RalphLeMouf

Hey guys! I know I've asked a couple of different questions in this matter, but this is getting to the point of sheer frustration. I've gathered many resources to check against my logic and syntax - mainly the code igniter user guide and tips and suggestions I've gathered on this forum. I have restructured to where it makes the most logical sense to me, and for some reason the validation errors for my login are still acting screwy. Here is what I have with comments on my logic: I'm still getting white pages with some combinations. Everyone has said because there are extra "elses" that I am leaving blank, however I am confused on what to put there because I feel like my bases of all the criteria are already covered. What am I missing? function validate_credentials_login() { // LOAD THE SESSION LIBRARY $this->load->library('session'); // LOAD THE URL AND FORM HELPERS $this->load->helper(array('form','url')); // LOAD THE RELEVENT MODEL AND SET A NAME FOR IT $this->load->model('user_model', 'um'); // LOAD ENCRYTPION LIBRARY IN ORDER TO ENCRYPT PASSWORDS PROPERLY $this->load->library('encrypt'); // LOAD THE FORM VALIDATION LIBARARY TO MAKE USE OF ERROR HANDLING $this->load->library('form_validation'); // SET RULES FOR MY EMAIL FIELD $this->form_validation->set_rules('email_login', 'Email', 'trim|required'); // SET RULES FOR MY PASSWORD FIELD $this->form_validation->set_rules('password_login', 'Password', 'trim|required'); // MAKE A VARIABLE FOR MY SUBMIT BUTTON $login = $this->input->post('submit_login'); // IF THE SUBMIT BUTTON IS SET if($login) { // MAKE THIS VARIABLE THAT CHECKS THE EMAIL FEILD INSERTED VIA POST AGAINST THE ONE STORED IN MY DATABASE $user = $this->um->validate_home_login(array('email' => $this->input->post('email_login'))); // IF THIS USER EXISTS AND THERE ARE NO ERRORS SET OFF BY THE FORM VALIDATION CHECK if($user && $this->form_validation->run()) { // DO THIS STUFF AKA IF THE USERS PASSWORD IS THE SAME AS THE ONE INSERTED VIA POST AND THE USERS EMAIL IS THE SAME INSERTED VIA POST EVERYTHING IS GOOD AND YOU CAN LOG THEM IN AND START A SESSION if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password_login'))) && $user->email == $this->input->post('email_login')) { $this->session->set_userdata(array( 'email' => $this->input->post('email_login') )); redirect('account/edit'); } $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } // IF ANYTHING IS OFF OR DOESN'T MATCH ( SUPOSEDELY ) RUN THE FORM VALIDATION AS FALSE AND RELAOD THE PAGE WITH ERRORS elseif($this->form_validation->run() == FALSE) { $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } } } function create_member() { $this->load->library('form_validation'); $this->form_validation->set_rules('first_name', 'First Name', 'trim|required'); $this->form_validation->set_rules('last_name', 'Last Name', 'trim|required'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email'); $this->form_validation->set_rules('password', 'Password', 'trim|required'); $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]'); if($this->form_validation->run() == FALSE) { $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } else { $this->load->model('user_model'); if($query = $this->user_model->create_member()) { $this->load->model('user_model'); $this->varification_email(); $data['main_content'] = 'account/welcome'; $this->load->view('includes/templates/main_page_template', $data); } else { $this->load->view('home/home_page'); } } } <?php echo form_open('auth/validate_credentials_login'); echo "<span class='errors_login'>"; echo form_error('email_login'); echo "</span>"; echo form_label('', 'Email', 'email_login'); $data = array( 'name' => 'email_login', 'class' => 'input', 'placeholder' => 'Email'); echo form_input($data, set_value('email_login')); echo "<span class='errors_login'>"; echo form_error('password_login'); echo "</span>"; echo form_label('', 'Password;', 'password_login'); $data = array( 'name' => 'password_login', 'class' => 'input', 'placeholder' => 'Password'); echo form_password($data, set_value('sha1(password_login)')); echo form_submit('submit_login', 'Login'); echo form_close(); ?> function validate_home_login($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } }

SCREWY from validation functionality still not "screw" lol

Hey guys! I know I've asked a couple of different questions in this matter, but this is getting to the point of sheer frustration. I've gathered many resources to check against my logic and syntax - mainly the code igniter user guide and tips and suggestions I've gathered on this forum. I have restructured to where it makes the most logical sense to me, and for some reason the validation errors for my login are still acting screwy. Here is what I have with comments on my logic: I'm still getting white pages with some combinations. Everyone has said because there are extra "elses" that I am leaving blank, however I am confused on what to put there because I feel like my bases of all the criteria are already covered. What am I missing? function validate_credentials_login() { // LOAD THE SESSION LIBRARY $this->load->library('session'); // LOAD THE URL AND FORM HELPERS $this->load->helper(array('form','url')); // LOAD THE RELEVENT MODEL AND SET A NAME FOR IT $this->load->model('user_model', 'um'); // LOAD ENCRYTPION LIBRARY IN ORDER TO ENCRYPT PASSWORDS PROPERLY $this->load->library('encrypt'); // LOAD THE FORM VALIDATION LIBARARY TO MAKE USE OF ERROR HANDLING $this->load->library('form_validation'); // SET RULES FOR MY EMAIL FIELD $this->form_validation->set_rules('email_login', 'Email', 'trim|required'); // SET RULES FOR MY PASSWORD FIELD $this->form_validation->set_rules('password_login', 'Password', 'trim|required'); // MAKE A VARIABLE FOR MY SUBMIT BUTTON $login = $this->input->post('submit_login'); // IF THE SUBMIT BUTTON IS SET if($login) { // MAKE THIS VARIABLE THAT CHECKS THE EMAIL FEILD INSERTED VIA POST AGAINST THE ONE STORED IN MY DATABASE $user = $this->um->validate_home_login(array('email' => $this->input->post('email_login'))); // IF THIS USER EXISTS AND THERE ARE NO ERRORS SET OFF BY THE FORM VALIDATION CHECK if($user && $this->form_validation->run()) { // DO THIS STUFF AKA IF THE USERS PASSWORD IS THE SAME AS THE ONE INSERTED VIA POST AND THE USERS EMAIL IS THE SAME INSERTED VIA POST EVERYTHING IS GOOD AND YOU CAN LOG THEM IN AND START A SESSION if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password_login'))) && $user->email == $this->input->post('email_login')) { $this->session->set_userdata(array( 'email' => $this->input->post('email_login') )); redirect('account/edit'); } $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } // IF ANYTHING IS OFF OR DOESN'T MATCH ( SUPOSEDELY ) RUN THE FORM VALIDATION AS FALSE AND RELAOD THE PAGE WITH ERRORS elseif($this->form_validation->run() == FALSE) { $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } } } function create_member() { $this->load->library('form_validation'); $this->form_validation->set_rules('first_name', 'First Name', 'trim|required'); $this->form_validation->set_rules('last_name', 'Last Name', 'trim|required'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email'); $this->form_validation->set_rules('password', 'Password', 'trim|required'); $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]'); if($this->form_validation->run() == FALSE) { $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } else { $this->load->model('user_model'); if($query = $this->user_model->create_member()) { $this->load->model('user_model'); $this->varification_email(); $data['main_content'] = 'account/welcome'; $this->load->view('includes/templates/main_page_template', $data); } else { $this->load->view('home/home_page'); } } } I will paypal $10 to the person that helps me get this in order to purchase their 6 pack of choice! I just want to get this figured out and move on and am stumped. <?php echo form_open('auth/validate_credentials_login'); echo "<span class='errors_login'>"; echo form_error('email_login'); echo "</span>"; echo form_label('', 'Email', 'email_login'); $data = array( 'name' => 'email_login', 'class' => 'input', 'placeholder' => 'Email'); echo form_input($data, set_value('email_login')); echo "<span class='errors_login'>"; echo form_error('password_login'); echo "</span>"; echo form_label('', 'Password;', 'password_login'); $data = array( 'name' => 'password_login', 'class' => 'input', 'placeholder' => 'Password'); echo form_password($data, set_value('sha1(password_login)')); echo form_submit('submit_login', 'Login'); echo form_close(); ?> function validate_home_login($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } }

yes I am using the native CI form_error() So I'm going to take a wild guess and say that I should create an if statement in my controller? If that is the case ( which I'm almost certain it is ) what would the argument be? moreover what should I compare it to?

I'm afraid I've tried that already. I've even tried implementing that on the controller as well, but the problem is that it can't connect to the correct fields unless I were to create new fields just for that for, which I would prefer not to do.

I have a login in form and a create member form on ONE view on my site in code igniter. The problem is that when I submit the form with an error ( press submit with empty fields for the password and email on the LOGIN form, it triggers the email and password fields in the create member form and vice versa. I have given them different submit button names and still can't get them to separate. I have tried renaming fields,however I am confused on which values to rename as I have to submit specific values to my database. Here is create member form and controller: <?php echo form_open('auth/create_member'); echo form_label('', 'email', array('type'=>'text')); $data = array( 'name' => 'first_name', 'class' => 'input', 'placeholder' => 'First Name' ); echo form_input($data, set_value('first_name')); echo "<span class='errors'>"; echo form_error('first_name'); echo "</span>"; echo form_label('', 'last_name', array('type'=>'text')); $data = array( 'name' => 'last_name', 'class' => 'input', 'placeholder' => 'Last Name' ); echo form_input($data, set_value('last_name')); echo "<span class='errors'>"; echo form_error('last_name'); echo "</span>"; echo form_label('', 'email', array('type'=>'text')); $data = array( 'name' => 'email', 'class' => 'input', 'placeholder' => 'Email' ); echo form_input($data, set_value('email')); echo "<span class='errors'>"; echo form_error('email'); echo "</span>"; echo form_label('', 'password', array('type'=>'password')); $data = array( 'name' => 'password', 'class' => 'password', 'size' => 30, 'placeholder' => 'Password' ); echo form_password($data, set_value('sha1(password)')); echo "<span class='errors'>"; echo form_error('password'); echo "</span"; echo form_label('', 'password2', array('type'=>'password')); $data = array( 'name' => 'password2', 'class' => 'input', 'size' => 30, 'placeholder' => 'Confirm Password' ); echo form_password($data, set_value('sha1(password2)')); echo "<span class='errors'>"; echo form_error('password2'); echo "</span>"; echo form_submit('submit', 'Submit'); echo form_close(); ?> function create_member() { $this->load->library('form_validation'); $this->form_validation->set_rules('first_name', 'First Name', 'trim|required'); $this->form_validation->set_rules('last_name', 'Last Name', 'trim|required'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email|is_unique[users.email]'); $this->form_validation->set_rules('password', 'Password', 'trim|required'); $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]'); if($this->form_validation->run() == FALSE) { $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } else { $this->load->model('user_model'); if($query = $this->user_model->create_member()) { $this->load->model('user_model'); $this->varification_email(); $data['main_content'] = 'account/welcome'; $this->load->view('includes/templates/main_page_template', $data); } else { $this->load->view('home/home_page'); } } } and here is the login form and controller: <?php echo form_open('auth/validate_credentials_login'); echo "<span class='errors_login'>"; echo form_error('email'); echo "</span>"; echo form_label('', 'email', array('type'=>'text')); $data = array( 'name' => 'email', 'class' => 'input', 'placeholder' => 'Email'); echo form_input($data, set_value('email')); echo "<span class='errors_login'>"; echo form_error('password'); echo "</span>"; echo form_label('', 'password', array('type'=>'password')); $data = array( 'name' => 'password', 'class' => 'input', 'placeholder' => 'Password'); echo form_password($data, set_value('sha1(password)')); echo form_submit('submit_login', 'Login'); echo form_close(); ?> function validate_credentials_login() { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $this->load->library('encrypt'); $this->load->helper('url'); $this->load->library('form_validation'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email'); $this->form_validation->set_rules('password', 'Password', 'trim|required'); $this->load->library('session'); $this->load->model('user_model', 'um'); $login = $this->input->post('submit_login'); if($login) { $user = $this->um->validate_home_login(array('email' => $this->input->post('email'))); if( $user ) { // CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) { $this->session->set_userdata(array( 'email' => $this->input->post('email') )); redirect('account/dashboard'); exit; } } }

thank you for putting me in the right direction. I got it to work! This is what I have to make sure I'm doing it in the most optimized manner: $this->load->library('form_validation'); $this->form_validation->set_rules('first_name', 'First Name', 'trim|required'); $this->form_validation->set_rules('last_name', 'Last Name', 'trim|required'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email|is_unique[users.email]'); $this->form_validation->set_rules('password', 'Password', 'trim|required'); $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]');

I guess I don't understand what your suggesting as I tried $rule = sha1('password', 'trim|required|max_length[32]'); $this->form_validation->set_rules($rule); as a replacement for what I had ( getting rid of max length 32) and it's still not displaying the error

No, I am saying ALL of the field erros are correct and displaying what they should EXCEPT the password field. It is not yielding ANY message at all.

when I submit the form without filling out the fields correctly, i.e. - if I hit submit with nothing filled out, all of the errors display " the email field is required" EXCEPT the password field does NOT post any error at all. What length should I make the password field? thanks

forgot that sorry... $this->load->library('form_validation'); $this->form_validation->set_rules('first_name', 'First Name', 'trim|required'); $this->form_validation->set_rules('last_name', 'Last Name', 'trim|required'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email'); $this->form_validation->set_rules(sha1('password', 'trim|required|max_length[32]')); $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]');

Hello - I am putting the finishing touches on my form that creates users for my website. After much research and trying different things, I am having great trouble getting the password field to post an error, although the confirm password field is just fine. I have been stuck on this for way to long any help is greatly appreciated. Here is my code: VIEW: echo form_label('', 'email', array('type'=>'text')); $data = array( 'name' => 'first_name', 'class' => 'input', 'placeholder' => 'First Name' ); echo form_input($data, set_value('first_name')); echo "<div class='errors'>"; echo form_error('first_name'); echo "</div>"; echo form_label('', 'last_name', array('type'=>'text')); $data = array( 'name' => 'last_name', 'class' => 'input', 'placeholder' => 'Last Name' ); echo form_input($data, set_value('last_name')); echo "<div class='errors'>"; echo form_error('last_name'); echo "</div>"; echo form_label('', 'email', array('type'=>'text')); $data = array( 'name' => 'email', 'class' => 'input', 'placeholder' => 'Email' ); echo form_input($data, set_value('email')); echo "<div class='errors'>"; echo form_error('email'); echo "</div>"; echo form_label('', 'password', array('type'=>'password')); $data = array( 'name' => 'password', 'class' => 'password', 'size' => 30, 'placeholder' => 'Password' ); echo form_password($data, set_value('sha1(password)')); echo "<div class='errors'>"; echo form_error('password'); echo "</div>"; echo form_label('', 'password2', array('type'=>'password')); $data = array( 'name' => 'password2', 'class' => 'input', 'size' => 30, 'placeholder' => 'Confirm Password' ); echo form_password($data, set_value('sha1(password2)')); echo "<div class='errors'>"; echo form_error('password2'); echo "</div>"; MODEL: function create_member() { $salt = $this->_salt(); $this->load->library('encrypt'); $new_member_insert_data = array( 'first_name' => $this->input->post('first_name'), 'last_name' => $this->input->post('last_name'), 'email' => $this->input->post('email'), 'password' => $this->encrypt->sha1($salt . $this->encrypt->sha1($this->input->post('password'))), 'salt' => $salt, 'status' => 'pending' ); $insert = $this->db->insert('users', $new_member_insert_data); return $insert; } thaks so much in advance

Yeah, that's a good idea. I kinda wanted to cut out the middle man of a link and have the form ON the page. This is just as good and makes things cleaner I suppose. thanks!

My above text may have been a little confusing. There is a login page that works fine ( thanks to you helping @mahngiel ) and then a SEPARATE login page that is loaded on the confirmation page that is NOT working. It is breaking down right here (hence it's reloading the page) if($login) { $user = $this->um->validate_login(array('email' => $this->input->post('email'))); if( $user ) { // CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) { $this->session->set_userdata(array( 'email' => $this->input->post('email') )); redirect('account/dashboard'); exit; } } $data['main_content'] = 'account/confirmation'; $this->load->view('includes/templates/main_page_template', $data); it's not running the query correctly somehow even though it seems logical and same concept works for REGULAR login page. It's failing to match the emails it seems when I enable profiler. as it shows "'email' = '0'"

Hello - I've been cranking through my authorization/login/user system for my site and am not sure if I'm understanding codeigniter as I should as far as sharing functions and or over riding certain functions and methods. That being said. I have successfully been able to create and login a user with the proper security measures, however I am having trouble getting passed the sign in form that is located on the verification page that is linked off of the verification email via token/hashed link. When this verification page is hit, the users status is automatically marked from 'pending' to 'active' in the db. A new sign in form is loaded and has the SAME ( in concep/theoryt ) wiring as the other login page I have. I have tried various combinations of using some of the same functions as the existing login page, and new functions all together. The most i can tell is the for some reason the email value that is in the query to check info against db is returning as zero, however I am able to echo the users input email value and it checks out. Here is my WORKING login code: <div id="login_form"> <?php echo validation_errors(); echo form_open('auth/validate_credentials'); echo "<div class='form_text_signin'>"; echo "Email"; echo "</div>"; echo form_label('', 'email', array('type'=>'text')); $data = array( 'name' => 'email', 'class' => 'input', 'size' => 30 ); echo form_input($data, set_value('email')); echo "<div class='form_text_signin'>"; echo "Password"; echo "</div>"; echo form_label('', 'password', array('type'=>'password')); $data = array( 'name' => 'password', 'class' => 'input', 'size' => 30 ); echo form_password($data, set_value('sha1(password)')); echo form_submit('submit', 'Submit'); echo form_close(); ?> </div> controller: unction validate_credentials() { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $this->load->library('encrypt'); $this->load->helper('url'); $this->load->library('session'); $this->load->model('user_model', 'um'); $login = $this->input->post('submit'); if($login) { $user = $this->um->validate(array('email' => $this->input->post('email'))); if( $user ) { // CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) { $this->session->set_userdata(array( 'email' => $this->input->post('email') )); redirect('account/dashboard'); exit; } } $this->index(); } } model: function validate($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } } Now here is the confirmation form code that is not working: <div id="signin_confirmation"> <?php echo validation_errors(); echo form_open('auth/confirmation_login'); echo "<div class='form_text_confirmation'>"; echo "Email"; echo "</div>"; echo form_label('', 'email', array('type'=>'email')); $data = array( 'email' => '', 'class' => 'input', 'size' => 30 ); echo form_input($data, set_value('email')); echo "<div class='form_text_confirmation'>"; echo "Password"; echo "</div>"; echo form_label('', 'password', array('type'=>'password')); $data = array( 'password' => '', 'class' => 'input', 'size' => 30 ); echo form_password($data, set_value('sha1(password)')); echo form_submit('submit', 'Submit'); echo form_close(); ?> </div> controller: public function confirmation() { { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $data['main_content'] = 'account/confirmation'; $this->load->view('includes/templates/main_page_template', $data); $this->load->library('encrypt'); $this->load->helper('url'); $this->load->library('session'); $this->load->model('user_model'); $this->user_model->validate_confirm($data); } } other controller for the actual form: function confirmation_login() { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $this->load->library('encrypt'); $this->load->helper('url'); $this->load->library('session'); $this->load->model('user_model', 'um'); $login = $this->input->post('submit'); if($login) { $user = $this->um->validate_login(array('email' => $this->input->post('email'))); if( $user ) { // CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) { $this->session->set_userdata(array( 'email' => $this->input->post('email') )); redirect('account/dashboard'); exit; } } $data['main_content'] = 'account/confirmation'; $this->load->view('includes/templates/main_page_template', $data); } } and the model functions: function validate_login($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } } function validate_confirm($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->query('SELECT * FROM users order by id desc LIMIT 1'); foreach ($query->result() as $user){ $data = array( 'status' => 'active' ); $this->db->where('id', $user->id); $this->db->update('users', $data); } }

I'm actually on a MAC, so not sure if that would make a difference or not. I really can't see anything that would make a difference. As far as the variable I created that you said is out of place. Apparently I'm doing it wrong but I'm basically trying to start a session based off the users id that is stored in the db and store that in a variable to use with if statement, and or / be used to determine whether the user is logged in to load different views and things like that. would you happen to have a good recommendation on how to do that? thanks

I am building a social network via code igniter. Upon registration, the potential member get's stored in the db, and their status get's marked to pending. I then send them a confirmation email with a hashed token link. When they hit the link it marks their account as active and takes them to a welcome page that has a sign in. When I go to the link it sets of an infinite loop and freezes my computer when I'm working on my MAMP. ( or I'm suspicious that it's an infinite loop ) Here is my pertinent code: auth CONTROLLER that sends the email: function varification_email() { $query = $this->db->query('SELECT * FROM users order by id desc LIMIT 1'); $token = sha1($user->email.$user->salt).dechex($user->id); $domain = "clci.dev/index.php"; $link = "http://www.".$domain."/account/confirmation/?token=$token"; foreach ($query->result() as $user) { $this->load->library('email'); $this->email->from('noreply@cysticlife.org', 'CysticLife'); $this->email->to($user->email); $this->email->subject('Welcome to CysticLife!'); $this->email->message("Thanks for signing up for CysticLife! To complete the registration process please go to the following web address:\n\n$link\n\n-Your friends at CysticLife\n\nPlease remember to add the cysticlife.org domain to your address book to ensure that you receive your CysticLife e-Notifications as requested.eh"); $this->email->send(); } account CONTROLLER that the user is linked back to from the email: public function confirmation() { $data['main_content'] = 'account/confirmation'; $this->load->view('includes/templates/main_page_template', $data); $this->load->library('encrypt'); $this->load->helper('url'); $this->load->library('session'); $this->load->model('user_model', 'um'); $login = $this->input->post('submit'); //IF THE SUBMIT BUTTON IS TRIGGERED THE POST DATA IS SENT TO THE VALIDATE FUNCTION IN THE MODEL VIA VARIABLES CREATED if($login) { $user = $this->um->validate(array('email' => $this->input->post('email'))); if( $user ) { // CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) { $this->session->set_userdata('logged_in', TRUE); $this->session->set_userdata(array( 'email' => $this->input->post('email') )); $this->session->userdata('logged_in'); redirect('account/dashboard'); exit; } } } $this->index(); } Thanks in advance

Howdy - All of my mail I'm sending out via php mail or codeigniter email class is being sent to spam. Any suggestions or tricks on how to avoid this?

hey there - I am setting up a system that when a new account is created, the new user is sent an email with a confirmation email that has hashed token link to it for security. I'm getting confirmation that emails are being sent via $this->email->print_debugger(); however, I've only been able to receive one email. I'm wondering if all of my configurations for my server ( as I'm developing locally) are set up properly, as well as my code flow being correct. CONTROLLER: $this->load->model('user_model'); if($query = $this->user_model->create_member()) { $this->load->model('user_model'); $this->varification_email(); $data['main_content'] = 'account/welcome'; $this->load->view('includes/templates/main_page_template', $data); } else { $this->load->view('home/home_page'); } } } function varification_email() { $query = $this->db->query('SELECT * FROM users order by id desc LIMIT 1'); foreach ($query->result() as $user) { $this->load->library('email'); $this->email->from('noreply@blah.com', 'blahblahblah'); $this->email->to($user->email); echo $user->email; $this->email->subject('Email Test'); $this->email->message('Testing the email class.'); $this->email->send(); echo $this->email->print_debugger(); } } MODEL: Also, I'm assuming it's okay to do this ONLY on my controller with no involvement with a model? Thanks in advance.

solved: CONTROLLER: function validate_credentials() { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $this->load->model('user_model', 'um'); $login = $this->input->post('submit'); $this->load->library('encrypt'); //IF THE SUBMIT BUTTON IS TRIGGERED THE POST DATA IS SENT TO THE VALIDATE FUNCTION IN THE MODEL VIA VARIABLES CREATED if($login) { $user = $this->um->validate(array('email' => $this->input->post('email'))); if( $user ) { // CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) { $this->session->set_userdata(array( 'email' => $this->input->post('email') )); redirect('account/dashboard'); exit; } } } $this->index(); } MODEL: function validate($data) { // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $this->output->enable_profiler(TRUE); $query = $this->db->where($data)->get('users', '1'); if($query->row()) { return $query->row(); } } I also figured out that I was storing mistaking storing the salt hashed on the create user function so that was huge

per my pm I just sent you: CONTROLLER: function validate_credentials() { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $this->load->model('user_model', 'um'); $login = $this->input->post('submit'); $this->load->library('encrypt'); //IF THE SUBMIT BUTTON IS TRIGGERED THE POST DATA IS SENT TO THE VALIDATE FUNCTION IN THE MODEL VIA VARIABLES CREATED if($login) { $user = $this->um->validate(array('email' => $this->input->post('email'))); if( $user ) { // now, using that returned row, grab the salt from it and use it in a second query where you apply the same hash method $data = array( 'email' => $user->email, 'password' => $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password'))) ); // send that new array back to get_user $user = $this->um->validate( $data ); $this->session->set_userdata($data); redirect('account/dashboard'); } else { $this->index(); } } } MODEL: function validate($data) { $this->output->enable_profiler(TRUE); // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', 1); if($query->row()) { return $query->row(); } }

I assume you mean to $user = $this->um->validate($data); before the $data array because as far as I can tell that is defining $user. In the meantime I'm going to examine all of the code you've posted to get to that bottom of that.

so to summarize: I'm also suspicious of my hashing methods and them being implemented properly as well as the main problem - the logic and flow and correctness of the whole lot.

yes, I have successfully created a new user with a unique salt that is being stored in the appropriate rows in my database. It appears to be the same conceptually as far as I can tell,however I'm not convinced that password entered in post is being properly utilized with the salt and hash. CREATE USER-CONTROLLER: function create_member() { $this->load->library('form_validation'); $this->form_validation->set_rules('first_name', 'First Name', 'trim|required'); $this->form_validation->set_rules('last_name', 'Last Name', 'trim|required'); $this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email'); $this->form_validation->set_rules(sha1('password', 'trim|required|max_length[32]')); $this->form_validation->set_rules('password2', 'Confirm Password', 'trim|required|matches[password]'); if($this->form_validation->run() == FALSE) { $data['main_content'] = 'home/home_page'; $this->load->view('includes/templates/home_page_template', $data); } else { $this->load->model('user_model'); if($query = $this->user_model->create_member()) { $data['main_content'] = 'account/welcome'; $this->load->view('includes/templates/main_page_template', $data); } else { $this->load->view('home/home_page'); } } } CREATE USER-MODEL: function create_member() { $salt = $this->_salt(); $this->load->library('encrypt'); $new_member_insert_data = array( 'first_name' => $this->input->post('first_name'), 'last_name' => $this->input->post('last_name'), 'email' => $this->input->post('email'), 'password' => $this->encrypt->sha1($salt . $this->encrypt->sha1($this->input->post('password'))), 'salt' => $this->encrypt->sha1($salt) ); $insert = $this->db->insert('users', $new_member_insert_data); return $insert; } } LOGIN CONTROLLER: function validate_credentials() { // WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY $this->load->model('user_model', 'um'); $login = $this->input->post('submit'); $this->load->library('encrypt'); $salt = $this->_salt(); //IF THE SUBMIT BUTTON IS TRIGGERED THE POST DATA IS SENT TO THE VALIDATE FUNCTION IN THE MODEL VIA VARIABLES CREATED if($login) { $data = array( 'email' => $this->input->post('email'), 'password' => $this->encrypt->sha1($user->salt. $this->encrypt->sha1($this->input->post('password'))) ); $user = $this->um->validate($data); } // IF ITS A REAL USER OPEN THE GATE AND LET THEM IN if($user) { $this->session->set_userdata($data); redirect('account/dashboard'); } else { $this->index(); } } LOGIN MODEL: function validate($data) { $this->output->enable_profiler(TRUE); // TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB $query = $this->db->where($data)->get('users', 1); if($query->row()) { return $query->row(); } }

haha not hashing with the profiler. I have it in there to check if/how my queries are running. Just using it as a troublehshooter. That being said when the query is run, the password is being hashed, but in the profiler the post values that are being shown, shows that the password is being entered as clear text to COMPARE to the hashed stored in the db