I have a project that use CI 3 I developed on localhost in Windows using XAMPP, and final product was deployed on Debian Apache server. I tried to logged in but it's redirected back to default controller.
I tried to enter the wrong login and it's show the error correctly, but when I entered the right login it keeps comeback to my login controller.
Here is my login controller (Auth.php) :
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Auth extends CI_Controller {
public function __construct(){
parent::__construct();
$this->load->model('user_m');
if ($this->session->userdata('akses') == 'admin') {
redirect('dashboard');
}
elseif ($this->session->userdata('akses')=='user') {
redirect('user');
}
}
public function index() {
$this->load->view('login_v');
}
public function login() {
$nip=$this->input->post('nip');
$password=$this->input->post('password');
$query = $this->user_m->login($nip);
if ($query->num_rows()==1)
{
$row = $query->row();
if ($password == $this->bcrypt->check_password($password,$row->password)) {
$data_login= array(
'nip'=>$row->nip,
'id_pegawai'=>$row->id_pegawai,
'akses'=>$row->akses
);
echo $this->session->set_userdata($data_login);
$akses = $this->session->userdata('akses');
if ($akses=='admin') {
redirect('dashboard');
}
elseif ($akses=='user') {
redirect('user');
}
}
else {
echo "<script>alert('Gagal login: Cek nip, password!');history.go(-1);</script>";
}
}
else {
echo "<script>alert('Gagal login: Cek nip, password!');history.go(-1);</script>";
}
}
}
?>
Can anyone help me?
UPDATE
When I checked the session after redirect, it always pass a null value with new id session. Even I tried the native session class still didn't help it.
Related
i already have database with table of username, email (primary key), and password and have already filled them. but when i try to put those emails and password on my web page, it is read as wrong.
Here is my login controller:
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Login_controller extends CI_Controller {
public function __construct() {
parent::__construct();
//load the required libraries and helpers for login
$this->load->helper('url');
$this->load->library(['form_validation','session']);
$this->load->database();
//load the Login Model
$this->load->model('LoginModel', 'Login_controller');
}
public function index() {
//check if the user is already logged in
$logged_in = $this->session->userdata('logged_in');
if($logged_in){
//if yes redirect to welcome page
redirect(base_url().'HomeLoggedIn_controller/index/');
}
//if not load the login page
$this->load->view('login/v_login');
}
public function doLogin() {
//get the input fields from login form
$email = $this->input->post('email');
$password = sha1($this->input->post('password'));
//send the email pass to query if the user is present or not
$check_login = $this->Login_controller->checkLogin($email, $password);
//if the result is query result is 1 then valid user
if ($check_login) {
//if yes then set the session 'loggin_in' as true
$this->session->set_userdata('logged_in', true);
redirect(base_url().'HomeLoggedIn_controller/index/');
} else {
//if no then set the session 'logged_in' as false
$this->session->set_userdata('logged_in', false);
//and redirect to login page with flashdata invalid msg
//$this->session->set_flashdata('msg', 'Username / Password Invalid');
redirect(base_url().'Login_controller/index/');
}
}
public function logout() {
//unset the logged_in session and redirect to login page
$this->session->unset_userdata('logged_in');
redirect(base_url().'Login_controller/index/');
}
}
login model:
<?php
class LoginModel extends CI_Model
{
public function checkLogin($email, $password) {
//query the table 'users' and get the result count
$this->db->where('email', $email);
$this->db->where('password', $password);
$query = $this->db->get('tb_user');
return $query->num_rows();
}
}
i try the controller and model from a website and i've already change certain things on my view page to sync it with the controller.
Hello if I may get you right you want to verify the login detail from your model. Please use this in your controller. I hope this will help you solve you issue.
defined('BASEPATH') OR exit('No direct script access allowed');
class Login_controller extends CI_Controller {
public function __construct() {
parent::__construct();
//load the required libraries and helpers for login
$this->load->helper('url');
$this->load->library(['form_validation','session']);
$this->load->database();
//load the Login Model
$this->load->model('LoginModel', 'Login_controller');
}
public function index() {
//check if the user is already logged in
$logged_in = $this->session->userdata('logged_in');
if($logged_in){
//if yes redirect to welcome page
redirect(base_url().'HomeLoggedIn_controller/index/');
}
//if not load the login page
$this->load->view('login/v_login');
}
public function doLogin() {
//get the input fields from login form
$email = $this->input->post('email');
$password = sha1($this->input->post('password'));
//send the email pass to query if the user is present or not
$check_login = $this->LoginModel->checkLogin($email, $password);
//if the result is query result is 1 then valid user
if ($check_login) {
//if yes then set the session 'loggin_in' as true
$this->session->set_userdata('logged_in', true);
redirect(base_url().'HomeLoggedIn_controller/index/');
} else {
//if no then set the session 'logged_in' as false
$this->session->set_userdata('logged_in', false);
//and redirect to login page with flashdata invalid msg
//$this->session->set_flashdata('msg', 'Username / Password Invalid');
redirect(base_url().'Login_controller/index/');
}
}
public function logout() {
//unset the logged_in session and redirect to login page
$this->session->unset_userdata('logged_in');
redirect(base_url().'Login_controller/index/');
}
}
Error discovered! you did not load the model method checklogin well
You used $this->Login_controller->checkLogin($email, $password); instead of $this->LoginModel->checkLogin($email, $password);. Which result to your error. Please replace your code with mine.
I hope this helped you if not call my attention, okay
Try changing
$check_login = $this->Login_controller->checkLogin($email, $password);
To:
$check_login = $this->checkLogin($email, $password);
I'm trying to implement basic section that only a logged-in user can access. I overrided CI_Controller, as follow:
//file created in application/core/MY_Controller.php
class Auth_Controller extends CI_Controller {
function __construct(){
parent::__construct();
$this->load->library('session');
if ($this->session->userdata('user_logged') !== null){
redirect(base_url() . 'dashboard');
die();
} else {
redirect(base_url() . 'auth/login');
die();
}
}
And then I extend from Auth_Controller all the other controllers that are only available for the logged-in user, as follow:
class Dashboard extends Auth_Controller
{
public function __construct()
{
parent::__construct();
}
public function index()
{
$this->load->view('dashboardView');
}
}
But after the login is successful, it doesn't redirect to dashboardView.
Anyone knows what is really happening?
You are redirecting infinitely to the Dashboard controller in this part of the code:
if ($this->session->userdata('user_logged') !== null){
redirect(base_url() . 'dashboard');
die();
}
Use this instead (redirect to the login form if the user is not logged in):
class Auth_controller extends CI_Controller {
function __construct(){
parent::__construct();
$this->load->library('session');
// If the user is not logged in
if ($this->session->userdata('user_logged') === null){
// Redirect to http://yoursite/auth/login
// No need for the base_url function, redirect does it for you
redirect('auth/login');
// You don't have to exit/die, redirect() already does that
}
}
}
Opinions
If I check the null, will use like this != null. BUT in CI its a best option to check empty() rather null.
If I use redirect() will use it like this redirect('dashboard');
Code will be
if (!empty($this->session->userdata('user_logged'))) {
redirect('dashboard');
else {
redirect('auth/login');
}
Make sure your site will load without index.php in URL. If no search for .htaccess to your site.
I am using this code for user which can't access page without login ,but it is not working to prevent the user .
if(! $this->session->userdata('id'))
return redirect('Login');
$this->load->view('public/dashboard');
Try this for start. But generally i use another strategy, i make the if statements in Views.
If this is not works for you, i will check further.
if(! $this->session->userdata('id')){
$this->load->view('Login'); }
else {
$this->load->view('public/dashboard'); }
What you could do is something like this
application / core / MY_Controller.php
<?php
class MY_Controller extends CI_Controller {
public function __construct() {
parent::__construct();
$route = $this->router->directory . $this->router->fetch_class();
// echo $route;
// Ignore any controllers not to be effected
$ignore = array(
'dirname/controllername',
);
// If the user has not logged in will redirect back to login
if (!$this->session->userdata('id') && !in_array($route, $ignore)) {
$this->session->unset_userdata('id');
redirect($this->config->item('base_url') . 'login');
}
}
}
On the controller change CI_Controller to MY_Controller
class Example extends MY_Controller {
public function index() {
}
}
if( $this->session->userdata('id') == "")
{
redirect('Login');
}
else
{
redirect('dashboard');
}
here Login and dashboard both are controller names.
I have autoload helper form and library form-validation in autoload.php
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Login extends CI_Controller {
var $data;
public function __construct(){
parent::__construct();
$this->data=array('page'=>'login_view','title'=>'login');
$this->load->model("Login_model");
}
public function index()
{
//get the posted values
$data=$this->data;
$this->load->view('template',$data);
}
public function checklogin(){
//form validation
$data=$this->data;
$this->form_validation->set_rules('username','Username','required');
$this->form_validation->set_rules('password' ,'Password','required|callback_verifyUser');
if($this->form_validation->run()==false){
$this->load->view('template',$data);
}
else{
}
}
public function verifyUser(){
$name=$this->input->post('username');
$pass=$this->input->post('password');
$option=$this->input->post('optionlist');
if($this->Login_model->login($name,$pass,$option)){
return true;
}else{
//user doesn't exist
//echo "Wrong username and password";
$this->form_validation->set_message('verifyUser','Incorrect officer_id or password. Please try again');
return false;
}
}
}
?>
The problem is it doen't show any error message USERNAME IS REQUIRED OR PASSWORD IS REQUIRED WHEN I LEAVE IT BLANK . IT SIMPLY REDIRECTS TO LOGIN_VIEW.PHP WITHOUT SHOWING ANY ERROR MESSAGE THAT USERNAME IS LEFT BLANK
THE doc SAID FORM-VALIDATION IS USED FOR THe PURPOSE to show errors.
for the view login_view.php u can see form here http://pastebin.com/T2zMYGn1
use echo validation_errors() in view file (template.php) where you want to see error messages
I am working on a login script and it used to work perfectly but then all of a sudden it stopped working. I commented out a lot of code but it still does the same. When I login it sees the userdata but it disappears right after.
This is what I got in my controller: (I leave commented code out)
Login controller:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends MY_Controller {
public function __construct(){
parent::__construct();
$this->smarty->assign('header',"../../../views/login_header.tpl");
$this->smarty->assign('footer',"../../../views/login_footer.tpl");
$this->load->library('form_validation');
}
public function index()
{
$this->load->model('mdl_login');
$email = $this->input->post('email');
$password = $this->input->post('password');
$this->form_validation->set_rules('email', 'Email', 'required|valid_email');
$this->form_validation->set_rules('password', 'Password', 'required|callback_credential_check');
if ($this->form_validation->run() == FALSE)
{
$errors = validation_errors();
$this->smarty->assign('errors', $errors);
}
elseif($this->mdl_login->login($email, $password) == FALSE){
$errors = 'Your login information is incorrect.';
$this->smarty->assign('errors', $errors);
}
else //Validation success
{
//Get user
$user = $this->mdl_login->user($email);
$user['logged_in'] = TRUE;
//It's not the if statement here because I also tried without it
if($this->session->userdata('logged_in') == FALSE){
$this->session->set_userdata($user);
}
print_r($this->session->all_userdata());
die(); //At this point the userdata is correct but on refresh or going to another page it isn't
//Redirect to homepage
//redirect('dashboard', 'refresh');
}
$this->smarty->view('login/login.tpl');
}
}
Login Model:
<?php
class Mdl_login extends CI_Model {
public function login($email, $password){
return TRUE;
}
public function user($email){
$query = $this->db->get_where('korisnici_tbl', array('email' => $email));
return $query->row_array();
}
}
?>
My_Controller:
<?php (defined('BASEPATH')) OR exit('No direct script access allowed');
/* load the MX_Controller class */
require APPPATH."third_party/MX/Controller.php";
class MY_Controller extends MX_Controller {
public function __construct(){
print_r($this->session->all_userdata());
$this->smarty->assign('header',"../../../views/header.tpl");
$this->smarty->assign('footer',"../../../views/footer.tpl");
$this->smarty->assign('form_url_plugin',"../../../views/form_url_plugin.tpl");
$this->smarty->assign('controller',$this->uri->segment(1));
$this->smarty->assign('userdata',$this->session->all_userdata());
if($this->session->userdata('logged_in') != TRUE && $this->uri->segment(1) != 'login'){
if($this->session->userdata('logged_in') != TRUE){
print_r($this->session->all_userdata());
}
//redirect('login', 'refresh');
}
}
}
I am using modular extensions. I am sure there is nothing wrong in My_Controller because I tested it by setting it back to MX_Controller. (I never changed anything in MX_Controller)
I found the answer to my question. In my model I was adding all data of the logged in user. One of the columns contain the IP Address. And I don't know why exactly but when I add the IP Address to the session it removes the session, and adds a new session with the default codeigniter session data and a new session id.
So somehow I can't store IP Addresses in my userdata.