I am having a issue with my login page reading a function to login
on my register page which I'm proud to say works perfect
this is my password hash code
$password = password_hash($password, PASSWORD_BCRYPT);
my login page has 2 fields
email &
password
I have re cleaned my code and solved the issue some what
functions are working
when I enter email and password it triggers
Warning! Email or Password Incorrect
plus an error at the top
Notice: Undefined index: password in C:\Program Files (x86)\Zend\Apache2\htdocs\CMS\functions\functions.php on line 249
this is line 249
$db_password = $row['password'];
/* Validate Login */
function validate_login()
{
$errors = [];
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$email = clean($_POST['email']);
$password = clean($_POST['password']);
if (empty($email)) {
$errors[] = "Email Required";
}
if (empty($password)) {
$errors[] = "Password Required";
}
if (! empty($errors)) {
foreach ($errors as $error) {
echo validation_errors($error);
}
} else {
if (login_user($email, $password)) {
redirect("../account/profile.php");
} else {
echo validation_errors("Email or Password Incorrect");
}
}
}
} // End Function
/* User Login */
function login_user($email, $password)
{
$sql = "SELECT user_pwd, uid FROM userss WHERE user_email = '" . escape($email) . "'";
$result = query($sql);
if (row_count($result) == 1) {
$row = fetch_array($result);
$db_password = $row['password'];
if (hash_algos($password) == $db_password) {
return true;
} else {
return false;
}
}
}// End Function
It looks like you are missing a closing bracket for your validate_login() function so it is defining the login_user() function only after the first function is called. Therefore as you progress through your validate_login() function you call the login_user() function before it is created since it is created after the if statement completes.
OK I just figured out the issue
if (hash_algos($password) == $db_password) {
return true;
} else {
return false;
}
changed it to this
if(password_verify($password, $db_password)){
return true;
} else {
return false;
}
Related
When I insert data with encrypted password by my registration controller, this data was inserted. But when I login it says incorrect password.
My registration controller code is:
$encrypted_password = $this->encryption->encrypt($this->input- >post('user_password'));
Login Model code is:
<?php
class Login_model extends CI_Model{
function can_login($email, $password)
{
$this->db->where('User_email' , $email);
$query = $this->db->get('tbl_user');
if($query->num_rows() > 0){
foreach($query->result() as $row){
if($row->is_email_verified == 'yes'){
$store_password = $this->encryption->decrypt($row->User_password);
if($password == $store_password)
{
$this->session->set_userdata('id', $row->id);
}
else
{
return 'Worng Password';
}
}
else
{
return 'First verified your email address';
}
}
}
else
{
return 'Wrong Email Address';
}
}
}
I hope this one help you....
<?php
class Login_model extends CI_Model{
function can_login($email, $password)
{
$this->db->where('User_email' , $email);
$query = $this->db->get('tbl_user');
if($query->num_rows() > 0){
foreach($query->result() as $row){
if($row->is_email_verified == 'yes'){
$store_password = $row->User_password;
$current_password = $this->encryption->encrypt($password);
if($current_password == $store_password)
{
$this->session->set_userdata('id', $row->id);
}
else
{
return 'Worng Password';
}
}
else
{
return 'First verified your email address';
}
}
}
else
{
return 'Wrong Email Address';
}
}
}
I have checked email unique in codeigniter. In else past I diplayed error. But the system error is not convenient. how to customise error...
i have tried giveng javascript alert instead of that error message... but after that alert the data are storing in database.. Actually the data should not store in database if the email is not unique..
public function add_applicants() {
// $field_name=$this->input->post('photo');
$data = $this->input->post();
$mobile = $this->db->get_where('applicants',array('mobile_number'=>$this->input->post('mobile_number')));
if($mobile->num_rows()>0)
{
throw new Exception("Mobile Number Already Registered");
}
$email = $this->db->get_where('applicants',array('email_id'=>$this->input->post('email_id')));
if($email->num_rows()>0)
{
throw new Exception("Email_id Already Registered");
}
$school_id= $this->input->post('school_code');
$name_of_exam= $this->input->post('name_of_exam');
$name= $this->input->post('name_candiadte');
switch($name_of_exam){
case '1':
$exam='NMMS';
break;
case '2':
$exam='NTS';
break;
}
$school_code = $this->Welcome_Model->getschoolData($school_id);
if (isset($_FILES['photo']) == 1) {
$config['upload_path'] = FCPATH . 'uploads/'. $school_code->name_of_the_school.'/'. $exam ;
$this->upload_path = $config['upload_path'];
if ($this->validate_upload_path() == TRUE) {
$config['upload_path'] = $this->upload_path;
// print_r($this->upload_path) ;
// die();
}
$config['allowed_types'] = 'jpg';
$config['max_size'] = 2000;
$config['remove_spaces'] = TRUE;
$config['overwrite'] = true;
$config['file_name'] = $name.'-'.date('Ymdhis') . '.jpg';
$file_name = $config['file_name'];
$this->load->library('upload', $config);
$this->upload->initialize($config);
if (!$this->upload->do_upload('photo')) {
$this->upload->display_errors();
}
}
$data['photo'] = $file_name;
$insetapplicants = $this->Welcome_Model->insertApplicants($data);
if ($insetapplicants == 'Success') {
echo "<script>
alert('New Applicants Added Successfully');
// window.location.href='dashboard';
</script>";
}
}
I try login facebook it's error NotFoundHttpException in RouteCollection.php (line 179)
I using Laravel 5.6
public function facebookAuthRedirect()
{
return Socialite::with('facebook')->redirect();
}
if facebook login success it's Redirect to facebook
public function facebookSuccess()
{
$provider = Socialite::with('facebook');
if (Input::has('code')){
$user = $provider->stateless()->user();
//dd($user); // print value debug.
$email = $user->email;
$name = $user->name;
$password = substr($user->token,0,10);
$facebook_id = $user->id;
//เช็คว่า email เป็น null หรือไม่
if($email == null){ // case permission is not email public.
$user = $this->checkExistUserByFacebookId($facebook_id);
if($user == null){
$email = $facebook_id;
}
}
else
{
$user = $this->checkExistUserByEmail($email);
if($user != null){
if($user->facebook_id == ""){ // update account when not have facebook id.
$user->facebook_id = $facebook_id;
$user->save();
}
}
}
if($user!=null){ // Auth exist account.
Auth::login($user);
return redirect('index/');
}
else{ // new Account.
$user = $this->registerUser($email,$name,$password,$facebook_id);
Auth::login($user);
return redirect('index/');
}
}
return redirect('/');
}
Check Email and facebook
private function checkExistUserByEmail($email)
{
$user = \App\User::where('email','=',$email)->first();
return $user;
}
private function checkExistUserByFacebookId($facebook_id)
{
$user = \App\User::where('facebook_id','=',$facebook_id)->first();
return $user;
}
Member Register
private function registerUser($email,$name,$password,$facebook_id)
{
$user = new \App\User;
$user->email = $email;
$user->name = $name;
$user->password = Hash::make($password); // Hash::make
$user->balance = 0;
$user->level = "member";
$user->facebook_id = $facebook_id;
$user->save();
return $user;
}
M Route file web.php
Route::get('login/facebook', 'Auth\LoginController#facebookAuthRedirect');
Route::get('login/facebook/callback', 'Auth\LoginController#facebookSuccess');
Clear route cache:
php artisan route:cache
and then check results
I am able to login/logout on my web app using facebook. But the problem is when the user needs to update his profile on my application, he can't. It would say that he is restricted to view his own page. The only way for this to happen is that user identity is probably not set. But I am not sure how to correct this. When I tried Yii::app()->user->user_id the Id is actually correct id, which is the pk in user model. So how is it that he cannot get to update his own page?
in my facebookUserIdentity:
public function authenticate()
{
if($this->getIsAccessTokenValid() && $this->setFBUser())
{
$this->_user = $this->getUserFromDatabase();
if($this->_user === false)
return false;
$this->setState('isUser', false);
$this->setState('isAdmin', false);
$this->setState('isShop', false);
$this->setState('isSuper', false);
$this->setState('user',$this->_user);
$this->_id = $this->_FBUser['id'];
//I've tried doing something like $this->_id = Yii::app()->user->user_id; or like $this->_user->user_id; ?
$this->_name = $this->_FBUser['name'];
return true;
}
else {
return false;
}
}
getting user from db:
protected function getUserFromDatabase()
{
$FBUser = $this->_FBUser;
if($FBUser)
{
$user = User::model()->findByAttributes (array('oauth_uid'=>$FBUser['id']));
if(!$user)
{
$user = new User;
$user->oauth_uid = $FBUser['id'];
$user->username = $FBUser['id'];
$user->first_name = $FBUser['first_name'];
//other info etc
$user->image = "https://graph.facebook.com/" . $FBUser['id'] . "/picture?type=large";
}
else
{
if ($user->oauth_permission == 'n')
{
$this->errorMessage = self::ERROR_LOGIN_DISABLE;
return false;
}
$user->last_login_date = date('Y-m-d H:i:s');
}
if($user->save())
{
return $user;
}
else
$this->errorMessage = CJSON::encode ( $user->getErrors());
return false;
}
else {
$this->errorMessage = "Failed getting facebook user data";
return false;
}
}
and lastly, the controller page rules:
public function accessRules()
{
$params=array();
$id=Yii::app()->request->getParam('id');
$params['model']=$this->loadModel($id);
return array(
//stuff
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update','RemoveImage'),
'roles'=>array('admin','super','owner'=>$params),
),
//stuff
Although the following code snippet does successfully add additional guests to a google calendar event, it is not sending them email notifications of the event. Can someone tell me if it's possible to also send an email to the new guests?
$service = Zend_Gdata_Calendar::AUTH_SERVICE_NAME; // predefined service name for calendar
$client = Zend_Gdata_ClientLogin::getHttpClient($user, $pass, $service);
function sendInvite($eventId, $email)
{
$gdataCal = new Zend_Gdata_Calendar($client);
if($eventOld = $this->getEvent($eventId))
{
$who = $gdataCal->newwho();
$who->setEmail($email);
$eventOld->setWho(array_merge(array($who), $eventOld->getWho()));
try
{
$eventOld->save();
} catch(Zend_Gdata_App_Exception $e)
{
return false;
}
return true;
} else
return false;
}
function getEvent($eventId)
{
$gdataCal = new Zend_Gdata_Calendar($client);
$query = $gdataCal->newEventQuery();
$query->setUser('default');
$query->setVisibility('private');
$query->setProjection('full');
$query->setEvent($eventId);
try
{
$eventEntry = $gdataCal->getCalendarEventEntry($query);
return $eventEntry;
} catch(Zend_Gdata_App_Exception $e)
{
return null;
}
}
Finally figured it out.
public function sendInvite($eventId, $email)
{
$gdataCal = new Zend_Gdata_Calendar($this->client);
if($eventOld = $this->getEvent($eventId))
{
$SendEventNotifications = new Zend_Gdata_Calendar_Extension_SendEventNotifications();
$SendEventNotifications->setValue(true);
$eventOld->SendEventNotifications = $SendEventNotifications;
$who = $gdataCal->newwho();
$who->setEmail($email);
$eventOld->setWho(array_merge(array($who), $eventOld->getWho()));
try
{
$eventOld->save();
} catch(Zend_Gdata_App_Exception $e)
{
return false;
}
return true;
} else
return false;
}