I don't know if this is a problem with Codeigniter or not but password_verify works on my other website (which doesn't have any frameworks). However in Codeigniter password_verify always returns false, despite the password being correct. I have yet to find a solution, here is my code:
public function login()
{
$this->form_validation->set_rules('username','Username','required|trim|max_length[50]|alpha_numeric');
$this->form_validation->set_rules('password','Password','required|trim');
if($this->form_validation->run() == false)
{
$data['errors'] = validation_errors();
$this->load->view('templates/header');
$this->load->view('user/login',$data);
} else {
$username = $this->input->post('username',true);
$password = $this->input->post('password');
$query = $this->db
->select("*")
->from("users")
->where("username", $username)
->get();
if($query->num_rows() != 1) throw new UnexpectedValueException("Wrong user!");
$row = $query->row();
if(!password_verify($password,$row->password)) throw new UnexpectedValueException('22' . $row->password);
}
public function register()
{
//fields username,email,password1,password2
// $this->load->view('templates/header');
// $this->load->view('user/register');
$this->form_validation->set_rules('username','Username','required|max_length[50]|is_unique[users.username]|trim|alpha_numeric');
$this->form_validation->set_rules('email','Email', 'trim|required|valid_email|is_unique[users.email]');
$this->form_validation->set_rules('password1', 'Password', 'required|trim');
$this->form_validation->set_rules('password2','Confirm password','required|matches[password1]');
if($this->form_validation->run() == false)
{
$data['errors'] = validation_errors();
$this->load->view('templates/header');
$this->load->view('user/register',$data);
} else {
$username = $this->input->post('username',true);
$email = $this->input->post('email',true);
$password = $this->input->post('password');
if($this->user_model->create_user($username,$email,$password))
{
echo $password;
}
}
}
and whenever I enter the correct password the unexpected value exception is thrown:
Related
The session is not set in the this case. It works earlier for me in an other project but now I am facing problem
This is my controller:
class Login extends CI_Controller {
public $username;
public $status;
public $user_id;
public $type = 0;
function index() {
$this->load->library('session');
$this->load->helper('url');
$this->load->helper(array('form', 'url'));
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
$this->form_validation->set_rules('username', 'Username', 'required|callback_check_details');
$this->load->library('form_validation');
if ($this->session->userdata('loggedin') == 1) {//already done
redirect('/Exams');
} else if ($this->form_validation->run() == FALSE) {
$this->load->view('Login_form');
} else {
if (isset($_REQUEST['redirect']) && $_REQUEST['redirect'] != "") {//anyone wants to get back
redirect($_REQUEST['redirect']);
} else {
redirect('/Exams'); //otherwise
}
}
}
function check_details() {
$username = $this->db->escape($this->input->post('username'));
$this->username = $username;
$password = $this->input->post('password');
$query = $this->db->query("select * from users where username=$username or email=$username");
if ($query->num_rows() > 0) {
$row = $query->row();
if ($row->active == 0 || $row->active == 2) {
$this->form_validation->set_message('check_details', 'Your account has not activated yet. Please Check your email');
return FALSE;
}
if ($this->bcrypt->check_password($password, $row->password)) {
$this->user_id = $row->user_id;
$this->type = $row->type;
$this->status = 1;
$this->session->set_userdata('loggedin', 1);
$this->session->set_userdata('username', $this->username);
$this->session->set_userdata('user_id', $this->user_id);
$this->session->set_userdata('type', $this->type);
$this->session->set_userdata('full_name', $row->full_name);
$this->session->set_userdata('roll_number', $row->roll_number);
$this->session->set_userdata('phone_number', $row->phone_number);
$this->session->set_userdata('profile_picture', $row->profile_picture);
$this->session->set_userdata('level', $this->permissions->get_level());
$this->logger->insert('Logged in.', TRUE, TRUE);
return TRUE;
}
}
$this->form_validation->set_message('check_details', 'The username or password is incorrect ');
return FALSE;
}
}
When I check session in check_detail function it always print session is set
if($this->session->userdata('loggedin')!=true){
echo "session is not set";
} else {
echo "session is set";
}
but when I check in index it always print session is not set
and I also tried to set session in index function but still facing same problem
You should include session library in autoload.php or session library in check_details function also. try this code
<?php
class Login extends CI_Controller {
public $username;
public $status;
public $user_id;
public $type = 0;
function index() {
$this->load->library('session');
$this->load->helper('url');
$this->load->helper(array('form', 'url'));
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
$this->form_validation->set_rules('username', 'Username', 'required|callback_check_details');
$this->load->library('form_validation');
if ($this->session->userdata('loggedin') == 1) {//already done
redirect('/Exams');
} else if ($this->form_validation->run() == FALSE) {
$this->load->view('Login_form');
} else {
if (isset($_REQUEST['redirect']) && $_REQUEST['redirect'] != "") {//anyone wants to get back
redirect($_REQUEST['redirect']);
} else {
redirect('/Exams'); //otherwise
}
}
}
function check_details() {
$this->load->library('session');
$username = $this->db->escape($this->input->post('username'));
$this->username = $username;
$password = $this->input->post('password');
$query = $this->db->query("select * from users where username=$username or email=$username");
if ($query->num_rows() > 0) {
$row = $query->row();
if ($row->active == 0 || $row->active == 2) {
$this->form_validation->set_message('check_details', 'Your account has not activated yet. Please Check your email');
return FALSE;
}
if ($this->bcrypt->check_password($password, $row->password)) {
$this->user_id = $row->user_id;
$this->type = $row->type;
$this->status = 1;
$this->session->set_userdata('loggedin', 1);
$this->session->set_userdata('username', $this->username);
$this->session->set_userdata('user_id', $this->user_id);
$this->session->set_userdata('type', $this->type);
$this->session->set_userdata('full_name', $row->full_name);
$this->session->set_userdata('roll_number', $row->roll_number);
$this->session->set_userdata('phone_number', $row->phone_number);
$this->session->set_userdata('profile_picture', $row->profile_picture);
$this->session->set_userdata('level', $this->permissions->get_level());
$this->logger->insert('Logged in.', TRUE, TRUE);
return TRUE;
}
}
$this->form_validation->set_message('check_details', 'The username or password is incorrect ');
return FALSE;
}
}
I can hash the password during user registration,but comparing them from the user input during login with the one in the database isn't working.getting errors.
This is the insert for registration.Kindly show me where i'm going wrong
public function insert_client($codeDigits)
{
$options = ['cost'=>12];
$response = $this->taken_email($_POST['Email']);
if($response){
$returned = false;
}else{
$this->FirstName = $_POST['FirstName'];
$this->LastName = $_POST['LastName'];
$this->Email = $_POST['Email'];
$this->Role_Id = 2;
$this->Password = password_hash($_POST['Password'],PASSWORD_BCRYPT,$options);
$this->PhoneNo = $_POST['PhoneNo'];
$this->confirmCode = $codeDigits;
$this->db->insert('users', $this);
$returned = true;
}
return $returned;
}
This is the login model,the query for login
public function login_model2($email,$password)
{
$options = ['cost'=>12];
$this->db->select('*');
$this->db->from('users');
$this->db->where('Email',$email);
//$this->db->where('Password',$password);
$this->db->where('Role_Id !=',1);
$query = $this->db->get();
if($query->num_rows() > 0)
{
$data = $query->row();
// storing the results in the variable $data
if(password_verify($password,$data->password))
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
This is the login controller function when logging in
public function post_login2()
{
$this->form_validation->set_rules('Email', 'Email', 'trim|required|min_length[6]');
$this->form_validation->set_rules('Password', 'Password', 'trim|required|min_length[6]');
if($this->form_validation->run() == TRUE ){
if($this->Users_model->login_model2($_POST['Email'],$_POST['Password']))
{
//test for redirect
if ($_SESSION['role'] == 2) {
redirect("Client/welcome");
} else if ($_SESSION['role'] == 3) {
redirect("Pro/welcome");
}
// test for redirect
}else{
//
$this->session->set_flashdata('err', true);
redirect("Welcome/login");
}
}else{
$this->login();
}
}
Simply change $data->password to $data->Password
In model login_model2(), password_verify should be like this :
if(password_verify($password,$data->Password))
{
return true;
}
else
{
return false;
}
I am new to codeigniter, I am trying to login after registration... I enter correct user name and password, but error is "No such account exists in database" which set message in else part if its false.
For checking I used echo num_rows() it's showing 0 (which is wrong), total 5 records are there but echo num_fields is showing 8 fields (which is correct).
controller login code:
public function login() {
$this->form_validation->set_rules('username', 'User Name', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() === FALSE) {
$this->load->view('login');
} else {
//get user name
$username = $this->input->post('username');
//get encrypt password
$password = md5($this->input->post('password'));
//login user
$user_id = $this->auth_model->login($username, $password);
if ($user_id) {
//create session
$user_data = array(
'user_id' => $user_id,
'username' => $username,
'logged_in' => true
);
$this->session->set_userdata($user_data);
//set message
$this->session->set_flashdata("success", "your are logged in");
redirect('index.php/users/profile');
} else {
$this->session->set_flashdata("error", "No such account exists in database");
redirect('index.php/auth/login');
}
}
}
model login code:
public function login($username, $password) {
$this->db->where('username', $username);
$this->db->where('password', $password);
$result = $this->db->get('tblLogin');
if ($result->num_rows() == 1) {
return $result->row(0)->id;
} else {
return false;
}
}
public function login($username, $password) {
$this->db->where('username', $username);
$this->db->where('password', $password);
$result = $this->db->get('tblLogin');
$ret = $result->row();
if ($ret) {
return $ret;
} else {
return false;
}
}
row() function get is single and check in if condition.
print your query using $this->db->last_query();
and check your mysql database.
You can try this solution for your problem :
Changes your modal function:
Modal.php
public function login($username, $password) {
$this->db->where('username', $username);
$this->db->where('md5(password)', $password);
$result = $this->db->get('tblLogin');
$ret = $result->row();
if (!empty($ret)) {
return $ret;
} else {
return false;
}
}
Please changes your controller file.
LoginController.php
public function login() {
$this->form_validation->set_rules('username', 'User Name', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() === FALSE) {
$this->load->view('login');
} else {
//get user name
$username = $this->input->post('username');
//get encrypt password
$password = $this->input->post('password');
//login user
$user_id = $this->auth_model->login($username, $password);
if ($user_id) {
//create session
$user_data = array(
'user_id' => $user_id,
'username' => $username,
'logged_in' => true
);
$this->session->set_userdata($user_data);
//set message
$this->session->set_flashdata("success", "your are logged in");
redirect('index.php/users/profile');
} else {
$this->session->set_flashdata("error", "No such account exists in database");
redirect('index.php/auth/login');
}
}
}
Controller:
// log in user
public function login() {
$this->form_validation->set_rules('username', 'User Name', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() === FALSE) {
$this->load->view('users/login');
} else {
//get user name
$username = $this->input->post('username');
//get encrypt password
$password = $this->input->post('password');
//login user
$user_id = $this->auth_model->login($username, $password);
if ($user_id) {
//create session
$user_data = array(
'user_id' => $user_id,
'username' => $username,
'logged_in' => true
);
$this->session->set_userdata($user_data);
//set message
$this->session->set_flashdata("loggedin", "your are logged in");
redirect('dashboard');
} else {
$this->session->set_flashdata("log_failed", "Login invalid");
redirect('login');
}
}
}
Model:
public function login($username, $password) {
$this->db->where('username', $username);
$result = $this->db->get('tbllogin');
$db_password = $result->row(0)->password;
if (password_verify($password,$db_password)) {
return $result->row(0)->id;
} else {
return false;
}
}
I am currently building a web for student registration and I am using CodeIgniter. I already managed to insert the form to my database and I am using email and password from the submitted form to login. I got a problem in my login page,somehow it cant check either the email or password exists on the database or not and it cant redirect to my desired page either.
This is my controller
public function index()
{
$data = '';
if($this->input->post('submit'))
{
$this->form_validation->set_rules('email','email','required');
$this->form_validation->set_rules('password','password','md5|required');
if($this->form_validation->run())
{
$email = $this->input->post('email');
$password = md5($this->input->post('password'));
$this->load->model('testmodel','user');
$member = $this->user->selectUser("WHERE email = '$email' AND password = '$password'");
if($member->has_rows())
{
$user_data = array(
'name' => $member->row('name'),
'nisn' => $member->row('nisn'),
'email' => $member->row('email'),
'logged_in_admin' => TRUE
);
$this->session->set_userdata($user_data); redirect('pages/userpage/userpage');
}else
{
$data['message'] = '<div class = "error">Username and password wrong!</div>';
}
}else
{
$data['message'] = '<div class = "error">' . validation_errors() . '</div>';
}
}
$this->load->view('pages/userlogin/userlogin',$data);
}
This is the selectuser function in testmodel
public function selectUser($where = '', $sort = 'DESC', $limit = '')
{
$query = "
SELECT SQL_CALC_FOUND_ROWS * FROM student_table
$where
ORDER BY ticketnumber $sort
$limit
";
return $this->db->query($query);
}'
Try this code to login with the use of session.
public function index()
{
//get the posted values
$email= $this->input->post("email");
$password = $this->input->post("password");
//set validations
$this->form_validation->set_rules("email", "Email", "trim|required");
$this->form_validation->set_rules("password", "Password", "trim|required");
if ($this->form_validation->run() == FALSE)
{
//validation fails
$this->load->view('Your_Login_View');
}
else
{
//validation succeeds
if ($this->input->post('btn_login') == "Login")
{
//check if Email and password is correct
$usr_result = $this->testmodel->selectUser($email, $password);
if ($usr_result > 0) //active user record is present
{
//set the session variables
$_SESSION['email'] = $email;
$_SESSION['loginuser'] = true;
redirect("Your_Desired_page");
}
else
{
$this->session->set_flashdata('msg', '<div class="alert alert-danger text-center">Invalid email and password!</div>');
redirect('admin');
}
}
else
{
redirect('admin');
}
}
}
Try Like this Your Controller:
public function index()
{
//get the posted values
$email= $this->input->post("email");
$password = $this->input->post("password");
//set validations
$this->form_validation->set_rules("email", "Email", "trim|required");
$this->form_validation->set_rules("password", "Password", "trim|required");
if ($this->form_validation->run() == FALSE)
{
//validation fails
$this->load->view('Your_Login_View');
}
else
{
//validation succeeds
if ($this->input->post('btn_login') == "Login")
{
//check if Email and password is correct
$usr_result = $this->testmodel->selectUser($email, $password);
if ($usr_result > 0) //active user record is present
{
//set the session variables
$_SESSION['email'] = $email;
$_SESSION['loginuser'] = true;
redirect("Your_Desired_page");
}
else
{
$this->session->set_flashdata('msg', '<div class="alert alert-danger text-center">Invalid email and password!</div>');
redirect('admin');
}
}
else
{
redirect('admin');
}
}
}
Your Model:
function selectUser($email, $password)
{
$this->db->select('*');
$this->db->from('student_table');
$this->db->where('email',$email);
$this->db->where('password',$password);
$query = $this->db->get();
return $query->num_rows();
}
I am using phpass for my login in codeigniter. But can not log on, there are know errors showing up I am not sure what the go is. Username and password correct. I have the library user in my system folder because I use multiple ci installs. I am just unsure why not letting me login. Even though username and password correct
Currently know errors are showing.
Library File
public function __construct() {
$this->CI =& get_instance();
$this->CI->load->database();
// Libraries
$this->CI->load->library('session');
$this->CI->load->library('security/rwdsecurity');
// Models
$file = dirname(FCPATH) . '/admin/application/modules/backend/models/user/user_model.php';
$file = dirname(FCPATH) . '/install/application/modules/setup/models/install_model.php';
if(file_exists($file)) {
return true;
} else {
echo "Can't find file located in: " . $file;
}
}
public function login($username, $password) {
$username = $this->CI->db->where('username', $this->CI->input->post('username'));
$password = $this->CI->db->where('password', $this->CI->input->post('password'));
$user_query = $this->CI->db->get('user');
if($user_query->num_rows() == 1) {
$data = array(
'username' => $this->CI->input->post('username'),
'isLogged' => true
);
$this->CI->sessions->set_userdata('user', $data);
$this->CI->rwdsecurity->check_password($password, $stored_hash);
return true;
} else {
return false;
}
}
Controller
public function index() {
if($this->session->userdata('isLogged') == false) {
$this->login();
} else {
redirect('dashboard');
}
}
function login_credentials() {
$this->form_validation->set_rules('username', 'Username', 'required|trim|min_length[3]|max_length[12]|xss_clean|callback_validate');
$this->form_validation->set_rules('password', 'Password', 'required|trim');
if ($this->form_validation->run($this) == false) {
$data['action'] = site_url('login/login_credentials');
$this->load->view('template/common/login', $data);
} else {
$is_valid = $this->user->login($username, $password);
if($is_valid) {
$data = array(
'username' => $username,
'isLogged' => true
);
$this->session->set_userdata($data);
}
redirect('dashboard');
}
}
function validate($username, $password) {
if($this->user->login($username, $password)) {
return true;
} else {
$this->form_validation->set_message('validate', "Incorrect Username Or Password");
return false;
}
}