0

I have the below code to authenticate user to the application. I have been able to register a user on the system but my authentication code cannot redirect user in to the application after trying to login with the right details. The page only redirects the user back to the login page even though i am using the right user details.

Controller

var $salt = '%&)#$sfsf(abm@009011';

 function authenticate() {

    $username = $this->input->post('username');

    $this->db->where('phone', $username);
    $password =  $this->db->where('password', md5(crypt($this->input->post('password'), $this->salt)));
    $query = $this->db->get('user_login');        
    if ($query->num_rows = 1) {
        //echo "success";
         return true;
    } else
        return false;
    }

What else could i be doing wrong in code ? PS: Beginner with CodeIgniter

Improve this question
1
  • Very hard to tell what's wrong (besides using assignment operators instead of comparison operators) without seeing some more code. You are just returning a true/false value, but we have no clue what you're doing with it afterwards. Are you spawning a session with the logged in user data? are your controllers checking that data to "decide" if they let you access their methods? Also, I'd strongly suggest changing the very insecure way you chose to hash passwords (use password_hash instead of the crypt+md5+static salt which is actually as insecure as it gets) Commented May 3, 2019 at 13:19

2 Answers 2

Reset to default
2

you are assigning not comparing, you should use == instead of =

if ($query->num_rows == 1) {
}
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Okay..Thanks but i am still not able to get redirected into the application. It redirects me back to the login page
print query and check all the thing are gone right as per you expect.
when i print query, i don't get any results returned but i get 1 when i echo $query->num_rows before the if() statement
0

Don't use var and use == to compare values in the if() statement

$salt = '%&)#$sfsf(abm@009011';

 function authenticate() {

    $username = $this->input->post('username');

    $this->db->where('phone', $username);
    $password =  $this->db->where('password', md5(crypt($this->input->post('password'), $this->salt)));
    $query = $this->db->get('user_login');        
    if ($query->num_rows() == 1) {
        //echo "success";
         return true;
    } else
        return false;
    }
Improve this answer

7 Comments

Okay..Thanks but i am still not able to get redirected into the application. It redirects me back to the login page
what is the result of this echo $query->num_rows before if() statement?
The results is 1
@RoboPHP it should be $query->num_rows() not $query->num_rows
Okay, if your directly posting your data, I mean you are not calling the function from ajax then you can use: redirect('Your controller name') instead of return true statement;
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.