i have a problem that i can edit all profiles as user. but i want, that i only can edit my profile. Maybe you can help me. The code is working if i want to edit my profile like
domain/member/users/manage/1
but i can edit /member/users/manage/2 too and thats the problem.
Controller Users.php
public function manage($id = NULL) {
if($this->session->userdata('type') == 'user') {
$data = array();
if ($id) {
$this->{$this->model}->{$this->_primary_key} = $id;
$data['item'] = $this->{$this->model}->get();
if (!$data['item'])
show_404();
} else {
$data['item'] = new Std();
}
$this->load->library("form_validation");
$this->form_validation->set_rules('username', 'Username', 'trim|required');
$this->{$this->model}->custom_select = 'users.*, teams.title as teams';
$this->{$this->model}->joins = array( 'teams' => array('teams.teams_id = users.teams_id', 'inner'));
$this->form_validation->set_rules('firstname', 'firstname', 'trim|required');
$this->form_validation->set_rules('lastname', 'lastname', 'trim');
$this->form_validation->set_rules('sex', 'sex', 'trim');
$this->form_validation->set_rules("image3", 'image3', "trim|callback_image3[$id]");
$this->form_validation->set_rules("email", 'Email', "trim|required|valid_email");
if ($id)
$this->form_validation->set_rules('password', 'Password', 'trim');
else
$this->form_validation->set_rules('password', 'Password', 'trim');
if ($this->form_validation->run() == FALSE)
$this->load->view($this->module . '/manage', $data);
else {
$this->users_model->username = $this->input->post('username');
$this->users_model->email = $this->input->post('email');
$this->users_model->firstname = $this->input->post('firstname');
$this->users_model->lastname = $this->input->post('lastname');
$this->users_model->sex = $this->input->post('sex');
if (strlen($this->input->post('password')) > 0)
$this->{$this->model}->password = md5($this->input->post('password'));
$this->{$this->model}->save();
redirect('member/' . $this->module);
}
}else{
exit('Hacking Attempt: Get out of the system ..!');
}
}
Users_model.php
<?php
class Users_model extends CI_model
{
public $_table = 'users';
public $_primary_keys = array('user_id');
}
First One you Must pass The user_id in session
Then Need domain/member/users/manage/1
You redirect to ur profile ...
If Users controller having function manage
class Users extends CI_Controller
{
public function manage($userid)
{
#checking the with session value
if(($this->session->userdata('user_id')!=$userid)):
#if not satisfied means redirect another page
redirect("Another page");
endif;
}
}
Related
I am having problems with my college assignments. I'm learning to make a update function trough codeigniter, then I got an error :
Missing argument 1 for Account::update()
When I press "Submit" button.
Controller :
class Account extends CI_Controller {
public function __construct() {
parent::__construct();
$this->load->model('cpanel/account/account_model');
}
public function update($nim) {
$this->form_validation->set_rules('nim', 'nim', 'required');
$this->form_validation->set_rules('nama', 'nama', 'required');
$this->form_validation->set_rules('sandi', 'sandi', 'required');
$this->form_validation->set_rules('email', 'email', 'required');
$this->form_validation->set_rules('telp', 'telp', 'required');
if ($this->form_validation->run() === FALSE) {
$data['akun'] = $this->account_model->detail();
$data['detail'] = $this->account_model->detail($nim);
$data = array('title'=> 'Mengubah Data Akun : '.$data['detail']['ortu_nama'], 'akun'=> $this->account_model->detail(), 'detail'=> $this->account_model->detail($nim), 'isi'=>'cpanel/account/account_edit_view');
$this->load->view('cpanel/layout/wrapper',$data);
} else {
$data = array(
'ortu_nim_mhs' => $this->input->post('nim'),
'ortu_nama' => $this->input->post('nama'),
'ortu_email' => $this->input->post('email'),
'ortu_telp' => $this->input->post('telp')
);
$this->account_model->update($data);
$konten = array('title'=>'Perubahan Data Sukses', 'isi'=>'cpanel/account/success_view');
$this->load->view('cpanel/layout/wrapper', $konten);
}
}}
Model :
class Account_model extends CI_Model {
public function __construct() {
$this->load->database();
}
public function update($data) {
$this->db->where('ortu_nim_mhs', $data['ortu_nim_mhs']);
return $this->db->update('user_ortu', $data);
}
public function detail($nim = FALSE) {
if ($nim === FALSE) {
$query = $this->db->get('user_ortu');
return $query->result_array();
}
$query = $this->db->get_where('user_ortu', array('ortu_nim_mhs'=>$nim));
return $query->row_array();
}}
Try $data = array(); in model function
public function update($data = array()) {
$this->db->where('ortu_nim_mhs', $data['ortu_nim_mhs']);
return $this->db->update('user_ortu', $data);
}
In your above code if you are submitting form with POST method than function argument is not required. Please check below.
public function update() {
// Your code
}
But in case if you submitting form with get method than you need to set data for validation first, like given below.
public function update() {
$this->form_validation->set_data($this->input->get());
$this->form_validation->set_rules('nim', 'nim', 'required');
$this->form_validation->set_rules('nama', 'nama', 'required');
$this->form_validation->set_rules('sandi', 'sandi', 'required');
$this->form_validation->set_rules('email', 'email', 'required');
$this->form_validation->set_rules('telp', 'telp', 'required');
// Your other code
}
This will help you. Let me know if it not works.
Model:
Class User extends CI_Controller
{
function login($username, $password)
{
$this->db->select('id', 'username', 'password', 'access');
$this->db->from('users');
$this->db->where('username', $username);
$this->db->where('password', MD5($password));
$this->db->limit(1);
$query = $this->db->get();
if($query->num_rows() == 1)
{
return $query->result();
}
else
{
return false;
}
}
}
Controller:
class VerifyLogin extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->library('form_validation');
$this->load->model('user','',TRUE);
}
function index()
{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
if($this->form_validation->run() == FALSE)
{
//Field validation failed. User redirected to login page
$this->load->view('login_view');
}
else
{
//Go to private area
redirect('home', 'refresh');
}
}
function check_database($password)
{
//Field validation succeeded. Validate against database
$username = $this->input->post('username');
//query the database
$result = $this->user->login($username, $password);
if($result)
{
$sess_array = array();
foreach($result as $row)
{
$sess_array = array(
'id' => $row->id,
'username' => #$row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
}
else
{
$this->form_validation->set_message('check_database', 'Invalid username or password');
return false;
}
}
}
How to deal with access? In the database is int number, you need to make a selection from the base, to get the numbers from the table and access to work with him. How to implement it?
i made a controller name of user.php i test complete project on local host it works fine but when i upload online on website it shows error , i submit the form then form load controller called user.php and error on the first line its called parse error i check but still the same will you please suggest.
<?php
class User extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->helper('form');
$this->load->helper('url');
}
public function create_user()
{
// field name, error message, validation rules
$this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email');
$this->form_validation->set_rules('city', 'City', 'trim|required');
if($this->form_validation->run() == FALSE)
{
$this->load->view('ar_signup');
}
else
{
$this->load->model('Users_model');
if($this->input->post("language")=="ar")
{
$this->load->view('ar_thanks');
}
else
{
$this->load->view('en_thanks');
}
if($query = $this->Users_model->create_member())
{
$this->load->view('ar_thanks');
}
}
}
}
Please format your code and use IDE. And you will not have these errors. Your formatted code:
<?php
class User extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->helper('form');
$this->load->helper('url');
}
public function create_user()
{
// field name, error message, validation rules
$this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email');
$this->form_validation->set_rules('city', 'City', 'trim|required');
if($this->form_validation->run() == FALSE) {
$this->load->view('ar_signup');
} else {
$this->load->model('Users_model');
if($this->input->post("language")=="ar") {
$this->load->view('ar_thanks');
} else {
$this->load->view('en_thanks');
}
if($query = $this->Users_model->create_member()) {
$this->load->view('ar_thanks');
}
}
}
}
In the below codeigniter code i have placed controller and model i can login by entering username and password.Now i have to implement is to change password.Pls anyone help me to solve the issue.
Controller:
<?php
class Login extends CI_Controller {
function index()
{
$data['main_content'] = 'login_form';
$this->load->view('includes/template', $data);
}
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else // incorrect username or password
{
$this->index();
}
}
function signup()
{
$data['main_content'] = 'signup_form';
$this->load->view('includes/template', $data);
}
function create_member()
{
$this->load->library('form_validation');
// field name, error message, validation rules
$this->form_validation->set_rules('first_name', 'Name', 'trim|required');
$this->form_validation->set_rules('last_name', 'Last Name', 'trim|required');
$this->form_validation->set_rules('email_address', 'Email Address', 'trim|required|valid_email');
$this->form_validation->set_rules('username', 'Username', 'trim|required|min_length[4]');
$this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[4]|max_length[32]');
$this->form_validation->set_rules('password2', 'Password Confirmation', 'trim|required|matches[password]');
$this->load->helper('date');
if($this->form_validation->run() == FALSE)
{
$this->load->view('signup_form');
}
else
{
$this->load->model('membership_model');
if($query = $this->membership_model->create_member())
{
$data['main_content'] = 'signup_successful';
$this->load->view('includes/template', $data);
}
else
{
$this->load->view('signup_form');
}
}
}
function logout()
{
$this->session->sess_destroy();
$this->index();
}
}
?>
model:
<?php
class Membership_model extends CI_Model {
function validate()
{
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', md5($this->input->post('password')));
$query = $this->db->get('membership');
if($query->num_rows == 1)
{
return true;
}
}
function create_member()
{
$new_member_insert_data = array(
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'email_address' => $this->input->post('email_address'),
'username' => $this->input->post('username'),
'date' => date('Y-m-d H:i:s', now()),
'password' => md5($this->input->post('password'))
);
$insert = $this->db->insert('membership', $new_member_insert_data);
if ($this->db->_error_number() == 1062)
{
echo"<script>alert('This value already exists');</script>";
}
if ($this->db->_error_number() == "")
{
$this->session->set_flashdata('create', 'create');
}
return $insert;
}
function curdate() {
// gets current timestamp
date_default_timezone_set('Asia/Manila'); // What timezone you want to be the default value for your current date.
return date('Y-m-d H:i:s');
}
}
You can follow these simple steps:
Create a view with the change password form (i.e. email, current password and new password)
Create in your controller a function that retrieve the data from the form and check if exists user with that email and that password
Create a function in your model to make the update with $this->db->update()
From your controller run the model function
I have placed 2 controller login and site1.When i login and enter to members area to view pages and if i copy that url and placed in another tab.it opens.But my aim is to display u have no permission to access the page.
Controller:login
<?php
class Login extends CI_Controller {
function index()
{
$data['main_content'] = 'login_form';
$this->load->view('includes/template', $data);
}
function inactive()
{
echo"<script>alert('In active user Please contact the administrator');</script>";
$this->load->view('login_form');
}
function invalid()
{
echo"<script>alert('Invalid username or password');</script>";
$this->load->view('login_form');
}
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
if($query->num_rows()>0){
$status = $query->row()->account_status;}
else {
$status = ''; }
//Account active
if($status == 'active')
{
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else if ($status == 'inactive')//Account In active
{ $this->inactive();
}
else // incorrect username or password
{
$this->invalid();
}
}
}
function signup()
{
$data['main_content'] = 'signup_form';
$this->load->view('includes/template', $data);
}
function create_member()
{
$this->load->library('form_validation');
// field name, error message, validation rules
$this->form_validation->set_rules('first_name', 'Name', 'trim|required');
$this->form_validation->set_rules('last_name', 'Last Name', 'trim|required');
$this->form_validation->set_rules('college_name', 'college_name', 'trim|required');
$this->form_validation->set_rules('email_address', 'Email Address', 'trim|required|valid_email');
$this->form_validation->set_rules('username', 'Username', 'trim|required|min_length[4]');
$this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[4]|max_length[32]');
$this->form_validation->set_rules('password2', 'Password Confirmation', 'trim|required|matches[password]');
$this->load->helper('date');
if($this->form_validation->run() == FALSE)
{
$this->load->view('signup_form');
}
else
{
$this->load->model('membership_model');
if($query = $this->membership_model->create_member())
{
$data['main_content'] = 'signup_successful';
$this->load->view('includes/template', $data);
}
else
{
$this->load->view('signup_form');
}
}
}
function logout()
{
$this->session->sess_destroy();
$this->index();
}
site1:
<?php
class Site1 extends CI_Controller
{
function members_area()
{
$this->load->view('index');
}
function another_page() // just for sample
{
echo 'good. you\'re logged in.';
}
function is_logged_in()
{
$is_logged_in = $this->session->userdata('is_logged_in');
if(!isset($is_logged_in) || $is_logged_in != true)
{
echo 'You don\'t have permission to access this page. Login';
die();
//$this->load->view('login_form');
}
}
}
}
Sessions in PHP are carried over between tabs. The server doesn't really know how to seperate between two tabs. Read the PHP docs on sessions for more information http://us2.php.net/manual/en/intro.session.php