Hi Everyone,
I would like to learn How to use DB for authentication?
I followed steps from the following link:
But I am not able to succeed with these changes.
Could anyone please help me to achieve this?
Thank you in advance.
Regards,
Srini
Hi Everyone,
I would like to learn How to use DB for authentication?
I followed steps from the following link:
But I am not able to succeed with these changes.
Could anyone please help me to achieve this?
Thank you in advance.
Regards,
Srini
Hi tarakarama,
After reading the good tutorial you found on the web, what are the steps that you cannot understand / failed? IMHO the tutorial is very well written and explains step by step the procedures to achieve it.
I do not know if you could get a better help than that tutorial…
Hi,
Followed the same steps. And tried to access the page using this link: http://localhost/nano/index.php/user
I am getting the following error.
Parse error: syntax error, unexpected T_STRING, expecting T_FUNCTION in C:\wamp\www\nano\protected\models\User.php on line 56
And line 56 in User.php is DEFINE(‘SALT_LENGTH’, 10);
Please help me with this.
Thank you,
taraka
I guess you are doing something like
class User extends Model{
//method 1
function method1(){
//content
}
DEFINE('SALT_LENGTH', 10);
//method 2
function method2(){
//content
}
}
you should define it or inside a method or outside the class
Hi Gustavo,
Thank you for your response.
I moved the define to outside class. Now I can see the login page. But when I am not able to login. Its throwing error saying incorrect password. I am using the data from DB only.
Please help me with this.
Thank you
If you are using from the blog demo the password is stored encripted(sha1) and it wont work if you use the same as stored in db
you should use the one that was used to create the sha1 hased password
Please make sure you create a user before you actually trying to enter to the system and make sure you have the encrypted password within.
[font="Georgia"]
I followed same steps and got error
PHP notice
Undefined index: email
/var/www/actan/protected/controllers/UserController.php(103)
…
103 $model->password = $model->hashPassword($_POST[‘User’][‘password’], $_POST[‘User’][‘email’]);
…
Please help the growing generation.
Thanks.
[/font]
Undefined index: email > check your form, you don’t appear to have a field named “email”.
In my code i have created login action so please follow the step…
1) you can create the actionLogin on your controller…
public function actionLogin()
{
$this->layout = 'admin_login';
$model=new AdminLoginForm;
// if it is ajax validation request
if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if(isset($_POST['AdminLoginForm']))
{
$model->attributes=$_POST['AdminLoginForm'];
// validate user input and redirect to the previous page if valid
if($model->login())
$this->redirect("index");
}
// display the login form
$this->render('login',array('model'=>$model));
}
2)
i call a if($model->login()) on previous function so i write this function on my model (AdminLoginForm.php)
public function login()
{
if($this->_identity===null)
{
$this->_identity=new AdminIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===AdminIdentity::ERROR_NONE)
{
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else{
Yii::app()->user->setFlash('error', "User Authentication failed!");
return false;
}
}
3) And finally create the new class on componets folder AdminIdentity.php and write a custome query
<?php
/**
* CustomerIdentity represents the data needed to identity a user.
* It contains the authentication method that checks if the provided
* data can identity the user.
*/
class AdminIdentity extends UserIdentity
{
private $_id;
const ERROR_NONE=0;
const ERROR_EMAIL_INVALID=3;
const ERROR_STATUS_NOTACTIV=4;
const ERROR_STATUS_BAN=5;
const ERROR_PASSWORD_INVALID=6;
/**
* Authenticates a user.
* The example implementation makes sure if the email and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public $email;
public function __construct($username,$password)
{
$this->username=$username;
$this->email=$username;
$this->password=$password;
}
public function authenticate()
{
$email = $this->email;
$criteria = new CDbCriteria();
//$email="gaurav@inheritx.com";
$criteria->select = "t.*, CONCAT_WS(' ', t.`firstname`, t.`lastname`) AS `fullname`";
//$criteria->condition = ' t.user_type = IN(\'admin\',\'user\') AND(t.username = \''.$this->username.'\' OR t.`email` = \''.$email.'\')';
$criteria->condition = ' t.user_type IN(\'admin\',\'superadmin\') AND(t.username= \''.$this->username.'\' OR t.`email` = \''.$email.'\')';
$admin = User::model()->find($criteria);
if($admin===null) {
$this->errorCode=self::ERROR_EMAIL_INVALID;
} else if(Yii::app()->getModule('admin')->encrypting($this->password)!==$admin->password) {
$this->errorCode=self::ERROR_PASSWORD_INVALID;
//} else if($admin->status==0&&Yii::app()->getModule('admin')->loginNotActive==false) {
//$this->errorCode=self::ERROR_STATUS_NOTACTIV;
/* } else if($admin->status==-1) {
$this->errorCode=self::ERROR_STATUS_BAN;*/
} else {
$this->_id = $admin->id;
$this->email = $admin->email;
$this->username = $admin->email;
$this->errorCode= self::ERROR_NONE;
Yii::app()->admin->setId($this->_id);
Yii::app()->admin->guestName = $admin->email;
Yii::app()->admin->name = strtolower($admin->user_type);
//Yii::app()->admin->fullname = $admin->username;
$adminData = $admin->attributes;
$adminData['fullname'] = $admin->username;
Yii::app()->admin->setState('admin',$adminData);
}
return !$this->errorCode;
}
/**
* @return integer the ID of the user record
*/
public function getId()
{
return $this->_id;
}
}
i hope it’s help may be someone.
FYI that tutorial does have a couple errors in it:
Model (user.php)
DEFINE(‘SALT_LENGTH’, 10);
Needs to be outside the class or inside the function hashPassword.
Controller (userController.php)
The salt of the password is e-mail and not username.
$_POST [ 'User' ][ 'email' ]) should be $_POST [ 'User' ][ 'username ])
You will never login with the users you created because the validation is looking for