Thread: Problems with login logic and Dashboard
View Single Post
  #7 (permalink)  
Old July 16th, 2009, 06:53 PM
superfancy superfancy is offline
Registered User
  
Join Date: Jul 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default
I've run into a login session issue, really the only issue I've had with the code from the book. For example when I use the code from the book:
Code:
if ($_SESSION['userid'] < 1) {
    redirect('welcome/verify', 'refresh');
}
It spits out the same undefined index: userid error from the first post in this thread.

If I use the improved session checking code from above:

Code:
if (! isset($_SESSION['userid']) || ($_SESSION['userid'] < 1) ){
    	redirect('welcome/verify','refresh');
 }
I just get redirected back to my login page.

I also changed my verify() method in my Welcome Controller from the book which uses straight up PHP $_SESSION:
Code:
function verify(){
	if ($this->input->post('username')){
		$u = $this->input->post('username');
		$pw = $this->input->post('password');
		$this->MAdmins->verifyUser($u,$pw);
		if ($_SESSION['userid'] > 0){
			redirect('admin/dashboard','refresh');
		}
	}
	$data['main'] = 'login';
	$data['title'] = "Claudia's Kids | Admin Login";
	$data['navlist'] = $this->MCats->getCategoriesNav();
	$this->load->vars($data);
	$this->load->view('template');
To improved code I found while browsing this forum that uses CI Sessions:
Code:
function verify(){
    if ($this->input->post('username')){
        /** Request comes from users, we should xss filter this (more at http://codeigniter.com/user_guide/libraries/input.html **/
        $u  = $this->input->post('username', TRUE);
        $pw = $this->input->post('password', TRUE);
        
        /** Returning a result here would be faster than writing to session and reading the session since your function returns something anyway **/
        $this->MAdmins->verifyUser($u,$pw);

        /** Better yet use difference in both value and type than just is higher **/
        if ($this->session->userdata('userid') !== 0){
            redirect('admin/dashboard','refresh');
        }
    }
    $data['main'] = 'login';
    $data['title'] = "Claudia's Kids | Admin Login";
    $data['navlist'] = $this->MCats->getCategoriesNav();
    $this->load->vars($data);
    $this->load->view('template');  
  }
I have the session library loaded in autoload.php too. And
Code:
session_start();
initialized in my Welcome Controller.

Any ideas on how I can remedy this?

My verifyUser() method in my Admin Model also uses $_SESSION:
Code:
function verifyUser($u, $pw) {
		$this->db->select('id, username');
		$this->db->where('username', db_clean($u,16));
		//$this->db->where('username', $this->db->escape($u));
		$this->db->where('password', db_clean(dohash($pw),16));
		//$this->db->where('password', $this->db->escape($pw));
		$this->db->where('status', 'active');
		$this->db->limit(1);
		$Q = $this->db->get('admins');
		if ($Q->num_rows() > 0) {
			$row = $Q->row_array();
			$_SESSION['userid'] = $row['id'];
			$_SESSION['username'] = $row['username'];
		} else {
			$this->session->set_flashdata('error', 'Sorry, your username or password is incorrect!');
		}
	}
Any help or glaring inaccuracies in my code would be appreciated. I'm still getting my feet wet in CI. Thanks...
Reply With Quote