So I have this login method:
public function login(){
$this->form_validation->set_rules('username','Username','trim|required|min_length[4]|xss_clean');
$this->form_validation->set_rules('password','Username','trim|required|min_length[4]|xss_clean');
if($this->form_validation->run()== FALSE) {
//Loading View
$this->load->view('admin/layouts/login');
$username = $this->input->post('username');
$password = $this->input->post('password');
//Validate Username & Password
$user_id = $this->Authenticate_model->login($username, $password);
if($user_id){
$user_data = array(
'user_id' => $user_id,
'username' => $username,
'logged_in' => true
);
//Set session userdata
$this->session->set_userdata($user_data);
} else {
//Set message
$this->session->set_flashdata('pass_login', 'You are now logged in');
redirect('admin/dashboard');
}
}
}
And then i use this simple method to logout:
public function logout(){
//Unset User Data
$this->session->unset_userdata('user_id');
$this->session->unset_userdata('username');
$this->session->unset_userdata('logged_in');
$this->session->sess_destroy();
redirect('admin/authenticate/login');
}
So basically I'm unsetting all my sessions userdata and then redirecting back to login controller. And what happens is, when i redirect back to login page, I automatically login again, like if my session data was still valid and present. Why it's happening?
You could try
unset($this->session->userdata('user_id'));
unset($this->session->userdata('logged_in'));
unset($this->session->userdata('username'));
Or Just Have
$this->session->sess_destroy();
Make sure your session library auto loaded and have configured your settings depending on version of codeigniter
maybe you place "redirect if session == true" code at __construct, there is my problem :v
Related
I have this function :
public function index(Request $request){
$email = $request->email;
$password = $request->password;
if (!$email || !$password) {return redirect()->back();}
if (Auth::attempt(['email' => $email, 'password' => $password])) {
// Authentication passed...
$this->loggedUser = Auth::user();
if($this->loggedUser){
return redirect('http://localhost:3000/home');
}
}
return redirect()->back()->withInput()->withErrorMessage('Uneseni podaci nisu ispravni.');
}
What i want is to redirect user if he is logged in, but nothing happend. When i open i browser preview it just say
Redirecting to http://localhost:3000/home
But it not redirect me. Any suggestion?
When i enter manually it appears
Change redirect address to this:
return redirect('home');
If you want to redirect to an absolute URL you can try this:
return redirect(url('http://localhost:8000/home'));
Or you can try this for relative URL:
return redirect('/home'));
First one is bad because If your domain (http://localhost:8000) is
changed then all of your links are needed to be changed. So Second
approach is better.
I am creating a login check function. But my two flash data messages are not setting correct.
If user has logged on and then if the session expires it should set this
flash data message Your session token has expired!
And if the user has not logged on and tries to access a controller with out logging on
then it should set this flashdata message You need to login to
access this site!
For some reason it is always showing the second flashdata message.
Question: How am I able to use the two flashdata messages properly.
Controller: Login.php
Function: check
public function check() {
$uri_route = basename($this->router->directory) .'/'. $this->router->fetch_class();
$route = isset($uri_route) ? $uri_route : '';
$ignore = array(
'common/login',
'common/forgotten',
'common/reset'
);
if (!in_array($route, $ignore)) {
// $this->user->is_logged() returns the user id
if ($this->user->is_logged()) {
// $this->session->userdata('is_logged') returns true or false
if (!$this->session->userdata('is_logged')) {
// Redirects if the user is logged on and session has expired!
$this->session->set_flashdata('warning', 'Your session token has expired!');
redirect('admin/common/login');
}
} else {
$this->session->set_flashdata('warning', 'You need to login to access this site!');
redirect('admin/common/login');
}
}
I run function via codeigniter hook that way I do not have to add it on every controller.
$hook['pre_controller'] = array(
'class' => 'Login',
'function' => 'check',
'filename' => 'Login.php',
'filepath' => 'modules/admin/controllers/common'
);
What are you trying to check via the uri() is actually a very bad way of checking, also you should include login checks as a construct function not single.. here is what your function should look like:
function __construct()
{
parent::__construct();
if (!$this->session->userdata('logged_in')) {
// Allow some methods?
$allowed = array(
'some_method_in_this_controller',
'other_method_in_this_controller',
);
if (!in_array($this->router->fetch_method(), $allowed)
{
redirect('login');
}
}
}
I am using laravel 4.2 and in my live site session did't store values. This way Auth::attemp(); working fine but Auth::check(); return always false. I already try to change domain name in session file. Thanks in advance
routes.php
Route::controller('/admin', 'adminIndex');
adminIndex.php
function getShow()
{
if (Auth::check())
{
return View::make('dashboard');
}
else
{
return Redirect::to('admin');
}
}
function postIndex()
{
$username = Input::get('username');
$password = Input::get('password');
if (Auth::attempt(array('username' => $username, 'password' => $password), true))
{
return Redirect::to("admin/show/");
}
else
{
return Redirect::to('admin')->with('message', 'Invalid User Name / Password.');
}
}
Auth function not working properly. it's approve your credential and destroy session. Update your laravel library and try.
I have a login form that I'm doing 2 part validations: The client-side and the server side.
Client-side: check if valid email, check if password is minimal 6 characters, etc. If something goes wrong on the client-side I can show the user the error messages on the same page with the login form, because it page never got reloaded because it will not send a post to the server if the client-side validation isn't true.
But when it is true, then I'm doing a server side validation -> check if email and password matches to effectively log in into the website. But if the login credentials aren't matching, I need to show a error message. This is the part where I'm stuck. Where and how do I get a message on the same page (login form) because page gets posted and refreshed so I'm losing data. Now when credentials aren't correct I'm redirecting the user back to the login page, but without any messages. But I'm trying to achieve that he'll see the message 'credentials aren't correct'. Can someone help me with this?
Login View
<?php
$loginEmail = array('placeholder' => "Email", 'name' => "loginEmail");
$loginPassword = array('placeholder' => "Wachtwoord", 'name' => "loginPassword");
$loginSubmit = array('name' => "loginSubmit", 'class' => "btn", 'value' => "Inloggen");
echo form_open('login/inloggen', array('class' => 'grid-100 formc'));
echo form_input($loginEmail, set_value('loginEmail'));
echo form_password($loginPassword);
echo form_submit($loginSubmit);
echo form_close();
?>
Login Controller
function index(){
$logged_in = $this->logged_in->is_logged_in();
if($logged_in){
$this->load->view('profile_view');
}
else{
$data['content'] = 'login_view';
$this->load->view('templates/template', $data);
}
}
function inloggen(){
if($this->input->post('loginSubmit')){
if($this->form_validation->run('login_validation_rules') == FALSE){
$this->index();
}
else{
$this->load->model('login_model');
$query = $this->login_model->validate();
if($query){
$data = array(
'username' => $this->input->post('loginEmail'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('profile');
}
else{
$this->index();// If credentials aren't correct, redirect them to login page. But how I set a message here?
}
}
}
}
Login Model
function validate(){
$this->db->where('email', $this->input->post('loginEmail'));
$this->db->where('password', md5($this->input->post('loginPassword')));
$query = $this->db->get('tbl_users');
if($query->num_rows == 1){
return true;
}
else{
return false;
}
}
I will prefer do to in one controller, and it will be more clear. I make one simple example, just to tell you the way how I think is good.
function login(){
$data['error_message'] = "";
$data['username'] = $this->input->post('username');
$data['password'] = $this->input->post('password');
if($this->input->post('loginSubmit')){
// Make rules of validation that need to be required
if($this->form_validation->run('login_validation_rules')){ // If true it goes IN
$this->load->model('login_model');
$query = $this->login_model->validate();
if($query){
$data = array(
'username' => $this->input->post('loginEmail'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('profile'); // Go IN profile
} else {
$data['error_message'] = "Something went wrong"; // This error you write on View
}
}
}
$this->load->view('login_view', $data) //Load view of login
}
I didn't test, and it will need to adapt in your data, but I just want to explain the way. It you have any problem, write an comment, and we will find the solution together.
I have solved this problem like so: Basically when the model sends a false. I make var with a message in it and then in my index I check if that var is there or not.
The only thing I want to know is, is it okay to set a message in my controller or should I have done that somewhere elsewhere??
function index(){
$logged_in = $this->logged_in->is_logged_in();
if($logged_in){
$this->load->view('profile_view');
}
else{
//Check here if my redirection submitted also a message
if(isset($this->ongeldig)){
$data['ongeldig'] = $this->ongeldig;
}
else{
$data['ongeldig'] = '';
}
$data['content'] = 'login_view';
$this->load->view('templates/template', $data);
}
}
function inloggen(){
if($this->input->post('loginSubmit')){
if($this->form_validation->run('login_validation_rules')){
$this->load->model('login_model');
$query = $this->login_model->validate();
if($query){
$data = array(
'username' => $this->input->post('loginEmail'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('profile');
}
else{// set a error message, when the models function returns false.
$this->ongeldig = "Ongeldig wachtwoord/gebruikersnaam";
$this->index();
}
}
else{
$this->index();
}
}
}
I am writing a custom registration / authorization module for joomla and I'm wondering how with default joomla methods I could change user password? At the moment I have:
private function UpdateUser(){
$user = JFactory::getUser($this->user_data['username']);
$user->set('password', $this->user_data['password']);
$user->set('password2', $this->user_data['password']);
// $user->bind();
$user->save();
}
but the password is not updated.
P.S.
$this->user_data includes other staff about user, but i need update only password.
Solved.
private function UpdateUser($username, $password){
$user = JFactory::getUser($this->GetIdByUserName($username));
$password = array('password' => $password, 'password2' => $password);
if(!$user->bind($password)){
die('Could not bind data. Error: '.$user->getError());
}
if(!$user->save()){
die('Could not save user. Error: '.$user->getError());
}
}
private function GetIdByUserName($username){
$query = $this->db->getQuery(true);
$query->select('id');
$query->from('#__users');
$query->where('username=' . $this->db->Quote($username));
$this->db->setQuery($query);
if(isset($this->db->loadObject()->id) && !empty($this->db->loadObject()->id))
return $this->db->loadObject()->id;
else
die('No id');
}