I am trying to figure out what's wrong here, but really not sure. I have a site with users, when a user edits details, it seems to override all other records with those details. This doesn't happen always but sometimes (of course the result is chaos!). Here is the code of update
public function update_edit()
{
/* echo " //// INSIDE UPDATE EDIT "; */
$this->form_validation->set_rules('fullname', 'الاسم الكامل', 'isset|required|min_length[6]|max_length[100]');
//check that there are no form validation errors
if($this->form_validation->run() == FALSE)
{
/* echo " //// INSIDE FORM VALIDATION"; */
if(($this->session->userdata('username')!=""))
{
/* echo " //// INSIDE SESSION VALIDATION"; */
$data = array();
$data = $this->profileModel->load_user_editable_data($this->session->userdata('username'));
$this->load->view('layout/header');
$this->load->view('profile_edit', $data);
$this->load->view('layout/footer');
//$this->load->view('thankyou');
}else{
//$this->load->view('login');
$this->login();
}
}else{
$complete = $this->profileModel->update_profile($this->session->userdata('username'));
if($complete == 1)
{
$this->load->view('layout/header');
$this->load->view('update_complete');
$this->load->view('layout/footer');
}
}
}
This is the model code:
public function update_profile($username)
{
$config['upload_path'] = './uploads/';
$config['allowed_types'] = 'gif|jpg|png|jpeg';
$this->load->library('upload', $config);
$fullImagePath;
if (isset($_FILES['profilepic']) && !empty($_FILES['profilepic']['name']))
{
if ($this->upload->do_upload('profilepic'))
{
$upload_data = $this->upload->data();
$fullImagePath = '/uploads/' . $upload_data['file_name'];
}
}else{
$fullImagePath = $this->session->userdata('profilepic');
}
$data = array(
'fullname' => $this->input->post('fullname'),
'email' => $this->input->post('email'),
'mobile' => $this->input->post('mobile'),
'telephone' => $this->input->post('telephone'),
'about' => $this->input->post('about'),
'address' => $this->input->post('address'),
'profilepic' => $fullImagePath,
);
$this->db->where('username', $username);
$this->db->update('free_user_members', $data);
return 1;
}
and this is the form:
<div class="content_container">
<div id="rt-main" class="mb8-sa4">
<div class="rt-container">
<div class="rt-grid-12">
<div dir="rtl" class="homecontent">
<?php echo validation_errors(); ?>
<?php echo form_open_multipart('profile/update_edit'); ?>
<? $this->session->set_userdata('profilepic', $profilepic); ?>
<h5>الاسم الكامل</h5>
<? $data = array(
'name' => 'fullname',
'id' => 'round_input',
'value' => $fullname,
);
echo form_input($data); ?>
<h5>الايميل</h5>
<? $data = array(
'name' => 'email',
'id' => 'round_input',
'value' => $email,
'size' => '70'
);
echo form_input($data); ?>
<h5>الجوال</h5>
<? $data = array(
'name' => 'mobile',
'id' => 'round_input',
'value' => $mobile,
);
echo form_input($data); ?>
<h5>هاتف</h5>
<? $data = array(
'name' => 'telephone',
'id' => 'round_input',
'value' => $telephone,
);
echo form_input($data); ?>
<h5>العنوان</h5>
<? $data = array(
'name' => 'address',
'id' => 'round_input',
'value' => $address,
'size' => '70'
);
echo form_input($data); ?>
<h5>نبذة عني</h5>
<? $data = array(
'name' => 'about',
'id' => 'round_input',
'value' => $about,
'rows' => '3',
'cols' => '40',
);
echo form_textarea($data); ?>
<h5>الصورة الشخصية</h5>
<img width="300" height="300" src="<? echo $profilepic; ?>" />
<h5>إختيار صورة جديدة</h5>
<?
$data = array(
'name' => 'profilepic',
'id' => 'profilepic',
);
echo form_upload($data);
?>
<div><input type="submit" value="احفظ التغييرات" /></div>
</form>
</div>
<p> </p>
</div>
</div>
<div class="clear"></div>
</div>
</div>
will really appreciate it if someone tells me what I am doing that could lead to that chaos every now and then.
Regards,
You have to add code to check that username in the session exists.
If the session times out, codeigniter will return FALSE.
Querying MySQL on username = false will return all rows.
Related
controller:
public function edit($id) {
$this->edit_status_check($id);
$this->form_validation->set_rules('agent_name', 'Agent Name', 'required');
$this->form_validation->set_rules('mobile', 'Mobile No.', 'required');
$this->form_validation->set_rules('agent_vehicle', 'Agent Vehicle', 'required');
if ($this->form_validation->run() == FALSE) {
$data = array(
'page_title' => 'Edit Agent',
'page_name' => 'agent/edit',
'result' => $this->agent_model->select_id($id),
'result_vehicle' => $this->vehicle_model->list_all(),
'error' => validation_errors(),
'id' => $id
);
$this->load->view('template', $data);
} else {
$config['upload_path'] = '../uploads/agent/';
$config['allowed_types'] = 'jpg|jpeg';
$config['encrypt_name'] = TRUE;
$config['max_size'] = 1000; // 1 mb
$this->load->library('upload', $config);
if (!$this->upload->do_upload('agent_image')) {
$data = array(
'page_title' => 'Edit Agent',
'page_name' => 'agent/edit',
'result' => $this->agent_model->select_id($id),
'result_vehicle' => $this->vehicle_model->list_all(),
'error' => $this->upload->display_errors(),
'id' => $id
);
$this->load->view('template', $data);
} else {
$_POST['agent_img_url'] = 'uploads/agent/' . $this->upload->data('file_name');
$this->agent_model->update($_POST, $id);
alert('Update', $_POST['agent_name']);
redirect('agent');
}
}
}
Model:
public function update($data, $id) {
$updatedata = array(
'name' => $data['agent_name'],
'mobile' => $data['mobile'],
'password' => sha1($data['password']),
'vehicle' => $data['agent_vehicle'],
'address' => $data['agent_address'],
'category' => $data['category'],
'created_on' => date('Y-m-d h:i:sa')
);
if (!empty($data['agent_img_url'])) {
$updatedata['img_url'] = $data['agent_img_url'];
}
$this->db->where('id', $id);
$this->db->update('agent', $updatedata);
}
View:
<?= form_open_multipart('agent/edit/' . $id); ?>
<?php if (!empty($error)): ?>
<div class="alert alert-danger alert-dismissible" role="alert">
<?= $error; ?>
</div>
<?php endif; ?>
<div class="form-group">
<img src="/<?= $result['img_url']; ?>" class="img-responsive" name="old_agent_image" width="133" height="100">
</div>
<div class="form-group">
<label>Agent Image</label>
<input type="file" name="agent_image">
</div>
<button type="submit" class="btn btn-success">Update</button>
<?= form_close(); ?>
Hi I'm developing a image upload module and image path save in database and retrieve.
my Question I want it to edit and update but the my problem is it doesn't delete the old image in folder, but it save and update the new image.
use file helper of codeigniter
$this->load->helper("file");
delete_files($path);
reference link for you is here
Delete using the file name saved in the database, use the PHP unlink(../filename.jpg) and delete from files
Change in Model
public function update($data, $id) {
$updatedata = array(
'name' => $data['agent_name'],
'mobile' => $data['mobile'],
'password' => sha1($data['password']),
'vehicle' => $data['agent_vehicle'],
'address' => $data['agent_address'],
'category' => $data['category'],
'created_on' => date('Y-m-d h:i:sa')
);
if (!empty($data['agent_img_url'])) {
$updatedata['agent_img_url'] = $data['agent_img_url'];
}
$q = $this->db->where('id',$id)
->get('agent');
$query = $q->row_array();
#unlink("./asset/uploads/".$query['agent_img_url']);
$this->db->where('id', $id);
$this->db->update('agent', $updatedata);
}
if (!$this->upload->do_upload($name)) {
$data = array('msg' => $this->upload->display_errors());
} else {
$data = array('msg' => "success");
$databasea['upload_data'] = $this->upload->data();
$this->load->library('image_lib');
return $databasea['upload_data']['file_name'];
}
return '';
I'm a bit confused about this error when I am updating the data. Can anyone help me with this? My codes are the following:
Controller:
public function show_student($id)
{
$data['single_student'] = $this->student_view_model->get_student_id($id);
$this->load->view('view_student_update', $data);
}
public function student_update_info($id, $data)
{
$data = array(
'student_fname' => $this->input->post('first'),
'student_lname' => $this->input->post('last'),
'student_gender' => $this->input->post('gender'),
'student_course' => $this->input->post('course'),
'student_company' => $this->input->post('company')
);
$data['results'] = $this->student_view_model->update_student($this->input->post('hid'), $data);
$this->load->view('view_student_list', $data);
}
Model:
public function get_student_id($id)
{
$query = $this->db->get_where('tbl_student', array('student_id' => $id));
return $query->row_array();
}
public function update_student($id, $data)
{
$this->db->where('student_id', $id);
$this->db->update('tbl_student', $data);
return $this->get_student_id($id);
}
My View ( edit page )
<?php echo form_open('student_update/student_update_info');
$data = array(
'id' => 'input',
'name' => 'hid',
'value' => $single_student['student_id']
);
echo form_hidden($data);
echo form_label('First Name: ', 'first');
$data = array(
'id' => 'input',
'name' => 'first',
'placeholder' => 'Enter First Name',
'value' => $single_student['student_fname']
);
echo form_input($data);
echo form_label('Last Name: ', 'last');
$data = array(
'id' => 'input',
'name' => 'last',
'placeholder' => 'Enter Last Name',
'value' => $single_student['student_lname']
);
echo form_input($data);
echo form_label('Male ', 'gender');
$data = array(
'id' => 'radio',
'name' => 'gender',
'checked' => 'checked',
'value' => $single_student['student_gender']
);
echo form_radio($data);
echo form_label('Female ', 'gender');
$data = array(
'id' => 'radio',
'name' => 'gender',
'value' => $single_student['student_gender']
);
echo form_radio($data);
echo "<br />";
echo form_label('Course', 'course');
$data = array(
'id' => 'input',
'name' => 'course',
'placeholder' => 'Enter Student Course',
'value' => $single_student['student_course']
);
echo form_input($data);
echo form_label('Company', 'company');
$data = array(
'id' => 'input',
'name' => 'company',
'placeholder' => 'Enter Company Name',
'value' => $single_student['student_company']
);
echo form_input($data);
$data = array(
'id' => 'update',
'name' => 'update',
'value' => 'Update'
);
echo form_submit($data);
echo form_close(); ?>
My View ( list of data )
<?php foreach ($results as $row) { ?>
<tr>
<td><?php echo $row->student_fname . " " . $row- >student_lname; ?></td>
<td><?php echo $row->student_course; ?></td>
<td><?php echo $row->student_company; ?></td>
<td>delete
update
</td>
</tr>
<?php } ?>
And this error occurs
error message
A PHP Error was encountered
Severity: Warning
Message: Invalid argument supplied for foreach()
Filename: views/view_student_list.php
Line Number: 27
Can anyone help me solve this problem?
Please check if any value is present in your variable $results This error comes only when there is no value in the variable with foreach loop.
To avoid these situations always use :
<?php if($results && !empty($results)){ foreach ($results as $row) { ?>
<tr>
<td><?php echo $row->student_fname . " " . $row- >student_lname; ?></td>
<td><?php echo $row->student_course; ?></td>
<td><?php echo $row->student_company; ?></td>
<td>delete
update
</td>
</tr>
<?php } } ?>
Also your result variable will not contain any data to loop since your method update_students does not returns anything.
The main reason you are not getting any results back from your update method is because you are not returning anything.
Secondly, I would change your get_student_id() method as it doesn't quite fit with MVC principals. It works for this particular task, however, you should really be getting the uri value in the controller and then passing it through to your model:
Controller method:
public function show_student($id)
{
$data['single_student'] = $this->student_view_model->get_student_id($id);
$this->load->view('view_student_update', $data);
}
Assuming that "show_student" would be the 2nd uri segment you can do the above.
Model method:
public function get_student_id($id)
{
$query = $this->db->get_where('tbl_student', array('student_id' => $id));
return $query->row_array();
}
This way you can get the row for the student without depending on the student_id always being the 3rd uri segment.
So, with you're results method, you could:
Controller Meothod
public function update_student()
{
$data = array(
'student_fname' => $this->input->post('first'),
'student_lname' => $this->input->post('last'),
'student_gender' => $this->input->post('gender'),
'student_course' => $this->input->post('course'),
'student_company' => $this->input->post('company')
);
$data['results'] = $this->student_view_model->update_student($this->input->post('hid'), $data);
$this->load->view('view_student_list', $data);
}
Model Method:
public function update_student($id, $data)
{
$this->db->where('student_id', $id);
$this->db->update('tbl_student', $data);
return $this->get_student_id($id);
}
Again, with models you should always pass data to them (for quite a few reasons)!
Lastly, I would also think about change the name of get_student_id() to something like get_student_by_id or get_student as get_student_id() suggests t me that you are just going to be getting the id. Also, you really should look at using the Form Validation in codeigniter as your code is very, Very vulnerable at the minute.
Hope this helps!
I got trouble inputing the radio button value to database, when i choose "submit" it won't add into database. This is the form view:
<?php
$form = array(
'no pengujian' => array(
'name' => 'NO_PENGUJIAN',
'size' => '30',
'class' => 'form_field',
'value' => set_value('NO_PENGUJIAN', isset($form_value['NO_PENGUJIAN']))),
'id kendaraan' => array(
'name' => 'ID_KENDARAAN',
'size' => '30',
'class' => 'form_field',
'value' => set_value('ID_KENDARAAN', isset($form_value['ID_KENDARAAN']))),
'no kendaraan' => array(
'name' => 'NO_KENDARAAN',
'size' => '30',
'class' => 'form_field',
'value' => set_value('NO_KENDARAAN', isset($form_value['NO_KENDARAAN']))),
'lampu' => array(
'name' => 'LAMPU',
'size' => '30',
'class' => 'radio',
'value' => set_value('LAMPU', isset($_POST['LAMPU']))),
'submit' => array(
'name' => 'submit',
'id' => 'submit',
'value' => 'Simpan'
)
);
?>
<h2><?php echo $breadcrumb ?></h2>
<!-- pesan start -->
<?php if (! empty($pesan)) : ?>
<div class="pesan">
<?php echo $pesan; ?>
</div>
<?php endif ?>
<!-- pesan end -->
<!-- form start -->
<?php echo form_open($form_action); ?>
<p>
<?php echo form_label('No Pengujian', 'NO_PENGUJIAN'); ?>
<?php echo form_input($form['no pengujian']); ?>
</p>
<?php echo form_error('NO_PENGUJIAN', '<p class = "field_error">', '</p>');?>
<p>
<?php echo form_label('Id Kendaraan', 'ID_KENDARAAN'); ?>
<?php echo form_input($form['id kendaraan']); ?>
</p>
<?php echo form_error('ID_KENDARAAN', '<p class="field_error">', '</p>'); ?>
<p>
<?php echo form_label('No Kendaraan', 'NO_KENDARAAN'); ?>
<?php echo form_input($form['no kendaraan']); ?>
</p>
<?php echo form_error('NO_KENDARAAN', '<p class="field_error">', '</p>'); ?>
<p>
<?php echo form_label('Lampu', 'LAMPU'); ?>
<input type ="radio" name = "lulus" value="Lulus"/> Lulus
<input type ="radio" name = "lulus" value= "Gagal"/> Gagal
</p>
<p>
<?php echo form_submit($form['submit']); ?>
<?php echo anchor('pengujian', 'Batal', array('class' => 'cancel')) ?>
</p>
<?php echo form_close(); ?>
This is the controller (tambah is "insert" function to database)
<?php if (!defined('BASEPATH')) exit ('No direct script access allowed');
class Pengujian extends MY_Controller
{
public $data = array(
'modul' => 'pengujian',
'breadcrumb' => 'Pengujian',
'pesan' => '',
'pagination' => '',
'tabel_data' => '',
'main_view' => 'view_pengujian/pengujian_view',
'form_action' => '',
'form_value' => '',
'option_uji' => '',
);
public function __construct()
{
parent::__construct();
$this->load->model('Pengujian_model', 'pengujian', TRUE);
$this->load->helper('form');
//$this->load->model('Penguji_model', 'penguji', TRUE);
}
public function index($offset = 0)
{
$this->session->unset_userdata('no_pengujian_sekarang', '');
$pengujian = $this->pengujian->cari_semua($offset);
if ($pengujian)
{
$tabel = $this->pengujian->buat_tabel($pengujian);
$this->data['tabel_data'] = $tabel;
$this->data['pagination'] = $this->pengujian->paging(site_url('pengujian/halaman'));
}
else
{
$this->data['pesan'] = 'Tidak ada data pengujian';
}
$this->load->view('template', $this->data);
}
public function tambah()
{
$this->data['breadcrumb'] = 'Pengujian > Tambah';
$this->data['main_view'] = 'view_pengujian/pengujian_form';
$this->data['form_action'] = 'pengujian/tambah';
//$penguji = $this->penguji->cari_semua();
//if($penguji)
//{
// foreach($penguji as $row)
// {
// $this->data['option_pengujian'][$row->id_penguji] = $row->penguji;
//}
//}
//else
//{
$this->data['option_pengujian']['00'] = '-';
// $this->data['pesan'] = 'Data penguji tidak tersedia. Silahkan isi dahulu data penguji.';
// if submit
if($this->input->post('submit'))
{
if($this->pengujian->validasi_tambah())
{
if($this->pengujian->tambah())
{
$this->session->set_flashdata('pesan', ' Proses tambah data berhasil');
redirect('pengujian');
}
else
{
$this->data['pesan'] = 'Proses tambah data gagal';
$this->load->view('template', $this->data);
}
}
else
{
$this->load->view('template', $this->data);
}
}
else
{
$this->load->view('template', $this->data);
}
}
This is the model:
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
class Pengujian_model extends CI_Model
{
public $db_tabel ='pengujian';
public $per_halaman = 100;
public $offset = 0;
public function cari_semua($offset = 0)
{
if (is_null($offset) || empty($offset))
{
$this->offset = 0;
}
else
{
$this->offset = ($offset * $this->per_halaman) - $this->per_halaman;
}
return $this->db->select('NO_PENGUJIAN, ID_KENDARAAN, NO_KENDARAAN, LAMPU, EMISI, REM, WAKTU_UJI')
->from($this->db_tabel)
->limit($this->per_halaman, $this->offset)
->order_by('NO_PENGUJIAN', 'ASC')
->get()
->result();
}
public function buat_tabel($data)
{
$this->load->library('table');
$tmpl = array('row_alt_start' => '<tr class="zebra">');
$this->table->set_template($tmpl);
$this->table->set_heading('No', 'No Pengujian', 'Id Kendaraan', 'No Kendaraan', 'Lampu','Emisi','Rem', 'Waktu Uji', 'Aksi');
$no = 0 + $this->offset;
foreach ($data as $row)
{
$this->table->add_row(
++$no,
$row->NO_PENGUJIAN,
$row->ID_KENDARAAN,
$row->NO_KENDARAAN,
$row->LAMPU,
$row->EMISI,
$row->REM,
$row->WAKTU_UJI,
anchor('pengujian/edit/'.$row->NO_PENGUJIAN,'Edit',array('class' => 'edit')).' '.
anchor('pengujian/hapus/'.$row->NO_PENGUJIAN,'Hapus',array('class' => 'delete','onclick'=>"return confirm('Anda yakin menghapus data ini?')")));
}
$tabel = $this->table->generate();
return $tabel;
}
public function paging($base_url)
{
$this->load->library('pagination');
$config = array(
'base_url' => $base_url,
'total_rows' => $this->hitung_semua(),
'per_page' => $this->per_halaman,
'num_links' => 4,
'use_page_number' => TRUE,
'first link' => '|< First',
'last link' => 'Last >|',
'next link' => 'Next >',
'prev_link' => '< Prev',
);
$this->pagination->initialize($config);
return $this->pagination->create_links();
}
public function hitung_semua()
{
return $this->db->count_all($this->db_tabel);
}
private function load_form_rules_tambah()
{
$form = array(
array(
'field' => 'NO_PENGUJIAN',
'label' => 'no pengujian',
'rules' => 'required'
),
array(
'field' => 'ID_KENDARAAN',
'label' => 'id kendaraan',
'rules' => 'required'
),
array(
'field' => 'NO_KENDARAAN',
'label' => 'no kendaraan',
'rules' => 'required'
),
array(
'field' => 'LAMPU',
'label' => 'lampu',
'rules' => 'required'
),
);
return $form;
}
public function validasi_tambah()
{
$form = $this->load_form_rules_tambah();
$this->form_validation->set_rules($form);
if($this->form_validation->run())
{
return TRUE;
}
else
{
return FALSE;
}
}
public function tambah()
{
$pengujian = array(
'NO_PENGUJIAN' => $this->input->post('NO_PENGUJIAN'),
'ID_KENDARAAN' => $this->input->post('ID_KENDARAAN'),
'NO_KENDARAAN' => $this->input->post('NO_KENDARAAN'),
'LAMPU' => $this->input->post('lampu[]'),
//'EMISI' => $this->input->post('EMISI'),
//'REM' => $this->input->post('REM')
);
$lulus = $_POST["lulus"];
//$statement = "INSERT INTO pengujian VALUES($lulus)"
$this->db->insert($this->db_tabel, $pengujian);
if($this->db->affected_rows() > 0)
{
return TRUE;
}
else
{
return FALSE;
}
}
I got no trouble in the formfield. The trouble is the radio button "lampu"
The best thing to do, I think, is to check where it's going wrong. I usually do this, in this case, by checking if the value is being passed back to the controller and model. This way you understand better what's going on inside your code. Do something like this:
In the model:
public function tambah()
{
// Check to see if we get a value. If not, do the same in the controller
var_dump($this->input->post('lampu'));
exit;
$pengujian = array(
'NO_PENGUJIAN' => $this->input->post('NO_PENGUJIAN'),
'ID_KENDARAAN' => $this->input->post('ID_KENDARAAN'),
'NO_KENDARAAN' => $this->input->post('NO_KENDARAAN'),
'LAMPU' => $this->input->post('lampu[]'),
//'EMISI' => $this->input->post('EMISI'),
//'REM' => $this->input->post('REM')
);
$lulus = $_POST["lulus"];
//$statement = "INSERT INTO pengujian VALUES($lulus)"
$this->db->insert($this->db_tabel, $pengujian);
if($this->db->affected_rows() > 0)
{
return TRUE;
}
else
{
return FALSE;
}
}
I hope this helps a bit....
I am using Ionauth library in codeigniter and edited edit_user() method in Auth controller to enable individual user updating his/her own user settings. So when a logged in user goes to : siteurl/auth/edit_user it shows the user settings just fine. But when I hit the save button I got an error: "This form post did not pass our security checks". Though the default url (siteurl/auth/edit_user/userID) works fine, For individual non-admin user I want to keep the url without userID at the end.
here is my edit_user() method:
//edit a user
function edit_user($id=NULL)
{
$this->data['title'] = "Edit User";
if (!$this->ion_auth->logged_in() || (!$this->ion_auth->is_admin() && !($this->ion_auth->user()->row()->id == $id) && !($id==NULL )))
//if (!$this->ionauth->logged_in() || !$this->ion_auth->is_admin())
{
redirect('auth', 'refresh');
}
if($id==NULL){
$user = $this->ion_auth->user()->row();
}else{
$user = $this->ion_auth->user($id)->row();
}
$groups=$this->ion_auth->groups()->result_array();
$currentGroups = $this->ion_auth->get_users_groups($id)->result();
//process the phone number
/**if (isset($user->phone) && !empty($user->phone))
{
$user->phone = explode('-', $user->phone);
} **/
//validate form input
$this->form_validation->set_rules('first_name', $this->lang->line('edit_user_validation_fname_label'), 'required|xss_clean');
$this->form_validation->set_rules('last_name', $this->lang->line('edit_user_validation_lname_label'), 'required|xss_clean');
if(!($this->input->post('email')==$user->email)){
$this->form_validation->set_rules('email', $this->lang->line('edit_user_validation_email_label'), 'required|valid_email|is_unique[users.email]');
}else{
$this->form_validation->set_rules('email', $this->lang->line('edit_user_validation_email_label'), 'required|valid_email');
}
/** $this->form_validation->set_rules('phone2', $this->lang->line('edit_user_validation_phone2_label'), 'required|xss_clean|min_length[3]|max_length[3]');
$this->form_validation->set_rules('phone3', $this->lang->line('edit_user_validation_phone3_label'), 'required|xss_clean|min_length[4]|max_length[4]');
$this->form_validation->set_rules('company', $this->lang->line('edit_user_validation_company_label'), 'required|xss_clean'); **/
$this->form_validation->set_rules('groups', $this->lang->line('edit_user_validation_groups_label'), 'xss_clean');
//$this->form_validation->set_message('is_unique[users.email]','Email already exists or Invalid');
if (isset($_POST) && !empty($_POST))
{
// do we have a valid request?
if ($this->_valid_csrf_nonce() === FALSE || $id != $this->input->post('id'))
{
show_error($this->lang->line('error_csrf'));
}
$data = array(
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'email' => $this->input->post('email'),
/** 'phone' => $this->input->post('phone1') . '-' . $this->input->post('phone2') . '-' . $this->input->post('phone3'), **/
);
//if($this->ion_auth->is_admin()){
//Update the groups user belongs to
$groupData = $this->input->post('groups');
if (isset($groupData) && !empty($groupData)) {
$this->ion_auth->remove_from_group('', $id);
foreach ($groupData as $grp) {
$this->ion_auth->add_to_group($grp, $id);
}
}
//}
//update the password if it was posted
if ($this->input->post('password'))
{
$this->form_validation->set_rules('password', $this->lang->line('edit_user_validation_password_label'), 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[password_confirm]');
$this->form_validation->set_rules('password_confirm', $this->lang->line('edit_user_validation_password_confirm_label'), 'required');
$data['password'] = $this->input->post('password');
}
if ($this->form_validation->run() === TRUE)
{
$this->ion_auth->update($user->id, $data);
//check to see if we are creating the user
//redirect them back to the admin page
$this->session->set_flashdata('message', "User Saved");
redirect("auth", 'refresh');
}
}
//display the edit user form
$this->data['csrf'] = $this->_get_csrf_nonce();
//set the flash data error message if there is one
$this->data['message'] = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')));
//pass the user to the view
$this->data['user'] = $user;
//if($this->ion_auth->is_admin()){
$this->data['groups'] = $groups;
$this->data['currentGroups'] = $currentGroups;
//}
$this->data['first_name'] = array(
'name' => 'first_name',
'id' => 'first_name',
'type' => 'text',
'value' => $this->form_validation->set_value('first_name', $user->first_name),
);
$this->data['last_name'] = array(
'name' => 'last_name',
'id' => 'last_name',
'type' => 'text',
'value' => $this->form_validation->set_value('last_name', $user->last_name),
);
$this->data['email'] = array(
'name' => 'email',
'id' => 'email',
'type' => 'text',
'value' => $this->form_validation->set_value('email', $user->email),
);
/** $this->data['phone1'] = array(
'name' => 'phone1',
'id' => 'phone1',
'type' => 'text',
'value' => $this->form_validation->set_value('phone1', $user->phone[0]),
);
$this->data['phone2'] = array(
'name' => 'phone2',
'id' => 'phone2',
'type' => 'text',
'value' => $this->form_validation->set_value('phone2', $user->phone[1]),
);
$this->data['phone3'] = array(
'name' => 'phone3',
'id' => 'phone3',
'type' => 'text',
'value' => $this->form_validation->set_value('phone3', $user->phone[2]),
); **/
$this->data['password'] = array(
'name' => 'password',
'id' => 'password',
'type' => 'password'
);
$this->data['password_confirm'] = array(
'name' => 'password_confirm',
'id' => 'password_confirm',
'type' => 'password'
);
$this->load->view('header');
$this->_render_page('auth/edit_user', $this->data);
$this->load->view('footer');
}
and this is my view file (edit_user.php):
<h1><?php echo lang('edit_user_heading');?></h1>
<div id="body">
<p><?php echo lang('edit_user_subheading');?></p>
<div id="infoMessage"><?php echo $message;?></div>
<?php echo form_open(uri_string());?>
<p>
<?php echo lang('edit_user_fname_label', 'first_name');?> <br />
<?php echo form_input($first_name);?>
</p>
<p>
<?php echo lang('edit_user_lname_label', 'last_name');?> <br />
<?php echo form_input($last_name);?>
</p>
<p>
<?php echo lang('edit_user_email_label', 'email');?> <br />
<?php echo form_input($email);?>
</p>
<!--
<p>
<?php echo lang('edit_user_phone_label', 'phone');?> <br />
<?php echo form_input($phone1);?>-<?php echo form_input($phone2);?>-<?php echo form_input($phone3);?>
</p>
-->
<p>
<?php echo lang('edit_user_password_label', 'password');?> <br />
<?php echo form_input($password);?>
</p>
<p>
<?php echo lang('edit_user_password_confirm_label', 'password_confirm');?><br />
<?php echo form_input($password_confirm);?>
</p>
<?php //if($this->ion_auth->is_admin()){ ?>
<h3><?php echo lang('edit_user_groups_heading');?></h3>
<?php foreach ($groups as $group):?>
<label class="checkbox">
<?php
$gID=$group['id'];
$checked = null;
$item = null;
foreach($currentGroups as $grp) {
if ($gID == $grp->id) {
$checked= ' checked="checked"';
break;
}
}
?>
<input type="checkbox" name="groups[]" value="<?php echo $group['id'];?>"<?php echo $checked;?>>
<?php echo $group['name'];?>
</label>
<?php endforeach?>
<?php //} ?>
<?php echo form_hidden('id', $user->id);?>
<?php echo form_hidden($csrf); ?>
<p><?php echo form_submit('submit', lang('edit_user_submit_btn'));?></p>
<?php echo form_close();?>
The csrf check is failing.
Try taking out $id = NULL in the method declaration (you don't need it anyway if you're sending the id via POST). Or explicitly set $id = $this->input->post('id'); before doing the csrf check.
In my case I was using relative URLs for the images and css files used in the site. Using base_url() to all the URLs present in the site fixed the problem. No issue now.
I'm trying to use the recaptcha with CodeIgniter. I followed some online instructions and finally I have done with only one step, just to pass the recaptcha to the view, but I can't validate the user input.
Here is my controller:
function download_application()
{
//load the libraries
$this->load->library('form_validation');
$this->load->library('recaptcha');
$this->lang->load('recaptcha');
//common data
$data['title'] = $_POST['application_name'];
$data['header'] = $_POST['application_name'];
$data['sub_header'] = 'تحميل استمارة قبول المشروع';
$data['title'] = $_POST['application_name'];
$data['recaptcha'] = $this->recaptcha->get_html();
//form validation
$this->form_validation->set_error_delimiters('<span class="notification">', '</span>');
$this->form_validation->set_message('required', 'هذا الحقل مطلوب ولا يمكن تجاهله');
$this->form_validation->set_rules('name', 'لابد من ادخال اسمك بالكامل', 'required');
$this->form_validation->set_rules('email', 'لابد من ادخال بريدك الالكترونى', 'required|email');
$this->form_validation->set_rules('country', 'لابد من ادخال بلدك', 'required');
$this->form_validation->set_rules('phone', 'لابد من ادخال رقم تليفونك', 'required');
//form submitted
if($this->input->post('recaptchasubmit')){
if($this->form_validation->run() == FALSE)
{
$this->load->view('header', $data);
$this->load->view('download', $data);
$this->load->view('footer', $data);
}
else
{
$this->load->view('header', $data);
$this->load->view('download', $data);
$this->load->view('footer', $data);
}
}
else{
$this->load->view('header', $data);
$this->load->view('download', $data);
$this->load->view('footer', $data);
}
}
and here is my view
<?php
$form_attributes = array(
'class' => 'form'
);
$btn_download = array(
'type' => 'image',
'src' => base_url().'images/download.gif',
'name' => 'recaptchasubmit',
'width' => '103',
'height' => '33',
'value' => 'تحميل'
);
$name = array(
'type' => 'text',
'name' => 'name',
'id' => 'name',
'value' => set_value('title')
);
$email = array(
'type' => 'text',
'name' => 'email',
'id' => 'email',
'value' => set_value('email')
);
$country = array(
'type' => 'text',
'name' => 'country',
'id' => 'country',
'value' => set_value('country')
);
$phone = array(
'type' => 'text',
'name' => 'phone',
'id' => 'phone',
'value' => set_value('phone')
);
?>
<?php echo form_open($base_url . 'arabia/download_application', $form_attributes); ?>
<fieldset>
<div class="input_container">
<label class="required">الاسم بالكامل</label>
<div class="input"><?php echo form_input($name); ?></div>
<?php echo form_error('name'); ?>
</div>
<div class="input_container">
<label class="required">البريد الالكترونى</label>
<div class="input"><?php echo form_input($email); ?></div>
<?php echo form_error('email'); ?>
</div>
<div class="input_container">
<label class="required">البلد</label>
<div class="input"><?php echo form_input($country); ?></div>
<?php echo form_error('country'); ?>
</div>
<div class="input_container">
<label class="required">التليفون</label>
<div class="input"><?php echo form_input($phone); ?></div>
<?php echo form_error('phone'); ?>
</div>
<?php echo $recaptcha; ?>
<?php echo form_error('recaptcha_response_field'); ?>
<?php echo form_hidden('application_name', $title); ?>
<?php echo form_hidden('generated_id', $title); ?>
</fieldset>
<span class="download"><?php echo form_submit($btn_download);?></span>
<?php echo form_close();?>
What do you mean you can't validate the user input? What is happening when you submit the form? Where are you redirected? What do you see?
The only thing I can see from your question thus far is that you are passing
$data['recaptcha'] = $this->recaptcha->get_html();
regardless if validation passes or not - so you'll see the recaptcha letters/numbers box either way. You need to overwrite that if validation passes to something like:
$data['recaptcha'] = "validation passed";