I can hash the password during user registration,but comparing them from the user input during login with the one in the database isn't working.getting errors.
This is the insert for registration.Kindly show me where i'm going wrong
public function insert_client($codeDigits)
{
$options = ['cost'=>12];
$response = $this->taken_email($_POST['Email']);
if($response){
$returned = false;
}else{
$this->FirstName = $_POST['FirstName'];
$this->LastName = $_POST['LastName'];
$this->Email = $_POST['Email'];
$this->Role_Id = 2;
$this->Password = password_hash($_POST['Password'],PASSWORD_BCRYPT,$options);
$this->PhoneNo = $_POST['PhoneNo'];
$this->confirmCode = $codeDigits;
$this->db->insert('users', $this);
$returned = true;
}
return $returned;
}
This is the login model,the query for login
public function login_model2($email,$password)
{
$options = ['cost'=>12];
$this->db->select('*');
$this->db->from('users');
$this->db->where('Email',$email);
//$this->db->where('Password',$password);
$this->db->where('Role_Id !=',1);
$query = $this->db->get();
if($query->num_rows() > 0)
{
$data = $query->row();
// storing the results in the variable $data
if(password_verify($password,$data->password))
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
This is the login controller function when logging in
public function post_login2()
{
$this->form_validation->set_rules('Email', 'Email', 'trim|required|min_length[6]');
$this->form_validation->set_rules('Password', 'Password', 'trim|required|min_length[6]');
if($this->form_validation->run() == TRUE ){
if($this->Users_model->login_model2($_POST['Email'],$_POST['Password']))
{
//test for redirect
if ($_SESSION['role'] == 2) {
redirect("Client/welcome");
} else if ($_SESSION['role'] == 3) {
redirect("Pro/welcome");
}
// test for redirect
}else{
//
$this->session->set_flashdata('err', true);
redirect("Welcome/login");
}
}else{
$this->login();
}
}
Simply change $data->password to $data->Password
In model login_model2(), password_verify should be like this :
if(password_verify($password,$data->Password))
{
return true;
}
else
{
return false;
}
Related
The session is not set in the this case. It works earlier for me in an other project but now I am facing problem
This is my controller:
class Login extends CI_Controller {
public $username;
public $status;
public $user_id;
public $type = 0;
function index() {
$this->load->library('session');
$this->load->helper('url');
$this->load->helper(array('form', 'url'));
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
$this->form_validation->set_rules('username', 'Username', 'required|callback_check_details');
$this->load->library('form_validation');
if ($this->session->userdata('loggedin') == 1) {//already done
redirect('/Exams');
} else if ($this->form_validation->run() == FALSE) {
$this->load->view('Login_form');
} else {
if (isset($_REQUEST['redirect']) && $_REQUEST['redirect'] != "") {//anyone wants to get back
redirect($_REQUEST['redirect']);
} else {
redirect('/Exams'); //otherwise
}
}
}
function check_details() {
$username = $this->db->escape($this->input->post('username'));
$this->username = $username;
$password = $this->input->post('password');
$query = $this->db->query("select * from users where username=$username or email=$username");
if ($query->num_rows() > 0) {
$row = $query->row();
if ($row->active == 0 || $row->active == 2) {
$this->form_validation->set_message('check_details', 'Your account has not activated yet. Please Check your email');
return FALSE;
}
if ($this->bcrypt->check_password($password, $row->password)) {
$this->user_id = $row->user_id;
$this->type = $row->type;
$this->status = 1;
$this->session->set_userdata('loggedin', 1);
$this->session->set_userdata('username', $this->username);
$this->session->set_userdata('user_id', $this->user_id);
$this->session->set_userdata('type', $this->type);
$this->session->set_userdata('full_name', $row->full_name);
$this->session->set_userdata('roll_number', $row->roll_number);
$this->session->set_userdata('phone_number', $row->phone_number);
$this->session->set_userdata('profile_picture', $row->profile_picture);
$this->session->set_userdata('level', $this->permissions->get_level());
$this->logger->insert('Logged in.', TRUE, TRUE);
return TRUE;
}
}
$this->form_validation->set_message('check_details', 'The username or password is incorrect ');
return FALSE;
}
}
When I check session in check_detail function it always print session is set
if($this->session->userdata('loggedin')!=true){
echo "session is not set";
} else {
echo "session is set";
}
but when I check in index it always print session is not set
and I also tried to set session in index function but still facing same problem
You should include session library in autoload.php or session library in check_details function also. try this code
<?php
class Login extends CI_Controller {
public $username;
public $status;
public $user_id;
public $type = 0;
function index() {
$this->load->library('session');
$this->load->helper('url');
$this->load->helper(array('form', 'url'));
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
$this->form_validation->set_rules('username', 'Username', 'required|callback_check_details');
$this->load->library('form_validation');
if ($this->session->userdata('loggedin') == 1) {//already done
redirect('/Exams');
} else if ($this->form_validation->run() == FALSE) {
$this->load->view('Login_form');
} else {
if (isset($_REQUEST['redirect']) && $_REQUEST['redirect'] != "") {//anyone wants to get back
redirect($_REQUEST['redirect']);
} else {
redirect('/Exams'); //otherwise
}
}
}
function check_details() {
$this->load->library('session');
$username = $this->db->escape($this->input->post('username'));
$this->username = $username;
$password = $this->input->post('password');
$query = $this->db->query("select * from users where username=$username or email=$username");
if ($query->num_rows() > 0) {
$row = $query->row();
if ($row->active == 0 || $row->active == 2) {
$this->form_validation->set_message('check_details', 'Your account has not activated yet. Please Check your email');
return FALSE;
}
if ($this->bcrypt->check_password($password, $row->password)) {
$this->user_id = $row->user_id;
$this->type = $row->type;
$this->status = 1;
$this->session->set_userdata('loggedin', 1);
$this->session->set_userdata('username', $this->username);
$this->session->set_userdata('user_id', $this->user_id);
$this->session->set_userdata('type', $this->type);
$this->session->set_userdata('full_name', $row->full_name);
$this->session->set_userdata('roll_number', $row->roll_number);
$this->session->set_userdata('phone_number', $row->phone_number);
$this->session->set_userdata('profile_picture', $row->profile_picture);
$this->session->set_userdata('level', $this->permissions->get_level());
$this->logger->insert('Logged in.', TRUE, TRUE);
return TRUE;
}
}
$this->form_validation->set_message('check_details', 'The username or password is incorrect ');
return FALSE;
}
}
I want to make a simple login and redirect each user to their private page, so each user will have their own page. Like www.example.com/user1.
This is for my new Application that I'm developing in this job.
public function login(request $req){
$username = $req->input('username');
$password = $req->input('password');
$type = 1;
$checklogin = DB::table('users')->where(['username'=>$username,'password'=>$password])->get();
$checktype = DB::table('users')->where(['username'=>$username,'password'=>$password,'type'=>$type])->get();
$url2 = DB::table('users')->where(['username'=>$username,'password'=>$password])->get('id');
if(count($checklogin) >0){
if (count($checktype) ==1) {
header("Location: /admin/$url2", true, 301);
exit();
}else{
if ($url2 == 4) {
echo "$url2";
}
}
}else{
return view('loginfailed');
}
}
}
The url that is redirecting is: "http://localhost:8000/admin/[%7B%22id%22:2%7D]"
You can fetch id as,
// fetching 1 record and then id of it
$url2 = DB::table('users')->where(['username'=>$username,'password'=>$password])->first()->id;
public function login(request $req){
$username = $req->input('username');
$password = $req->input('password');
$checklogin = DB::table('users')->select('type')->where(['username'=>$username,'password'=>$password])->get()->first();
if(count($checklogin){
if ($checklogin->type ==1) {
header("Location: /admin/$url2", true, 301);
exit();
}elseif ($checklogin->type == 4) {
//do something else
}
}else{
return view('loginfailed');
}
}
}
I have created a change password portal, it keep echo "Old Password Not Match!",but i sure my old password is same with the DB's password, is there any wrong in my controller or model? Hope somebody can help,Thanks!
Below is my controller:
public function chgpass()
{
$this->load->helper('security');
$this->form_validation->set_rules('cpassword','Current Password','required|max_length[150]|min_length[6]');
$this->form_validation->set_rules('npassword','New Password','required|max_length[150]|min_length[6]');
$this->form_validation->set_rules('copassword','Confirm Password','required|max_length[150]|min_length[6]|matches[npassword]');
if($this->form_validation->run() == false){
$this->load->view('chgpass');
}else{
//update data
$data = array(
'password' => md5($this->input->post('npassword'))
);
//check old password
$result = $this->Form_model->Check_Old_Password($this->session->userdata('USER_ID'),md5($this->input->post('cpassword')));
if($result > 0 AND $result === true){
//update user data
$result = $this->Form_model->Update_User_Data($this->session->userdata('USER_ID'),$data);
if($result > 0){
echo "Password Changed!";
//$this->session->set_flashdata('success','Password Changed!');
//redirect(base_url() . 'main/login');
}else{
echo "Password Not Changed!";
//$this->session->set_flashdata('error','Password Not Changed!');
//redirect(base_url() . 'main/chgpass');
}
}else{
echo "Old Password Not Match!";
//$this->session->set_flashdata('error','Password Not Changed!');
//redirect(base_url() . 'main/chgpass');
}
}
}
Below is my model:
public function Update_User_Data($user_id,$data){
$this->db->set($data);
$this->db->where('id',$user_id);
$this->db->update('users');
if($this->db->affected_rows() > 0)
return true;
else
return false;
}
public function Check_Old_Password($user_id,$cpassword){
$this->db->where('id',$user_id);
$this->db->where('password',$cpassword);
$query = $this->db->get('users');
if($query->num_rows() > 0)
return true;
else
return false;
}
I got the solution,just change the USER_ID and $user_id into username and $username
model:
public function Update_User_Data($username,$data){
$this->db->set($data);
$this->db->where('username',$username);
$this->db->update('users');
if($this->db->affected_rows() > 0)
return true;
else
return false;
}
public function Check_Old_Password($username,$cpassword){
$this->db->where('username',$username);
$this->db->where('password',$cpassword);
$query = $this->db->get('users');
if($query->num_rows() > 0)
return true;
else
return false;
}
controller:
$result = $this->Form_model->Check_Old_Password($this->session->userdata('username'),md5($this->input->post('cpassword')));
if($result > 0 AND $result === true){
//update user data
$result = $this->Form_model->Update_User_Data($this->session->userdata('username'),$data);
I have 2 user and I want to make 2 pages. if user A logs in, I will show page A and if user B logs in, I will show page B.
How to make controller for that?
my controller
public function cekLogin()
{
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'trim|required');
$this->form_validation->set_rules('password', 'Password', 'trim|required|callback_cekDb');
if ($this->form_validation->run() == FALSE) {
$this->load->view('login/login');
} else {
if($username=='admin'){
redirect('Home','refresh');
} else {
redirect('HomeMavens','refresh');
}
}
}
my model:
public function login($username, $password)
{
$this->db->select('id_user, username, password');
$this->db->from('user');
$this->db->where('username', $username);
$this->db->where('password', MD5($password));
$query = $this->db->get();
if($query->num_rows()==1){
return $query->result();
}else {
return false;
}
}
it is easy with if and else. like this.
if($query->num_rows() > 0){
if($query->row()->name == 'a'){
$this->load->view('page_A');
}
elseif($query->row()->name == 'b'){
$this->load->view('page_B');
}
else{
$this->load->view('login');
}
}else {
return false;
}
My Controller
public function getlogin(){
$this->form_validation->set_rules('email_address', 'Email', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_validatelogin');
if($this->form_validation->run() == FALSE){
$message = "Invalid Login Details";
$this->session->set_flashdata('message', $message);
redirect(base_url());
}else{
$data = $this->usermodel->myaccountdetails();
if($data['type'] == '0'){
$this->load->view('pageA');
}else{
$this->load->view('pageB');
}
}
}
public function validatelogin(){
$credentials = array(
"email_address"=>$this->input->post('email_address'),
"password"=>md5($this->input->post('password'))
);
return $this->loginmodel->getlogin($credentials);
}
Login Model
public function getlogin($credentials){
$this->db->select('*');
$this->db->from("tbl_login");
$this->db->where('email_address = ' . "'" . $credentials['email_address']. "'");
$this->db->where('password = ' . "'" . $credentials['password'] . "'");
$this->db->limit(1);
$query = $this->db->get();
if($query->num_rows() == 1){
$row = $query->row_array();
$this->session->set_userdata('admin', $row['id']);
return true;
}else{
return false;
}
}
User Model
function myaccountdetails()
{
$uid = $this->session->userdata('admin');
$sql = $this->db->query("select * from tbl_login where id = '".$uid."' ");
return $sql->row_array();
}
I am using phpass for my login in codeigniter. But can not log on, there are know errors showing up I am not sure what the go is. Username and password correct. I have the library user in my system folder because I use multiple ci installs. I am just unsure why not letting me login. Even though username and password correct
Currently know errors are showing.
Library File
public function __construct() {
$this->CI =& get_instance();
$this->CI->load->database();
// Libraries
$this->CI->load->library('session');
$this->CI->load->library('security/rwdsecurity');
// Models
$file = dirname(FCPATH) . '/admin/application/modules/backend/models/user/user_model.php';
$file = dirname(FCPATH) . '/install/application/modules/setup/models/install_model.php';
if(file_exists($file)) {
return true;
} else {
echo "Can't find file located in: " . $file;
}
}
public function login($username, $password) {
$username = $this->CI->db->where('username', $this->CI->input->post('username'));
$password = $this->CI->db->where('password', $this->CI->input->post('password'));
$user_query = $this->CI->db->get('user');
if($user_query->num_rows() == 1) {
$data = array(
'username' => $this->CI->input->post('username'),
'isLogged' => true
);
$this->CI->sessions->set_userdata('user', $data);
$this->CI->rwdsecurity->check_password($password, $stored_hash);
return true;
} else {
return false;
}
}
Controller
public function index() {
if($this->session->userdata('isLogged') == false) {
$this->login();
} else {
redirect('dashboard');
}
}
function login_credentials() {
$this->form_validation->set_rules('username', 'Username', 'required|trim|min_length[3]|max_length[12]|xss_clean|callback_validate');
$this->form_validation->set_rules('password', 'Password', 'required|trim');
if ($this->form_validation->run($this) == false) {
$data['action'] = site_url('login/login_credentials');
$this->load->view('template/common/login', $data);
} else {
$is_valid = $this->user->login($username, $password);
if($is_valid) {
$data = array(
'username' => $username,
'isLogged' => true
);
$this->session->set_userdata($data);
}
redirect('dashboard');
}
}
function validate($username, $password) {
if($this->user->login($username, $password)) {
return true;
} else {
$this->form_validation->set_message('validate', "Incorrect Username Or Password");
return false;
}
}