login script is (apart from actually taking online payments) possibly one of the most difficult things to achieve, so if you are experiencing issues, rest assured, we have all experienced them.
I recently used peopleperhour.com and was mightily impressed with how they had streamlined the entire registration and login process. Be aware that site like this are really raising the bar for what users expect in terms of a login and authentication procedure.
In a recent site I built (which I was quite pleased with) the user simply entered their email address and a password was emailed to them. The first time they logged in, they got a welcome screen with an immediate "set your own password" demand before being given access. I do not know a simpler way to do this (apart from peopleforhour whose link logged you in immediately and then you got an email about setting a password, which for them was most certainly the right way to do it).
Using MD5 for encryption is not recommended, especially for passwords etc.
There are some fabulous libraries available, such as ionauth, but that is not the only one, but using a library for these functions is highly recommended. They often take into account factors we easily overlook, and even if doing an auth system for yourself is great experience, it is unlikely we are ever going to be expert or knowledgeable enough about security considerations to ever produce anything that will equal what these libraries offer, especially given their age, history, development and best practices they implement. So whatever the learning curve is in choosing and then getting to know the library you select, it is probably best to spend the time getting to know them and to work within them, rather than crafting you own from scratch, even as tempting as that idea might at first appear.
Just my two penneth, I am sorry I cannot add anything to the problem you have outlined here.
Best wishes,
Paul.
-
bagusbal
Bagus Bala
-
Posts: 12
Threads: 5
Joined: Oct 2016
Reputation:
0
11-01-2016, 11:35 PM
(This post was last modified: 11-01-2016, 11:37 PM by bagusbal.)
(11-01-2016, 01:23 PM)PaulD Wrote: Hi,
What you are asking is very difficult to debug as the error could potentially lay in any number of places.
Doing a secure register, confirmation email, login script is (apart from actually taking online payments) possibly one of the most difficult things to achieve, so if you are experiencing issues, rest assured, we have all experienced them.
I recently used peopleperhour.com and was mightily impressed with how they had streamlined the entire registration and login process. Be aware that site like this are really raising the bar for what users expect in terms of a login and authentication procedure.
In a recent site I built (which I was quite pleased with) the user simply entered their email address and a password was emailed to them. The first time they logged in, they got a welcome screen with an immediate "set your own password" demand before being given access. I do not know a simpler way to do this (apart from peopleforhour whose link logged you in immediately and then you got an email about setting a password, which for them was most certainly the right way to do it).
Using MD5 for encryption is not recommended, especially for passwords etc.
There are some fabulous libraries available, such as ionauth, but that is not the only one, but using a library for these functions is highly recommended. They often take into account factors we easily overlook, and even if doing an auth system for yourself is great experience, it is unlikely we are ever going to be expert or knowledgeable enough about security considerations to ever produce anything that will equal what these libraries offer, especially given their age, history, development and best practices they implement. So whatever the learning curve is in choosing and then getting to know the library you select, it is probably best to spend the time getting to know them and to work within them, rather than crafting you own from scratch, even as tempting as that idea might at first appear.
Just my two penneth, I am sorry I cannot add anything to the problem you have outlined here.
Best wishes,
Paul.
Already remove the md5 right now. It's make me confused, code is fix when i remove the md5, damn it.
|