php - Validate not checking username & password CI -

-

i working on own form validation method codeigniter. trying not use there methods.

problem: have users library logging me on ok. validate not validating password , username database.

and should throw $error

i use own way if possible.

controller

<?php if ( ! defined('basepath')) exit('no direct script access allowed');  class login extends ci_controller {       private $error = array();      public function __construct(){         parent::__construct();             $this->load->library('users');             $this->load->library('form_validation');             $this->lang->load('common/login', 'english');     }        public function index() {             if(($this->input->server('request_method') == 'post') && $this->validate()) {                   redirect('dashboard');             }              if (array_key_exists('warning', $this->error)) {                   $data['error_warning'] = $this->error['warning'];             } else {                   $data['error_warning'] = '';             }              if (array_key_exists('session', $this->error)) {                   $data['success'] = $this->session->userdata('success');                    $this->session->unset_userdata('success');             } else {                 $data['success'] = '';             }              if (array_key_exists('username', $this->error)) {                   $data['error_username'] = $this->error['username'];             } else {                 $data['error_username'] = '';             }              if (array_key_exists('password', $this->error)) {                 $data['error_password'] = $this->error['password'];             } else {                 $data['error_password'] = '';             }               $data['action'] = site_url('login');              if (null !==($this->input->post('username'))) {                   $data['username'] = $this->input->post('username');             } else {                   $data['username'] = '';             }              if (null !==($this->input->post('password'))) {                   $data['password'] = $this->input->post('password');             } else {                 $data['password'] = '';             }              $this->load->view('template/common/login', $data);       }        protected function validate() {             if (null !== ($this->input->post('username')) && null !==($this->input->post('password')) && $this->users->login($this->input->post('username'), $this->input->post('password'))) {                     $this->error['warning'] = $this->lang->line('error_login');             }             return !$this->error;       } }

library users 

<?php if ( ! defined('basepath')) exit('no direct script access allowed');  class users {       private $user_id;       private $username;       private $permission = array();        public function __construct() {             $this->ci =& get_instance();             $this->ci->load->database();             $this->ci->load->library('session');              if($this->ci->session->userdata('user_id')) {                   $user_query = $this->ci->db->query("                     select * " . $this->ci->db->dbprefix ."user                      user_id = ". (int)$this->ci->session->userdata('user_id') ." , status = '1'               ");                    if($user_query->num_rows() > 0) {                    $this->user_id = $user_query->row('user_id');                   $this->username = $user_query->row('username');                         $this->user_id = $user_query->row('user_id');                    $data = array(                         'user_id' => $this->user_id,                         'username' => $this->username                   );                    $this->ci->session->set_userdata($data);                    $this->ci->db->query("update " . $this->ci->db->dbprefix . "user set ip = '" . $this->ci->input->ip_address() . "' user_id = '" . (int)$this->ci->session->userdata('user_id') . "'");                    } else {                         $this->logout();                   }             }       }        public function login($username, $password) {             $user_query = $this->ci->db->query("               select * ". $this->ci->db->dbprefix . "user                username = ". $this->ci->db->escape($username) ."                , (password = sha1(concat(salt, sha1(concat(salt, sha1(" . $this->ci->db->escape($password) . ")))))                or password = ". $this->ci->db->escape(md5($password)) .")                , status = '1'         ");              if($user_query->num_rows() > 0) {                    $this->user_id = $user_query->row('user_id');                   $this->username = $user_query->row('username');                    $data = array(                         'user_id' => $this->user_id,                         'username' => $this->username                   );                    $this->ci->session->set_userdata($data);                    return true;             } else {                   return false;             }       }        public function logout() {           $this->ci->session->unset_userdata('user_id');           $this->ci->session->unset_userdata('username');       }        public function islogged() {             return $this->user_id;       } }

in library, try changing this;

if($user_query->num_rows)

to this;

if($user_query->num_rows() > 0)

edit

this login function, use auth system developed. use same hash function hash passwords, makes life easier

public function login($username, $password) {       $password = $this->_hash_password($password);        $query = $this->db->get_where('users', array('username' => $username, 'password' => $password, 'status' => '1'));       if ( $query->num_rows() > 0 )       {                 // found match       }       else       {                 // no match found       }  }   // hash password, using encryption key function _hash_password($password) {       return hash("haval256,5", $this->config->item('encryption_key') . $password); }

Comments

Post a Comment

Popular posts from this blog

google api - Incomplete response from Gmail API threads.list -

-
i plot number of emails in inbox on time using gmail api , i'm seeing lot of drop-outs, whatever reason i'm getting incomplete count of messages @ single time points. my plots here: https://plot.ly/~tdsmith/2 -- "drop-outs" i'm complaining trace shoots downwards , recovers previous level @ next timepoint. the code i'm using count emails here: https://github.com/tdsmith/gmail-plotly/blob/master/gmail-plotly.py#l47-l64 what can diagnose these faults?
Read more

Installing Android SQLite Asset Helper -

-
i need use ready made database. search solution on internet did not work until decided use mentioned library found here . however, found hard use library in installation procedures shallow beginners. i appreciate step step procedure on how use android studio. in struggle tried copying sources main/libs , adding line gradle did not work. use api 19 if helps. update here build.gradle // top-level build file can add configuration options common sub-projects/modules. buildscript { repositories { mavencentral() } dependencies { classpath 'com.android.tools.build:gradle:0.11.+' compile 'com.readystatesoftware.sqliteasset:sqliteassethelper:+' // note: not place application dependencies here; belong // in individual module build.gradle files } } allprojects { repositories { mavencentral() } } trying compile project error error:(9, 0) no signature of method: org.gradle.api.internal.artifacts
Read more

Qt Creator - Searching files with Locator including folder -

-
one quick question qtcreator : know possible use locator open files using "ctrl-k" shortcut. however, possible search files including locations? for example, let's want locate file named "main.cpp" in folder named "myfolder" , have lots of other main.cpp files. what should type locator in order open ? just type myfolder/main.cpp in locator
Read more