I have followed a tutorial in order to create a simple Login with CodeIgniter(the version I'm using is the last one), but when I insert the Username and Password I just get "Invalid Username or Password" that would be great if I missed one of the two, but both are correct. The DB was created in PHPmyAdmin(I'm using WAMP with user root and no password), the table is named users and I created two different users. If necessary I can also put the code of other files ( database.php , etc. ). SO,I don't understand What I'm wrong, this is the controller:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class VerifyLogin extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->model('user','',TRUE);
$this->load->helper('url');
}
function index()
{
//This method will have the credentials validation
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'trim|required');
$this->form_validation->set_rules('password', 'Password', 'trim|required|callback_check_database');
if($this->form_validation->run() == FALSE)
{
//Field validation failed. User redirected to login page
$this->load->view('login_view');
}
else
{
//Go to private area
redirect('home', 'refresh');
}
}
function check_database($password)
{
//Field validation succeeded. Validate against database
$username = $this->input->post('username');
//query the database
$result = $this->user->login($username, $password);
if($result)
{
$sess_array = array();
foreach($result as $row)
{
$sess_array = array(
'id' => $row->id,
'username' => $row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
}
else
{
$this->form_validation->set_message('check_database', 'Invalid username or password');
return false;
}
}
}
?>
This is User.php
<?php
Class User extends CI_Model
{
function login($username, $password)
{
$this -> db -> select('id, username, password');
$this -> db -> from('users');
$this -> db -> where('username', $username);
$this -> db -> where('password', MD5($password));
$this -> db -> limit(1);
$query = $this -> db -> get();
if($query -> num_rows() == 1)
{
return $query->result();
}
else
{
return false;
}
}
}
?>
As per your comments:
Yes,It returns this: Array ( [0] => stdClass Object ( [id] => 1 [username] => fabio [password] => fabio ) ) . Sorry, before I deleted that print , I did not understand what you wanted to do. – user5913892 9 mins ago
You do not have password in MD5() in your database. for this you need to use this:
$this -> db -> select('id, username, password');
$this -> db -> from('users');
$this -> db -> where('username', $username);
$this -> db -> where('password', $password);
$this -> db -> limit(1);
It is good practice to use encryption for your confidential data like password, i suggest you to INSERT password as MD5() than you can use MD5() in login.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments