When my user login on in the activity's model. If the user has logged on before it updates that row belonging to the user id. Otherwise should Insert row.
Problem: Currently it just updates the same row as previous. It should insert a new row if user id has not logged on before.
How can I fix problem on model.
<?php
class Model_account_activity extends CI_Model {
public function updateActivity($key, $data) {
$data['user_id'] = $this->session->userdata('user_id');
if (isset($data['user_id'])) {
$user_id = $data['user_id'];
} else {
$user_id = 0;
}
$query = $this->db->query("UPDATE `" . $this->db->dbprefix . "user_activity` SET
`user_id` = '" . (int)$user_id . "',
`key` = " . $this->db->escape($key) . ",
`data` = " . $this->db->escape(serialize($data)) . ",
`date_added` = NOW()
");
if ($query == FALSE) {
$this->addActivity();
return true;
} else {
return false;
}
}
public function addActivity($key, $data) {
$data['user_id'] = $this->session->userdata('user_id');
if (isset($data['user_id'])) {
$user_id = $data['user_id'];
} else {
$user_id = 0;
}
$this->db->query("INSERT INTO `" . $this->db->dbprefix . "user_activity` SET
`user_id` = '" . (int)$user_id . "',
`key` = " . $this->db->escape($key) . ",
`data` = " . $this->db->escape(serialize($data)) . ",
`date_added` = NOW()
");
}
}
Get result from DB by unique ID or primary key then check the query result. If result count is 0 then can insert else update. Example...
$this->db->where('column_name', $user_id); //Unique column or primary_key .It may be $user_id
$query = $this->db->get('table_name');
if($query->num_rows == 0)
{
//Insert query
}
else
{
//Update query
}
Here is how i was able to get it working thanks to #Please Wait all working now.
<?php
class Model_account_activity extends CI_Model {
public function activity($key, $data) {
$user_id = $this->session->userdata('user_id');
$this->db->where('user_id', $user_id);
$query = $this->db->get('user_activity');
$data['user_id'] = $this->session->userdata('user_id');
if (isset($data['user_id'])) {
$user_id = $data['user_id'];
} else {
$user_id = 0;
}
if($query->num_rows() == FALSE) {
$data = array(
'user_id' => $user_id,
'key' => $key,
'data' => serialize($data),
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert('user_activity', $data);
} else {
$data = array(
'user_id' => $user_id,
'key' => $key,
'data' => serialize($data),
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->where('user_id', $user_id);
$this->db->update('user_activity', $data);
}
}
}
Related
I want to create a login system in CodeIgniter.
I have this in my controller:
public function user_login_process()
{
$data = array(
'username' => $this->input->post('username'),
'password' => $this->input->post('password')
);
$result = $this->login_database->login($data);
if ($result == TRUE) {
$username = $this->input->post('username');
$result = $this->login_database->read_user_information($username);
if ($result != false) {
$session_data = array(
'username' => $result[0]->username,
'email' => $result[0]->email,
);
$this->session->set_userdata('logged_in', $session_data);
if (isset($this->session->userdata['logged_in'])) {
if( $username="admin"){
$result1 = $this->login_database->read_admin_information($username);
if ($result1 != false) {
$session_data = array(
'username' => $result1[0]->username,
);
$this->session->set_userdata('admin', $session_data);
$this->load->view('admin_page');
}}}
else {
$this->load->view('home_page');
}}
} else {
$data = array(
'error_message' => 'Invalid Username or Password'
);
$this->load->view('login_form', $data);
}
//}
I have this in my model:
public function login($data) {
$condition = "username =" . "'" . $data['username'] . "' AND " . "password =" . "'" . $data['password'] . "'";
$this->db->select('*');
$this->db->from('user');
$this->db->where($condition);
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1) {
return true;
} else {
return false;
}
}
// Read data from database to show data in admin page
public function read_user_information($username) {//Will read the data for loginn
$condition = "username =" . "'" . $username . "'";
$this->db->select('*');
$this->db->from('user');
$this->db->where($condition);
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1) {
return $query->result();
} else {
return false;
}
}
public function read_admin_information($username) {//Will read the data for loginn
$condition = "username =" . "'" . $username . "'";
$this->db->select('*');
$this->db->from('user');
$this->db->where($condition);
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1) {
return $query->result();
} else {
return false;
}
}
So I'm trying to create a session which differentiates a user if it is a normal or is admin(username=admin). The problem is that after I login like admin or not this always takes me to the admin page. What it should do: it should take me to the home_page if user is not admin but is logged in.
Have I done something wrong? I have read the session class of CI before I did this. Can someone help me to do this in right way? Thanks!
you are not comparing, you are assigning here:
if( $username="admin"){ // will assign 'admin' to $username
Should be:
if( $username=="admin"){ // will compare $username == 'admin'
try this sir: (if you have a usertype on your table)
for example:
User_Account:(The table)
User_type(1 is admin)(0 is client)
ID | First_name | Last_name | Username | Password | User_type
1 Michael Jordan MJ23 6rings 1
2 Kobe Bryant KB24 5rings 0
MODEL:
public function login($user,$pass){
$data = array(
'Username' => $user,
'Password' => $pass);
$query = $this->db->get_where('user_account',$data);
return $query->result_array();
}
VIEW:
<form action="<?php echo base_url(); ?>index.php/My_Controller/login_user" method="post">
Username: <input type="text" name="username"/><br/>
Password: <input type="password" name="password"/><br/>
<button type="submit">LOGIN</button>
</form>
CONTROLLER:
public function login_user(){
$user = $this->input->post('username');//this is from the name on input
$pass = $this->input->post('password');//this is from the name on input
$result=$this->My_Model->login($user,$pass);
$usertype = $result["0"]["User_type"];//this is from the database, whenever you login a user which is valid this is what you will use to see what is his User_type
if($usertype == 1){
redirect('My_Controller/show_admin');
}
else if($usertype == 0){
redirect('My_Controller/show_client');
}
}
Try this out: if you have questions just comment!
i am new in codeigniter and i am stuck with this if statement. I am selecting from my database the user_status and the user_type of the user and if it is null the value $res cant be empty.
if(empty($res)) {
echo "aaaa";
$this->index();
}
here is my full code in model :
<?php
class Login_model extends MY_Model {
function validate($data) {
$condition = "user_email =" . "'" . $data['useremail'] . "' AND " . "user_password =" . "'" . $data['password'] . "'";
$this->db->select('usertype_id,user_status');
$this->db->from('user');
$this->db->where($condition);
$query = $this->db->get();
if($query->num_rows() == 1) {
return $query->result();
}
else {
return NULL;
}
}
}
?>
my controller looks like this :
function validate_credentials() {
$this->load->model('login_model');
$data = array(
'username' => $this->input->post('username'),
'password' => $this->input->post('password')
);
$res['res'] = $this->login_model->validate($data);
if(empty($res)) {
echo "aaaa";
$this->index();
}
My question is, why this $res is always not empty. when i print_r the $res it shows an empty array.
On my user table I have a column called code. If a user has clicked on the forgotten password link and enters in email and then clicks on submit. It then updates the code on to the database row matching the email.
I have another controller called Forgotten which handles the $code and editCode that works fine.
The problem I am having is I have tried a few times and will not edit/change password. I currently have removed non working code.
I need to be able to check make sure the $code = URI Segment 3 matches the code and email on that database row. And then allows me to update/change password.
Controller Reset
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Reset extends MX_Controller {
public function __construct() {
parent::__construct();
if ($this->user->hasPermissionAccess() == TRUE) {
$this->lang->load('admin/english', 'english');
$this->lang->load('admin/common/reset', 'english');
$this->load->library('settings');
$this->load->library('pagination');
$this->load->library('request');
$this->load->library('response');
$this->load->library('document');
$this->load->library('email');
} else {
redirect('admin/error');
}
}
public function index() {
$this->document->setTitle($this->lang->line('heading_title'));
$data['heading_title'] = $this->lang->line('heading_title');
$data['text_password'] = $this->lang->line('text_password');
$data['entry_password'] = $this->lang->line('entry_password');
$data['entry_confirm'] = $this->lang->line('entry_confirm');
$data['button_save'] = $this->lang->line('button_save');
$data['button_cancel'] = $this->lang->line('button_cancel');
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => '<i class="fa fa-home"></i>' .' '. $this->lang->line('text_home'),
'href' => site_url('common/dashboard')
);
$data['breadcrumbs'][] = array(
'text' => $this->lang->line('heading_title'),
'href' => site_url('common/forgotten')
);
if (!empty($this->request->post['password'])) {
$data['password'] = $this->request->post['password'];
} else {
$data['password'] = '';
}
if (!empty($this->request->post['confirm_password'])) {
$data['confirm_password'] = $this->request->post['confirm_password'];
} else {
$data['confirm_password'] = '';
}
$data['action'] = site_url('admin/reset') .'/'. $this->uri->segment(3);
$data['cancel'] = site_url('admin/login');
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password','required|trim|xss_clean|matches[confirm]|min_length[3]|max_length[25]');
$this->form_validation->set_rules('confirm_password', 'Password Confirmation', 'required|trim');
if ($this->form_validation->run() == FALSE) {
return $this->load->view('common/reset', $data);
} else {
$this->load->model('admin/user/users_model');
$code = $this->uri->segment(3);
$user_info = $this->users_model->getUserByCode($code);
if($user_info) {
$this->load->model('admin/user/users_model');
$this->users_model->editUser($user_info['user_id'], $this->request->post, $data);
$this->session->set_flashdata('success', 'You have now updated your Password!');
redirect('admin');
return true;
} else {
$this->session->set_flashdata('error', 'Unable to submit changes. Please try again!');
redirect('admin');
return false;
}
}
}
}
Model
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Users_model extends CI_Model {
public function addUser($data) {
$user_insert = array(
'user_group_id' => "10",
'username' => $data['username'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => $this->hash($data['password']),
'status' => $data['status'],
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert($this->db->dbprefix . 'user', $user_insert);
}
public function editUser($user_id, $data) {
$data['last_updated'] = mdate('%Y-%m-%d %H:%i:%s', now());
if (isset($data['password']) && $data['password']) {
$data['password'] = $this->hash($data['password']);
} else {
unset($data['password']);
}
$this->db->where('user_id', $user_id)->update('user', $data);
return $user_id;
}
public function getUserByCode($code) {
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user`
WHERE code = '" . $this->db->escape($code) . "' AND code != ''");
return $query->row_array();
}
public function hash($password) {
$this->load->library('PasswordHash', array('iteration_count_log2' => 8, 'portable_hashes' => FALSE));
return $this->passwordhash->HashPassword($password);
}
public function editCode($email, $code) {
$this->db->where('email', $this->request->post['email']);
$this->db->set('code', $code);
$this->db->update($this->db->dbprefix . 'user');
}
}
I have been working hard at problem solving last half hour but have figured out why I need to do a couple of edit password separate from edit user and added get by code.
New controller and model methods down below for my resetting password. I still have a separate forgotten controller that handles the reset code
Model
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Users_model extends CI_Model {
public function addUser($data) {
$user_insert = array(
'user_group_id' => "10",
'username' => $data['username'],
'firstname' => $data['firstname'],
'lastname' => $data['lastname'],
'email' => $data['email'],
'password' => $this->hash($data['password']),
'status' => $data['status'],
'date_added' => mdate('%Y-%m-%d %H:%i:%s', now())
);
$this->db->insert_id();
$this->db->insert($this->db->dbprefix . 'user', $user_insert);
}
public function editUser($user_id, $data) {
$data['last_updated'] = mdate('%Y-%m-%d %H:%i:%s', now());
if (isset($data['password']) && $data['password']) {
$data['password'] = $this->hash($data['password']);
} else {
unset($data['password']);
}
$this->db->where('user_id', $user_id)->update('user', $data);
return $user_id;
}
public function editPassword($user_id, $password) {
$data['password'] = $this->request->post['password'];
$this->db->query("UPDATE `" . $this->db->dbprefix . "user`
SET
password = " . $this->db->escape($this->hash($data['password'])) . ",
code = ''
WHERE
user_id = '" . (int)$user_id . "'");
}
public function hash($password) {
$this->load->library('PasswordHash', array('iteration_count_log2' => 8, 'portable_hashes' => FALSE));
return $this->passwordhash->HashPassword($password);
}
public function editCode($email, $code) {
$this->db->where('email', $this->request->post['email']);
$this->db->set('code', $code);
$this->db->update($this->db->dbprefix . 'user');
}
public function deleteUser($user_id) {
$this->db->where('user_id', $user_id);
$this->db->delete($this->db->dbprefix . 'user');
}
public function getUser($user_id) {
$query = $this->db->query("SELECT *, (SELECT ug.name FROM `" . $this->db->dbprefix . "user_group` ug WHERE ug.user_group_id = u.user_group_id) AS user_group FROM `" . $this->db->dbprefix . "user` u WHERE u.user_id = '" . (int)$user_id . "'");
return $query->row_array();
}
public function getUserByUsername($username) {
$query = $this->db->query("SELECT * FROM `" . $this->db->dbprefix . "user` WHERE username = ". $this->db->escape($username) ." ");
return $query->row();
}
public function getUserByCode($code) {
$query = $this->db->query("SELECT * FROM `" . $this->db->dbprefix . "user`
WHERE code = " . $this->db->escape($code) . " AND code != ''");
return $query->row_array();
}
public function getUsers() {
$this->db->select('*');
$this->db->from($this->db->dbprefix . 'user');
$query = $this->db->get();
if ($query->num_rows() > 0) {
return $query->result_array();
return true;
} else {
return false;
}
}
public function getTotalUsers() {
return $this->db->count_all('user');
}
public function getTotalUsersByGroupId($user_group_id) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . $this->db->dbprefix . "user` WHERE user_group_id = '" . (int)$user_group_id . "'");
return $query->row_array('total');
}
public function getTotalUsersByEmail($email) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . $this->db->dbprefix . "user` WHERE LCASE(email) = " . $this->db->escape($email) . " ");
return $query->row_array('total');
}
}
Controller
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Reset extends MX_Controller {
public function __construct() {
parent::__construct();
if ($this->user->hasPermissionAccess() == TRUE) {
$this->lang->load('admin/english', 'english');
$this->lang->load('admin/common/reset', 'english');
$this->load->library('settings');
$this->load->library('pagination');
$this->load->library('request');
$this->load->library('response');
$this->load->library('document');
$this->load->library('email');
} else {
redirect('admin/error');
}
}
public function index() {
$this->document->setTitle($this->lang->line('heading_title'));
$data['heading_title'] = $this->lang->line('heading_title');
$data['text_password'] = $this->lang->line('text_password');
$data['entry_password'] = $this->lang->line('entry_password');
$data['entry_confirm'] = $this->lang->line('entry_confirm');
$data['button_save'] = $this->lang->line('button_save');
$data['button_cancel'] = $this->lang->line('button_cancel');
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => '<i class="fa fa-home"></i>' .' '. $this->lang->line('text_home'),
'href' => site_url('common/dashboard')
);
$data['breadcrumbs'][] = array(
'text' => $this->lang->line('heading_title'),
'href' => site_url('common/forgotten')
);
if (isset($this->request->post['password'])) {
$data['password'] = $this->request->post['password'];
} else {
$data['password'] = '';
}
$data['action'] = site_url('admin/reset') .'/'. $this->uri->segment(3);
$data['cancel'] = site_url('admin/login');
$this->load->library('form_validation');
$this->form_validation->set_rules('password', 'Password','required|trim|xss_clean|matches[confirm_password]|min_length[3]|max_length[25]');
$this->form_validation->set_rules('confirm_password', 'Password Confirmation', 'required|trim');
if ($this->form_validation->run() == FALSE) {
return $this->load->view('common/reset', $data);
} else {
$this->load->model('admin/user/users_model');
$code = $this->uri->segment(3);
$user_info = $this->users_model->getUserByCode($code);
if($user_info) {
$this->load->model('admin/user/users_model');
$this->users_model->editPassword($user_info['user_id'], $this->request->post['password']);
$this->session->set_flashdata('success', 'You have now updated your Password!');
redirect('admin');
return true;
} else {
$this->session->set_flashdata('error', 'Unable to submit changes. Please try again!');
redirect('admin');
return false;
}
}
}
}
I am using Zend\Authentication to authenticate users and am inserting session_id() with every login, but it is still letting multiple logins with the same username. I've tried everything but am at a total loss of how to fix this. Here is my code for checking and inserting sessions:
public function indexAction()
{
$user = $this->identity();
if ($this->getMembersTable()->checkSession($user->username) === false) {
$_SESSION = array();
session_destroy();
setcookie(session_name(), '', time() - 300, '/', '', 0);
return $this->redirect()->toUrl('/auth/login');
}
if (null === $user || empty($user)) {
return $this->redirect()->toUrl('/auth/login');
}
return array('user' => $user);
}
public function checkSession($username)<br>
{
$sql = new Sql($this->table_gateway->getAdapter());<br>
$adapter = $sql->getAdapter()->getDriver()->getConnection();
$query = $adapter->execute("SELECT COUNT(*) FROM sessions WHERE username =
'$username' AND session_id = '" . md5(session_id()) . "'");
if ($query->count() == 0) {
return false;
}
}
public function insertSession($username, $password)
{
$sql = new Sql($this->table_gateway->getAdapter());
$insert = new Insert('sessions');
$adapter = $this->table_gateway->getAdapter();
$insert->columns(array('username', 'password', 'active', 'session_id'))
->values(array('username' => $username, 'password' => $password, 'active' => 1, 'session_id' => md5(session_id())));
$adapter->query(
$sql->getSqlStringForSqlObject($insert),
$adapter::QUERY_MODE_EXECUTE
);
return true;
}
Your problem lies here:
if ($query->count() == 0) {
the count() would return the number of rows found, but in a COUNT(*) query, you always have one row.
Try this instead:
$query = $adapter->execute("SELECT COUNT(*) as cnt FROM sessions WHERE username = '$username' AND session_id = '" . md5(session_id()) . "'");
if($query[0]['cnt'] == 0) {
// do your stuff here
}
the following php function is only working for one user record, not all user records with a value of "1" in the weekly_email_f1 column, any ideas?
function getSummaryEmailInfo() {
$sql = "
SELECT u.id, u.master_id, u.email
FROM user AS u
WHERE u.weekly_email_fl = 1
";
$query = $this->db->query( $sql );
$users = $query->result_array();
foreach ( $users as &$user ) {
$user_id = ( $user['master_id'] == '0' ) ? $user['id'] : $user['master_id'];
$sql = "
SELECT ui.custom_name
FROM user_item AS ui
WHERE ui.user_id = '" . $user_id . "'
AND added_to_list_dt IS NOT NULL
ORDER BY added_to_list_dt DESC
;
";
$query = $this->db->query( $sql );
$user['s_list'] = $query->result_array();
}
return $users;
}
There are multiple users with weekly_email_f1 = 1. i think there is something wrong with how the result_array(); is being populated but cannot figure it out, yet...
function getUserInfo( $user_id ) {
$query = $this->db->query( "
SELECT name AS first_name, email, zip_code, weekly_email_fl
FROM user
WHERE id = '" . $user_id . "'
;" );
if ( $query->num_rows() > 0 ) {
$results = $query->result_array();
$results = $results[0];
} else {
$results = null;
}
return $results;
}
while($users = $query->result_array()) {
/* You can use $users['master_id'] here */
}
There is only 1 user with weekly_email_f1 = 1
$query->result_array(); returns only first/last/one row.