Home/ Questions/Q 9140461
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T09:31:10+00:00

I’m trying to add and if/else to a login action in CakePHP. The login

  • 0

I’m trying to add and if/else to a login action in CakePHP. The login action has a number of lines and when I add my if/else after the LoginValidate, the brackets for the login action now don’t close properly.

The session does get written but, but when using the bracket highlighter in sublime text2, the top most bracket doesn’t get highlighted. Here’s the code. What I’m trying to do is write a session variable for KCFinder to ‘true’ if the user is not in the UserGroup ‘Admin’ and false if the user is in the UserGroup ‘Admin’.

public function login() {
    print_r($this -> Session -> read());
    if ($this->request -> isPost()) {
        $this->User->set($this->data);                                  
        if($this->User->LoginValidate()) {
            $email  = $this->data['User']['email'];
            $password = $this->data['User']['password'];
            $user = $this->User->findByUsername($email);
            $UserGroup = $this->User->UserGroup;

            if (empty($user)) {
                $user = $this->User->findByEmail($email);
                if (empty($user)) {
                    $this->Session->setFlash(__('Incorrect Email/Username or Password'));
                    return;
                }
            }
                //write session value for kcfinder
            if ($user['UserGroup']['name']='Admin') {
                $this -> Session -> write("kcfinder", "false");
                $_SESSION['KCFINDER']['disabled']=false; //config from ckfinder
            } else {
                $this -> Session -> write("kcfinder", "true");
                return;
            }   

            // check for inactive account
            if ($user['User']['id'] != 1 and $user['User']['active']==0) {
                $this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
                return;
            }
            // check for verified account
            if ($user['User']['id'] != 1 and $user['User']['email_verified']==0) {
                $this->Session->setFlash(__('Your registration has not been confirmed please verify your email or contact to Administrator'));
                return;
            }
            if(empty($user['User']['salt'])) {
                $hashed = md5($password);
            } else {
                $hashed = $this->UserAuth->makePassword($password, $user['User']['salt']);
            }

            if ($user['User']['password'] === $hashed) {
                if(empty($user['User']['salt'])) {
                    $salt=$this->UserAuth->makeSalt();
                    $user['User']['salt']=$salt;
                    $user['User']['password']=$this->UserAuth->makePassword($password, $salt);
                    $this->User->save($user,false);
                }
                $this->UserAuth->login($user);
                $remember = (!empty($this->data['User']['remember']));
                if ($remember) {
                    $this->UserAuth->persist('2 weeks');
                }
                $OriginAfterLogin=$this->Session->read('Usermgmt.OriginAfterLogin');
                $this->Session->delete('Usermgmt.OriginAfterLogin');
                $redirect = (!empty($OriginAfterLogin)) ? $OriginAfterLogin : LOGIN_REDIRECT_URL;
                $this->redirect($redirect);
            } else {
                $this->Session->setFlash(__('Incorrect Email/Username or Password'));
                return;
            }

        }

    }
}

additional points:

1) this code comes from a user management plugin from: http://usermgmt.ektasoftwares.com

2) the section that I added is:

                //write session value for kcfinder
        if ($user['UserGroup']['name']='Admin') {
            $this -> Session -> write("kcfinder", "false");
            $_SESSION['KCFINDER']['disabled']=false; //config from ckfinder
        } else {
            $this -> Session -> write("kcfinder", "true");
            return;
        }

The result of adding my session section is that the two top most brackets don’t properly highlight (again using the highlight plugin in sublime text2)

Thanks for the comments and input.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Check your comparison

    This is an assignment – not a comparison:

    if ($user['UserGroup']['name']='Admin') {

    I.e. after this the value of $user['UserGroup']['name'] is set to true, and the code will always enter this if block. This is probably the intention:

    if ($user['UserGroup']['name'] === 'Admin') {

    Errors like this are a lot easier to spot with consistent whitespace (the code in the question is quite varied). You can also avoid them using this style:

    if ('Admin' === $user['UserGroup']['name']) {

    Which “works” because if you make the same mistake you get a parse error rather than an assignment:

    if ('Admin' = $user['UserGroup']['name']) {

    Some bonus comments

    That’s a lot of code

    This login function is pretty big (and it references more code, that isn’t shown). It could be a lot simpler. For example from the book (be sure to compare to the book for the version of cake you’re using):

    public function login() {
    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
            $this->redirect($this->Auth->redirect());
        } else {
            $this->Session->setFlash(__('Invalid username or password, try again'));
        }
    }
}

    There are some additional bits of logic in the code in the question – but there are also chunks of code duplicating what the Auth login function does.

    Use CakePHP

    if you’re using CakePHP – use CakePHP. This line:

    $_SESSION['KCFINDER']['disabled']=false; //config from ckfinder

    Is equivalent to:

    $this->Session->write('KCFINDER.disabled', false);

    Being consistent, again, makes code easier to read and ultimately easier to maintain.

    • 0