Consolidating sign in system in Codeigniter

RalphLeMouf · September 4, 2012

Hello -

I've been cranking through my authorization/login/user system for my site and am not sure if I'm understanding codeigniter as I should as far as sharing functions and or over riding certain functions and methods.

That being said. I have successfully been able to create and login a user with the proper security measures, however I am having trouble getting passed the sign in form that is located on the verification page that is linked off of the verification email via token/hashed link. When this verification page is hit, the users status is automatically marked from 'pending' to 'active' in the db. A new sign in form is loaded and has the SAME ( in concep/theoryt ) wiring as the other login page I have. I have tried various combinations of using some of the same functions as the existing login page, and new functions all together. The most i can tell is the for some reason the email value that is in the query to check info against db is returning as zero, however I am able to echo the users input email value and it checks out.

Here is my WORKING login code:

<div id="login_form">
	<?php
	echo validation_errors(); 
	echo form_open('auth/validate_credentials');
	echo "<div class='form_text_signin'>";
	echo "Email";
	echo "</div>";
	echo form_label('',  'email', array('type'=>'text'));
	$data = array( 'name' => 'email', 'class' => 'input', 'size' => 30 );
	echo form_input($data, set_value('email'));
	echo "<div class='form_text_signin'>";
	echo "Password";
	echo "</div>";
	echo form_label('',  'password', array('type'=>'password'));
	$data = array( 'name' => 'password', 'class' => 'input', 'size' => 30 );
	echo form_password($data, set_value('sha1(password)'));
	echo form_submit('submit', 'Submit');
	echo form_close();
	?>
</div>

controller:

unction validate_credentials()
	{
		// WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY

		$this->load->library('encrypt');
		$this->load->helper('url');
		$this->load->library('session');
		$this->load->model('user_model', 'um');
		$login = $this->input->post('submit');

			if($login) {
			$user = $this->um->validate(array('email' => $this->input->post('email')));
			if( $user ) {

				// CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM
				if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) {
					$this->session->set_userdata(array(
						'email' => $this->input->post('email')
					));
					redirect('account/dashboard');
					exit;


            }
		}
		$this->index();
	}
}

model:

function validate($data)
{
	// TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB
	$query = $this->db->where($data)->get('users', '1');

	if($query->row())
	{
		return $query->row();
	}
}

Now here is the confirmation form code that is not working:

<div id="signin_confirmation">
	<?php
	echo validation_errors(); 
	echo form_open('auth/confirmation_login');
	echo "<div class='form_text_confirmation'>";
	echo "Email";
	echo "</div>";
	echo form_label('',  'email', array('type'=>'email'));
	$data = array( 'email' => '', 'class' => 'input', 'size' => 30 );
	echo form_input($data, set_value('email'));
	echo "<div class='form_text_confirmation'>";
	echo "Password";
	echo "</div>";
	echo form_label('',  'password', array('type'=>'password'));
	$data = array( 'password' => '', 'class' => 'input', 'size' => 30 );
	echo form_password($data, set_value('sha1(password)'));
	echo form_submit('submit', 'Submit');
	echo form_close();
	?>
</div>

controller:

public function confirmation() {

	{
		// WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY


		$data['main_content'] = 'account/confirmation';
		$this->load->view('includes/templates/main_page_template', $data);
		$this->load->library('encrypt');
		$this->load->helper('url');
		$this->load->library('session');
		$this->load->model('user_model');
		$this->user_model->validate_confirm($data);

	}

}

other controller for the actual form:

function confirmation_login()
		{
			// WHEN THE VIEW IS LOADED THIS FUNCTION IS CALLED AND LOADS MODEL AS WELL AS DEFINES THE SALT VARIABLE AND LOADS THE ENCRYPTING HELPER LIBRARY

			$this->load->library('encrypt');
			$this->load->helper('url');
			$this->load->library('session');
			$this->load->model('user_model', 'um');
			$login = $this->input->post('submit');

 			if($login) {
				$user = $this->um->validate_login(array('email' => $this->input->post('email')));
				if( $user ) {

					// CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM
					if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) {
						$this->session->set_userdata(array(
							'email' => $this->input->post('email')
						));
						redirect('account/dashboard');
						exit;


	            }
			}
			$data['main_content'] = 'account/confirmation';
			$this->load->view('includes/templates/main_page_template', $data);
		}
	}

and the model functions:

function validate_login($data)
{
	// TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB
	$query = $this->db->where($data)->get('users', '1');

	if($query->row())
	{
		return $query->row();
	}
}


function validate_confirm($data)
{
	// TAKING THE DATA FROM THE MODEL AND CHECKING IT AGAINST THE STORED INFO IN THE DB
	$query = $this->db->query('SELECT * FROM users order by id desc LIMIT 1');
	foreach ($query->result() as $user){
	$data = array(
	               'status' => 'active'
	            );

	$this->db->where('id', $user->id);
	$this->db->update('users', $data); 

	}

}

Mahngiel · September 4, 2012

where in this chain of events is the system breaking? at validation? after validation? you said login works fine, so it's not there, right?

RalphLeMouf · September 4, 2012

My above text may have been a little confusing. There is a login page that works fine ( thanks to you helping @mahngiel ) and then a SEPARATE login page that is loaded on the confirmation page that is NOT working.

It is breaking down right here (hence it's reloading the page)

if($login) {
				$user = $this->um->validate_login(array('email' => $this->input->post('email')));
				if( $user ) {

					// CHECK THE USER'S PASSWORD AGAINST THE ONE FROM THE LOGIN FORM
					if($user->password == $this->encrypt->sha1( $user->salt . $this->encrypt->sha1($this->input->post('password')))) {
						$this->session->set_userdata(array(
							'email' => $this->input->post('email')
						));
						redirect('account/dashboard');
						exit;


	            }
			}
			$data['main_content'] = 'account/confirmation';
			$this->load->view('includes/templates/main_page_template', $data);

it's not running the query correctly somehow even though it seems logical and same concept works for REGULAR login page. It's failing to match the emails it seems when I enable profiler. as it shows "'email' = '0'"

Mahngiel · September 4, 2012

why not just present them with a page showing their account validation and a link to login?

RalphLeMouf · September 4, 2012

Yeah, that's a good idea. I kinda wanted to cut out the middle man of a link and have the form ON the page. This is just as good and makes things cleaner I suppose.

thanks!

Mahngiel · September 4, 2012

Don't Repeat Yourself.

Leave the success page to do it's own work.

Sign In

Consolidating sign in system in Codeigniter

Recommended Posts

RalphLeMouf

Link to comment

Share on other sites

Mahngiel

Link to comment

Share on other sites

RalphLeMouf

Link to comment

Share on other sites

Mahngiel

Link to comment

Share on other sites

RalphLeMouf

Link to comment

Share on other sites

Mahngiel

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information