Codeigniter login system issue loging

2019-09-14 18:30发布

站内文章 / PHP
103 0 0

问题:

I got a table "usuarios" which contains the following information:

(id, username, name, lastname, password, type, status, date), right?

Take a look:

My personal goal is to make a login system which allows me to clasify those WHO are ADMIN from those who are just simple users... I mean, if a row of the table contains type = 0 it is an ADMIN and if type = 1 it is a simple user. So,in the login system if i write for example ADMIN 1234 and this data corresponds to an ADMIN user from the table "users"; when i press "login" it must open an exclusive page only for ADMINs.. The same but for those who are "simple" users.

The system must validate if i write wrongs usernames/passwords and if the username corresponds to an active member (status = 1 active, status = 0 not active). No empty fields while login

No matter what i write in "username" and "password" in the login system.. when i click on "login" i always get this message and nothing happens:

And these are the users registered in my database:

Here is my code: Controller files (2 files: "dashboard" and "login") Dashboard:

    <?php

        Class dashboard extends CI_Controller{

         public function __construct(){
             parent::__construct();
             $this->load->model('m_login');
         $this->auth->cek_auth();

        }

        public function index(){
            $ambil_akun = $this->m_login->ambil_user($this->session->userdata('usuario'));
            $data = array(

              'user' =>$ambil_akun,

              );

            $stat = $this->session->userdata('lvl');
            if($stat=='s_admin'){
              $this->load->view('dashboard_admin', $data);

            }else{

              $this->load->view('dashboard_user', $data);

            }

        }

  public function login(){

    $session = $this->session->userdata('isLogin');
    if($session == FALSE)
    {

      $this->load->view('login_form');

    }else
    {

      redirect('dashboard');

    }

  }

  public function logout(){

    $this->session->sess_destroy();
    redirect('login', 'refresh');

  }

}

?>

Login:

    <?php

        Class Login extends CI_Controller{

        public function __construct(){
             parent::__construct();
             $this->load->model("m_login");

        }


        public function index(){
            $session = $this->session->userdata('isLogin');
            if($session == FALSE)
            {

                $this->load->view('login_form');

            }else
            {

                redirect('dashboard');

            }

        }

        public function do_login()
        {

            $usuario=$this->input->post('uname');
            $contrasena=$this->input->post('pass');

            $cek=$this->m_login->cek_user($contrasena, md5($contrasena));
            if(count($cek) == 1){

                foreach ($cek as $cek) {

                    $tipo=$cek['tipo'];
                    $estado=$cek['estado'];
                    $nombre=$cek['nombre'];


                }


                if($estado =='0'){

                    $this->session->set_userdata(array(

                        'isLogin'=>TRUE,
                        'uname'=>$usuario,
                        'lvl'=>$tipo,
                        'estado'=>$estado

                    ));
                    redirect('dashboard', 'refresh');

                }
                else{

                    echo "<script>alert('YOUR ACCOUNT IS NOT ACTIVE')</script>";
                    redirect('login','refresh');

                }

                }else{

                    echo "<script>alert('USERNAME OR PASSWORD INVALID!')</script>";
                    redirect('login','refresh');

                }



}

}

?>

The model file (m_login):

    <?php

    class m_login extends CI_Model{

        public function __construct(){

         parent::__construct();
         $this->tbl="usuarios";

        }

    public function cek_user($usuario="", $contrasena="")
    {


        $query=$this->db->get_where($this->tbl, array('usuario'=>$usuario, 'contrasena'=>$contrasena));
        $query=$query->result_array();
        return $query;
    }


    public function ambil_user($nombre)
    {

        $query=$this->db->get_where($this->tbl, array('nombre'=> $nombre));
        $query=$query->result_array();
        if(query){

            return $query[0];

        }

    }


}

?>

And my view files: login_form:

    <!DOCTYPE html>
<html lang="">

    <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge"> 
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="https://netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css">
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>


    </head>

        <body>
            <div class="container">
            <h3>Login</h3>
            <hr>
            <form action="<?php echo base_url('login/do_login')?>" method="POST">
                <div class="form-group">
                    <label for="cari">USERNAME</label>
                    <input type="text" name="usuario" id="usuario" class="form-control"><?php echo form_error('usuario');?>

                </div>

                <div class="form-group">
                    <label for="cari">PASSWORD</label>
                    <input type="password" name="contrasena" id="contrasena" class="form-control"><?php echo form_error('contrasena');?>

                </div>

                <input class="btn btn-primary" type="submit" value="Login">
                <input class="btn btn-primary" type="reset" value="Reset">

            </form>
                </div>



        </body>
</html>

dashboard_admin:

Hi!<b><?php echo $user['nombre'];?></b>YOU ARE AN ADMINISTRATOR! > [<a href= '<?php echo base_url('dashboard/logout');?>'>LOGOUT</a>]

dashboard_user:

Hi!<b><?php echo $user['nombre'];?></b>YOU ARE A SIMPLE USER! > [<a href= '<?php echo base_url('dashboard/logout');?>'>LOGOUT</a>]

Dont know what to do now :/

回答1:

You must to return an object instead object array in your model, then you don't have encrypted password on your database.

You may use tank_auth: https://konyukhov.com/soft/tank_auth/



回答2:

in this code, you encrypt password. But on db, its not encrypted with md5 ? Maybe sending without md5 will solve your problem for now. But i think also encrypt with md5 good selection.

$cek=$this->m_login->cek_user($contrasena, $contrasena); // change like this.


标签: php mysql codeigniter login
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~