Login

HarrysR · 11-20-2018, 09:14 PM

Hello,
i have the following really serious problem with my register form. Here's the thing.
I use jquery to load the register url in a div.
Everything's ok so far.

The BIG problem is that when i click submit, the form is submited and the ajax function is executed even if the inputs are empty. More over the field is filled with the action attributed even if i have it empty in my code.

Here's the modal code (I pasted in pastebin cause its kinda big):
https://pastebin.com/AdEpyAci

Note: As you can see the attribute value is blank, but the form is still submitted.

Model:

Code:
public function register($enc_password){

    $user_name = convert_accented_characters($this->input->post('screenNameInput'));

    $user_name_slug = url_title($user_name);

    $data = array();

    $contact_data = array();

    $data['user_group_id'] = $this->input->post('userGroupInput');

    $data['screen_name'] = $this->input->post('screenNameInput');

    $data['email'] = $this->input->post('email');

    $data['password'] = $enc_password;

    $data['slug'] = $user_name_slug;

    $data['city_id'] = $this->input->post('cityInput');

    $data['register_status'] = 1;

    $data['unique_id'] = random_string('numeric', 6);

    if ( $this->input->post('userGroupInput') == 1 && $this->input->post('websiteInput') ) {

      $data['website'] = $this->input->post('websiteInput');

    }

    $user_created = $this->db->insert('users', $data);

    if ($user_created) {

      $user_id = $this->db->insert_id();

      $contact_data['primary_num'] = $this->input->post('phoneInput');

      $contact_data['info_group_name'] = $this->input->post('screenNameInput');

      $contact_data['city'] = $this->input->post('cityInput');

      $contact_data['to_user_id'] = $user_id;

      $registered = $this->db->insert('contact_info', $contact_data);

      if ($registered) {

        return true;

      } else {

        return false;

      }

    } else {

      return false;

    }

  }

Controller:

Code:
 public function create_user(){

    if (count($_POST) > 0 && !$this->input->post('name')) {

      $pass = $this->input->post('name');

      $email = trim($this->input->post('email'));

      $email_exist = $this->user_model->check_email_exist($email);

      if ($email_exist) {

        $result['status'] = 'failed';

        $result['message'] = '<div class="w-100 text-center bg-danger text-white py-1 mb-2">' . $this->lang->line('error_email_exist') . '</div>';

      } else {

        //Pass enc

        $enc_password = md5($this->input->post('passInput'));

        $register = $this->user_model->register($enc_password);

        if ($register) {

          $result['status'] = 'success';

        } else {

          $result['status'] = 'failed';

          $result['message'] = 'Please fulfil the empty inputs';

        }

      }

    } else {

      $result['status'] = 'failed';

      $result['message'] = '<div class="w-100 text-center bg-danger text-white py-1 mb-2">Something went wrong! Please check your form inputs.</div>';

    }

    echo json_encode($result);

  }

It just drives me crazy.. The thing is that even though the input data are required, if they're empty the user can still register and have an empty - not valid profile url and empty data submitted in the db..

Any ideas? Thank you!

//Life motto
if (sad() == true) {
sad().stop();
develop();
}

neuron · 11-20-2018, 11:30 PM

1. For form validation in front end you can use jquery validation library.
2. For user registering/login functions I suggest you to use Codeigniter Ion Auth Library. It has a lot of nice functionalities.
3. In CI backend form validation you should use CI form validation library. Ion Auth library uses it, you can extend your rules according to your needs

Wouter60 · 11-21-2018, 07:41 AM

I totally agree with neuron.
Checking whether count($_POST) > 0 is not very useful. Empty fields and even the submit button itself are begin posted.
CI's form validation will do the job for you.

HarrysR · 11-21-2018, 10:45 AM

Thank you guys! As i figured it out it was the boostrapValidator problem. I did something wrong there!
I'll try your suggested ways though!!
Thanks for your help!

//Life motto
if (sad() == true) {
sad().stop();
develop();
}

HarrysR · 11-21-2018, 02:54 PM

(11-20-2018, 11:30 PM)neuron Wrote: 1. For form validation in front end you can use jquery validation library.
2. For user registering/login functions I suggest you to use Codeigniter Ion Auth Library. It has a lot of nice functionalities.
3. In CI backend form validation you should use CI form validation library. Ion Auth library uses it, you can extend your rules according to your needs

As for the 2nd suggestion for using the Ion Auth Library.
Since i'm kinda new in CI..
If i have a project which is online and has some users registered in it.. Is it possible to embed it later in the project? Without affecting the users experience and accounts?

I hope you understand what i mean.

//Life motto
if (sad() == true) {
sad().stop();
develop();
}

neuron · 11-22-2018, 12:52 AM

When I was new in CI, I implemented my own code to handle user registration and login.
And after sometime more requirements for user actions occured.
Then I coded some more to meet this requirement. But since I was beginner I made many mistakes and tried to fix it.

This library
failed login attemts,
user activation by email, enable/disable user,
more than one user groups (admin, user),
brypt password hashing (I used md5 in my own implementation but later it is not secure enough anymore)
remember me, and resetted when user changes password
and more functionalities that I can't remember now.

I mean you should use this library. If you are beginner you own implementation won't be as good as this library.
You can integrate it later but I suggest you not to wait too long

HarrysR · 11-22-2018, 07:04 AM

(11-22-2018, 12:52 AM)neuron Wrote: When I was new in CI, I implemented my own code to handle user registration and login.
And after sometime more requirements for user actions occured.
Then I coded some more to meet this requirement. But since I was beginner I made many mistakes and tried to fix it.

This library
failed login attemts,
user activation by email, enable/disable user,
more than one user groups (admin, user),
brypt password hashing (I used md5 in my own implementation but later it is not secure enough anymore)
remember me, and resetted when user changes password
and more functionalities that I can't remember now.

I mean you should use this library. If you are beginner you own implementation won't be as good as this library.
You can integrate it later but I suggest you not to wait too long

I totally agree. My only concern is the users' passwords. I've had many people telling me to hash the passwords insteam of md5 and after some time I managed to hash them, but in order to implement the Ion Auth library in my project i want first to understand the code structure etc. since i use Ajax calls, modals for register, login etc.. so..

That's why i ask if it's possible to integrate it later.

//Life motto
if (sad() == true) {
sad().stop();
develop();
}

neuron · 11-22-2018, 11:47 PM

You can update it as you wish, I edited it also to use for ajax requests