If a user does not exist its supposed to throw back an error on the login screen but the user is then brought to the home page as if they have previously registered in my sign controller. The login controller – validate credentials function – and my model – function can_log_in() – will illustrate the error its supposed to bounce back
model:
class Membership extends CI_Model
{
function Membership()
{
parent::__construct();
}
public function can_log_in()
{
$this->db->select('*')->from('membership');
$this->db->where('username', $this->input->post ('username'));
$this->db->where('password', md5($this->input->post ('password')));
$query = $this->db->get('membership');
if ($query->num_rows() == 1)
{
return true;
}
else{
return false;
}
}
login controller:
class Login extends CI_Controller
{
function Login()
{
parent::__construct();
$this->load->model('membership');
}
function loguserin()
{
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'required|min_length[5]|max_length[12]|trim');
$this->form_validation->set_rules('password', 'Password', 'required|md5|trim');
$username = $this->input->post('username');
$password = $this->input->post('password');
if ($this->form_validation->run()==TRUE)
{
$this->load->model('membership');
if($this->membership->can_log_in($this->input->post('username'),$this->input->post('password'))
{ // this is unepected despite a new if statement called
$this->session->set_userdata('status', 'OK');
$this->session->set_userdata('username', $username);
redirect('home');
} else //this else is unexpected
{
$this->session->set_userdata('status', 'NOT_OK');
$this->session->set_flashdata('Incorrect username/password');
$this->index();
}
} else {
$this->index;
}
}
function logout()
{
$this->session->sess_destroy();
redirect ('start');
}
function index()
{
$this->load->view('shared/header');
$this->load->view('account/logintitle');
$this->load->view('account/loginview');
$this->load->view('shared/footer');
}
}
Once again thanks 🙂 its just that the user if not already in the table should not be able to sign into the home page
Your logic is all over the place and you’re misunderstanding the concept of form validation. Form validation validates form input that’s it, it does not validate credentials. The validate_credentials function you have is sort of pointless to be honest since you can’t call the form validation error from outside the run function. So you may as well just make that go away entirely.
First, the initial call after form_validation should be like this:
Okay that takes care of sending the data to the login function, now the function actually needs to receive data, and since it is NOT the first page sent the data the post string will be empty, that is why I passed the data in the function above. The only part of the model that should need to change is the following: