Trying to put together a simple login authentication. Been at this for quite sometime, and I can't find where I'm going wrong. Pretty new to Codeigniter and OOP PHP. I know there are authentication libraries out there, but I'm not interested in using those.
Model:
function login($username, $password){
if ($this->db->table_exists($username)){
$this->db->where('username', $username);
$this->db->where('password', $password);
$query = $this->db->get($username);
if($query->num_rows >= 1)
{
return true;
$data = array(
'username' => $this->input->post('username'),
'login' => true
);
$this->session->set_userdata($data);
}
}
}
Controller
function __construct(){
parent::__construct();
$this->logincheck();
}
public function logincheck(){
if ($this->session->userdata('login')){
redirect('/members');
}
}
If I just echo from the controller: $this->session->all_userdata(); I get an empty array. So the problem seems to be that the $data array in the model isn't being stored in the session.
This code is part of your problem. You're asking the database driver if a table with the same name as the username exists, and also trying to get the username and password from the same table.
if ($this->db->table_exists($username)){
$this->db->where('username', $username);
$this->db->where('password', $password);
$query = $this->db->get($username);
Change the $username in $this->db->table_exists($username); and $this->db->get($username); to whatever table your users are in.
I am guessing your login function is the issue:
if ($this->db->table_exists($username)){
This just doesn't look right... If your user name was admin, there there would need to be an admin table, etc... I am posting a quick example I recently wrote that seems to get the job done:
public function doLogin(){
$this->db->select('user_pass,user_id');
$query = $this->db->get_where('users', array('user_name' => $this->input->post('login')));
if($query->num_rows<1 || $query->row('user_pass')!=md5($this->input->post('password')))
return false;
$this->session->set_userdata(array('loggedin'=>true,'user_id'=>$query->row('user_id')));
return true;
}
Related
I have successfully created a registration and login system.
I have used useremail and password in the login form and I want to display the username and other properties related to that logged in user.
What are the simplest and best practices to get the userid after a login in codeigniter?
As good coder create session at login time and use session at website wide.
public function login($username, $password) {
$user = $this->db
->select("username, name, phone")
->where(
[
'username' => $username,
'password' => md5($password)
]
)
->get("table_name")
->row();
if ($user) {
$logindata = [
'userid' => $user->username,
'name' => $user->name,
'phone' => $user->phone
];
$this->session
->set_userdata($logindata);
return true;
}
else {
return false;
}
}
Then after you can use anywhere in website
echo $this->session->userid;
I hope it will help you in general way.
Best practice would be that when you check the login details in your model after success you should create a session saving userid of that user and use that anywhere in your application for fetching respective data against that user. Take a look at following psuedo code for login user.
public function userAuthentication($username,$pass)
{
$this->db->select('id');
$this->db->where('username',$username);
$this->db->where('password',md5($pass));
$result = $this->db->get('users')->result();
if(!empty($result)){
$this->session->set_userdata('userlogged_in', $result[0]->id);
return true;
}else{
return false;
}
}
You can place this function in your model and apply it in your controller. I hope this helps.
You may create a session and set user id after successful login.
I'm new to codeigniter and php, few days only, so I need a little help.
I'm trying to put some data in my cookie from table so I can check where to redirect user after login. In table users there are two columns named Admin and Company with one or zero if user is or not, and then i wish to insert that information to cookie.
function conformation in user_controler is:
function conformation(){
$this->load->model('user');
$q = $this->user->confr();
if($q){
$data = array(
'username' => $this->input->post('username'),
'Admin' => $this->input->post($a = $this->user->getAdmin), // get 1/0 from users column Admin
'Company' => $this->input->post($c = $this->user->getComp),
'login' => true
);
if( $a == 1 ){ //is admin redirect to admin view
$this->session->set_userdata($data);
redirect('user_controler/useradm');
}
if($c == 1){ //if company redirect to company view
$this->session->set_userdata($data);
redirect('user_controler/usercomp');
}
$this->session->set_userdata($data);// if common user redirect to user view
redirect('user_controler/userpro');
}
else{ // if nothing above redirect to login page
redirect('user_controler/log');
}
}
And in user model:
function getAdmin{
$this->db->where('Admin', 1);
$a = $this->db->get('users');
}
function getComp{
$this->db->where('Company', 1);
$a = $this->db->get('users');
}
function conf(){
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', $this->input->post('password'));
$q = $this->db->get('users');
if($q->num_rows == 1 ){
return TRUE;
}
}
Also have site controller for checking login
class Site extends CI_Controller{
function __construct() {
parent::__construct();
$this->login();
}
function login(){
$login = $this->session->userdata('login');
if(!isset($login) || login != TRUE){
$this->log;
die();
}
}
}
Of course it's not working because i should probably check these column some other way but I don't know how. I Also have enabled table ci_session and it's work perfectly without Admin and Company.
Hello and welcome to Stackoverflow.
Here are my updates to the code (I have annotated my changes):
function conformation(){
$this->load->model('user');
if($this->user->confr()){ //$q wasn't needed, as you are only using this twice
$user = $this->input->post('username'); //I have added this as I will be referring to it a couple of times.
$data = array(
'username' => $user,
'Admin' => $this->user->getAdmin($user), // Your method was questioning the original form looking for data that it would never find - This will question your model.
'Company' => $this->user->getComp($user), //Same as above
'login' => true
);
$this->session->set_userdata($data); //It doesn't matter who the user is, we shall set the data to start with.
if($this->user->getAdmin($user)){ //is admin redirect to admin view
redirect('user_controler/useradm');
}
elseif($this->user->getComp($user)){ //if company redirect to company view
redirect('user_controler/usercomp');
}
else { //Redirect non-privileged users.
redirect('user_controler/userpro');
}
}
else{ // if nothing above redirect to login page
redirect('user_controler/log');
}
}
Users Model:
function getAdmin($user){
$this->db->where('username', $user); //Before you was just returning everyone who is an admin This instead finds the user
$a = $this->db->get('users');
foreach($a as $u) {
if($u["Admin"]==1) { return true; } //This finds if the user is a admin or not, and the function will now return a value (true)
}
}
function getComp($user) {
$this->db->where('username', $user);
$a = $this->db->get('users');
foreach($a as $u) {
if($u["Company"]==1) { return true; }
}
} //Edited similar to the function above
function conf(){
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', $this->input->post('password'));
$q = $this->db->get('users');
if($q->num_rows == 1 ){
return TRUE;
}
}
Lastly your login function:
function login(){
$login = $this->session->userdata('login');
if(!isset($login) || $login != TRUE){ //You weren't referring to your $login variable
$this->log;
die();
}
}
Hopefully this helps with your problems, let me know if you need any amendments.
I am writting my first CodeIgniter script and I can't get the following model to load, if anyone could maybe help me?
Here is my controller file:
public function process(){
// Load the model
$this->load->model('users/login', 'users');
// Validate the user can login
$result = $this->users->validate();
// Now we verify the result
if(!$result){
// If user did not validate, then show them login page again
$this->index();
}else{
// If user did validate,
// Send them to members area
redirect('home');
}
}
And here is my model
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login_Model extends CI_Model{
function __construct()
{
// Call the Model constructor
parent::__construct();
}
public function validate(){
// grab user input
$username = $this->security->xss_clean($this->input->post('username'));
$password = $this->security->xss_clean($this->input->post('password'));
// Prep the query
$this->db->where('username', $username);
$this->db->where('password', $password);
// Run the query
$query = $this->db->get('users');
// Let's check if there are any results
if($query->num_rows == 1)
{
// If there is a user, then create session data
$row = $query->row();
$data = array(
'userid' => $row->userid,
'fname' => $row->fname,
'lname' => $row->lname,
'username' => $row->username,
'validated' => true
);
$this->session->set_userdata($data);
return true;
}
// If the previous process did not validate
// then return false.
return false;
}
}
?>
I can confirm the the process function is loading however any code that goes underneath the $results = $result = $this->users->validate(); doesn't appear. The model is also loading, it is as soon as I try call a function, the script kills itself.
Sorry if this question is a little bland.
Thanks
Peter
It all came down to my code. Your models class name must be equal to the name of the model file.
So in this case, I should have named my file login_model.php and then the class itself must be called Login_model (the first character must be uppercase, all other characters must be lowercase). When calling the model in the controller it must all be lower case like:
$this->load->model('login_model');
Hope this is help to anyone in the future, thanks to all for the efforts and comments :)
You try capitalize the name of your file?
user_model.php to User_model.php?
I am at the tail end of signing in a created user to an account. I've commented out my flow and everything seems to make since, however I am missing a step or two because now the post data password is not being hashed.
CONTROLLER:
function validate_credentials()
{
// WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY
$this->load->model('user_model', 'um');
$login = $this->input->post('submit');
$salt = $this->_salt();
$this->load->library('encrypt');
//IF THE SUBMIT BUTTON IS TRIGGERED THE POST DATA IS SENT TO THE VALIDATE FUNCTION IN THE MODEL VIA VARIABLES CREATED
if($login)
{
$data = array(
'email' => $this->input->post('email'),
'password' => $this->encrypt->sha1($user->salt. $this->encrypt->sha1($this->input->post('password')))
);
$user = $this->um->validate($data);
}
// IF ITS A REAL USER OPEN THE GATE AND LET THEM IN
if($user)
{
$this->session->set_userdata($data);
redirect('account/dashboard');
}
else
{
$this->index();
}
}
MODEL:
function validate($data)
{
$this->output->enable_profiler(TRUE);
// TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB
$query = $this->db->where($data)->get('users', 1);
if($query->row())
{
return $query->row();
}
}
thanks in advance
$user->salt should just be $salt.
I try to do login page with session but face a problem.
First i created a model called giris. the model giris has a function girisKontrol
function girisKontrol($username, $password) {
$sha1_password = sha1($password);
$query = "SELECT id FROM pasaj_register WHERE username = '".$username."' and password = '".$sha1_password."'";
$result = $this->db->query($query, array($username, $sha1_password));
if ($result->num_rows() == 1)
return $result->row(0)->id;
else
return false;
}
and in a controller called giris
wrote below code,
public function main_page() {
$username = $this->input->post('username');
$password = $this->input->post('password');
$userID = $this->giris->girisKontrol($username,$password);
if (!$userID) {
$this->session->set_flashdata('login error', TRUE);
redirect('giris/giris');
} else {
$this->session->set_userdata(array(
'logged_in' => TRUE,
'userID' => $userID));
redirect('welcome_message');
}
}
however when form is processed. i take below error,
What's the reason ?
You probably haven't loaded the giris model.
Put something like this inside the constructor of the controller or at the top of the function call of the controller to load the model.
$this->load->model('giris');
You probably forgot to load your model:
Invoke
$this->load->model('giris');
prior to
$userID = $this->giris->girisKontrol($username,$password);
the problem is that your class and your model has the same name...change your class to something like girisVO, report back