Error in If else condition - php

In the below codeigniter code i have placed the controller if i type invalid username or passwors it displays inactive user please contact admin but i want to display invalisd username or password .Pls help me to solve the issue.
controller:
function inactive()
{
echo"<script>alert('In active user Please contact the administrator');</script>";
$this->load->view('login_form');
}
function invalid()
{
echo"<script>alert('Invalid username or password');</script>";
$this->load->view('login_form');
}
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
if($query->num_rows()>0){
$status = $query->row()->account_status;}
else {
$status = ''; }
if($status == 'active')
{
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else //Account In active
{ $this->inactive(); }
}
else // incorrect username or password
{
$this->invalid();
}
}

Try to run this code :
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
if($query->num_rows()>0)
{
$status = $query->row()->account_status;
if($status == 'active')
{
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else //Account In active
{ $this->inactive(); }
}
else
{
$this->invalid();
}
}
else // incorrect username or password
{
$this->invalid();
}
}
if you still have trouble show me the query then i can help you.

Related

Change password for logged in user in codeigniter

I have created a change password portal, it keep echo "Old Password Not Match!",but i sure my old password is same with the DB's password, is there any wrong in my controller or model? Hope somebody can help,Thanks!
Below is my controller:
public function chgpass()
{
$this->load->helper('security');
$this->form_validation->set_rules('cpassword','Current Password','required|max_length[150]|min_length[6]');
$this->form_validation->set_rules('npassword','New Password','required|max_length[150]|min_length[6]');
$this->form_validation->set_rules('copassword','Confirm Password','required|max_length[150]|min_length[6]|matches[npassword]');
if($this->form_validation->run() == false){
$this->load->view('chgpass');
}else{
//update data
$data = array(
'password' => md5($this->input->post('npassword'))
);
//check old password
$result = $this->Form_model->Check_Old_Password($this->session->userdata('USER_ID'),md5($this->input->post('cpassword')));
if($result > 0 AND $result === true){
//update user data
$result = $this->Form_model->Update_User_Data($this->session->userdata('USER_ID'),$data);
if($result > 0){
echo "Password Changed!";
//$this->session->set_flashdata('success','Password Changed!');
//redirect(base_url() . 'main/login');
}else{
echo "Password Not Changed!";
//$this->session->set_flashdata('error','Password Not Changed!');
//redirect(base_url() . 'main/chgpass');
}
}else{
echo "Old Password Not Match!";
//$this->session->set_flashdata('error','Password Not Changed!');
//redirect(base_url() . 'main/chgpass');
}
}
}
Below is my model:
public function Update_User_Data($user_id,$data){
$this->db->set($data);
$this->db->where('id',$user_id);
$this->db->update('users');
if($this->db->affected_rows() > 0)
return true;
else
return false;
}
public function Check_Old_Password($user_id,$cpassword){
$this->db->where('id',$user_id);
$this->db->where('password',$cpassword);
$query = $this->db->get('users');
if($query->num_rows() > 0)
return true;
else
return false;
}
I got the solution,just change the USER_ID and $user_id into username and $username
model:
public function Update_User_Data($username,$data){
$this->db->set($data);
$this->db->where('username',$username);
$this->db->update('users');
if($this->db->affected_rows() > 0)
return true;
else
return false;
}
public function Check_Old_Password($username,$cpassword){
$this->db->where('username',$username);
$this->db->where('password',$cpassword);
$query = $this->db->get('users');
if($query->num_rows() > 0)
return true;
else
return false;
}
controller:
$result = $this->Form_model->Check_Old_Password($this->session->userdata('username'),md5($this->input->post('cpassword')));
if($result > 0 AND $result === true){
//update user data
$result = $this->Form_model->Update_User_Data($this->session->userdata('username'),$data);

Password verify function in codeigniter for login

Hi all I have this issue when I validate log in in codeigniter that seems it does not check the required password in my database.The required password in my database is hash using this
$password_hash = password_hash($password, PASSWORD_BCRYPT);
How can i used password_verify function in my model code?
Here is my model code:
public function login($data) {
$condition = "username =" . "'" . $data['username'] . "' AND " . "password =" . "'" . $data['password'] . "'";
$this->db->select('*');
$this->db->from('users');
$this->db->where($condition);
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1)
{
return true;
} else
{
return false;
}
}
Here is my controller:
public function login_user()
{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean','required');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean','required');
if ($this->form_validation->run() == FALSE) {
$this->load->view('login_view');
} else {
$data = array(
'username' => $this->input->post('username'),
'password' => $this->input->post('password'),
'firstname' => $this->input->post('firstname'),
'lastname' => $this->input->post('lastname')
);
$result = $this->login_database->login($data);
if ($result == TRUE) {
// Add user data in session
$this->session->set_userdata('username', $data['username']);
$this->session->set_userdata('firstname', $data['firstname']);
$this->session->set_userdata('lastname', $data['lastname']);
//redirect to dashboard
$this->load->view('include/sidenavbar');
$this->load->view('include/topnavbar');
$this->load->view('dashboard');
} else {
$this->session->set_flashdata('message', 'Login is invalid. Please try again!');
$this->load->view('login_view', $data);
}
}
}
can anyone help me how to do this..
Thanks in advance.
You should use password_verify() to know if you're password is valid.
Try this model function:
public function login($data) {
$this->db->select('password');
$this->db->from('users');
$this->db->where('username', $data['username']);
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1) {
$record = $query->row_array();
return password_verify($data['password'], $record['password']);
} else {
return false;
}
}
Hope this will help you :
after returning data from model you can check for correct password using password_verify()
$data = array(
'username' => $this->input->post('username'),
'password' => $this->input->post('password'),
'firstname' => $this->input->post('firstname'),
'lastname' => $this->input->post('lastname')
);
$result = $this->login_database->login($data);
/*$result should return a single user data (in array form here)*/
if (! empty($result))
{
if (password_verify($data['password'], $result['password']))
{
$this->session->set_userdata('username', $data['username']);
$this->session->set_userdata('firstname', $data['firstname']);
$this->session->set_userdata('lastname', $data['lastname']);
//redirect to dashboard
redirect('dashboard'); /*use redirect()*/
//$this->load->view('include/sidenavbar');
//$this->load->view('include/topnavbar');
//$this->load->view('dashboard');
}
else
{
$this->session->set_flashdata('message', 'Password is invalid. Please try again!');
$this->load->view('login_view', $data);
}
}
else
{
$this->session->set_flashdata('message', 'Login is invalid. Please try again!');
$this->load->view('login_view', $data);
}
Your model should be like this :
public function login($data)
{
$this->db->where('username', $data['username']);
$query = $this->db->get('users');
if ($query->num_rows() == 1) {
$user = $query->row_array();
return $user;
} else {
return false;
}
}
Update : dashboard method
public function dashboard()
{
/*$data['title'] = 'my title';
you can pass data to the view like this
$this->load->view('dashboard',$data);
*/
$this->load->view('templates/header');
$this->load->view('dashboard');
$this->load->view('templates/footer');
}

Codeigniter PHPASS Logging In

I am using phpass for my login in codeigniter. But can not log on, there are know errors showing up I am not sure what the go is. Username and password correct. I have the library user in my system folder because I use multiple ci installs. I am just unsure why not letting me login. Even though username and password correct
Currently know errors are showing.
Library File
public function __construct() {
$this->CI =& get_instance();
$this->CI->load->database();
// Libraries
$this->CI->load->library('session');
$this->CI->load->library('security/rwdsecurity');
// Models
$file = dirname(FCPATH) . '/admin/application/modules/backend/models/user/user_model.php';
$file = dirname(FCPATH) . '/install/application/modules/setup/models/install_model.php';
if(file_exists($file)) {
return true;
} else {
echo "Can't find file located in: " . $file;
}
}
public function login($username, $password) {
$username = $this->CI->db->where('username', $this->CI->input->post('username'));
$password = $this->CI->db->where('password', $this->CI->input->post('password'));
$user_query = $this->CI->db->get('user');
if($user_query->num_rows() == 1) {
$data = array(
'username' => $this->CI->input->post('username'),
'isLogged' => true
);
$this->CI->sessions->set_userdata('user', $data);
$this->CI->rwdsecurity->check_password($password, $stored_hash);
return true;
} else {
return false;
}
}
Controller
public function index() {
if($this->session->userdata('isLogged') == false) {
$this->login();
} else {
redirect('dashboard');
}
}
function login_credentials() {
$this->form_validation->set_rules('username', 'Username', 'required|trim|min_length[3]|max_length[12]|xss_clean|callback_validate');
$this->form_validation->set_rules('password', 'Password', 'required|trim');
if ($this->form_validation->run($this) == false) {
$data['action'] = site_url('login/login_credentials');
$this->load->view('template/common/login', $data);
} else {
$is_valid = $this->user->login($username, $password);
if($is_valid) {
$data = array(
'username' => $username,
'isLogged' => true
);
$this->session->set_userdata($data);
}
redirect('dashboard');
}
}
function validate($username, $password) {
if($this->user->login($username, $password)) {
return true;
} else {
$this->form_validation->set_message('validate', "Incorrect Username Or Password");
return false;
}
}

login access the account with incorrect username and password

In the below code i have placed controller and modl.When user is inactive he should not able to access the account and only created account users can able to access the account.But in my case it is not working like that.Pls help me to rectify the issue.
Controller:
function validate_credentials()
{ $this->load->helper('url');
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
$data1 = array(
'college_name' => $this->input->post('college_name'),
'is_logged_in' => true
);
$this->session->set_userdata($data1);
redirect('site1/members_area');
if($query->num_rows()>0){
$status = $query->row()->account_status;}
else {
$status = ''; }
//Account active
if($status == 'active')
{
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else if ($status == 'inactive')//Account In active
{ $this->inactive();
}
else // incorrect username or password
{
$this->invalid();
}
}
}
function inactive()
{
echo"<script>alert('In active user Please contact the administrator');</script>";
$this->load->view('login_form');
}
function invalid()
{
echo"<script>alert('Invalid username or password');</script>";
$this->load->view('login_form');
}
site1
function members_area()
{
$this->load->view('index');
}
model:
function validate()
{
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', md5($this->input->post('password')));
$this->db->where('college_name', $this->input->post('college_name'));
$query = $this->db->get('membership');
return $query;
}
In your model
return $query->num_rows();
In your controller replace if($query) by
if($query>0){ ..... your code ....}
function validate_credentials()
{ $this->load->helper('url');
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
$data1 = array(
'college_name' => $this->input->post('college_name'),
'is_logged_in' => true
);
$this->session->set_userdata($data1);
if($query->num_rows()>0){
$status = $query->row()->account_status;}
else {
$status = ''; }
//Account active
if($status == 'active')
{
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else if ($status == 'inactive')//Account In active
{ $this->inactive();
}
else // incorrect username or password
{
$this->invalid();
}
}
}

To check the account_status and log the account

In the below code i have used codeigniter in my database i have a column name account_status it will be inactive by default .Now i want to check the account_status if it is active it should make me login else not.Pls help me to do .
Controller:
function index()
{
$data['main_content'] = 'login_form';
$this->load->view('includes/template', $data);
}
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else // incorrect username or password
{
$this->index();
}
}
Site1
function members_area()
{
$this->load->view('homepage_view');
}
model:
function validate()
{
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', md5($this->input->post('password')));
$query = $this->db->get('membership');
if($query->num_rows == 1)
{
return true;
}
}
You have these methods Just try this
Just use anther where condition in your model
function validate()
{
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', md5($this->input->post('password')));
$this->db->where('account_status','active');
$query = $this->db->get('membership');
if($query->num_rows == 1)
{
return true;
}
}
Or check the status in your controler
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
if($query->num_rows()>0)
$status = $query->row()->account_status;
else
$status = '';
if($status == 'active')
{
$this->session->set_userdata($data);
redirect('site1/members_area');
}
else //Account In active
{ $this->index(); }
}
else // incorrect username or password
{
$this->index();
}
}

Categories