stackoom
  简体   繁体   中英

using where clause in codeigniter issue

 原文  2012-11-19 17:03:10       php/ codeigniter

Question

I am loggin in user. So after entring email and password by user then I want to check whether user with that email and password exist. For this reason I am using where clause twice but somehow it is not working. Perhaps because I am using it incorrectly. How can I fix my below code 

$this->db->where('email', $this->input->post('email'));
$this->db->where('password', $pass . $salt);

2 answers

solution1
 0 ACCPTED  2012-11-19 19:21:42

The where is working fine, it's the second where that is wrong, you're passing the password + the salt but you aren't encoding anything, just concatenating them. So if your password is bob and your salt is pepper you're passing bobpepper as the password field to the query.

Depending on the encryption your code should look similar to this: 

 $password = md5($this->input->post('password'). $salt);  //swap the md5 for whatever encryption method you're using.
 $this->db->where('email', $this->input->post('email'));
 $this->db->where('password', $password);

solution2
 0  2012-11-19 19:46:26

You don't need to do your where clause twice. 

public function login(){

    try
    {
        $user = $this->db->select()->where()->get(); // mysql query

        if( !$user)
            throw new Exception("User not found!");

        if( !$this->compare_password($this->input->post('password'), $user->password ) )
            throw new Exception("Passwords did not match!");
    }
    catch(Exception $e) 
    {
        $this->session->set_flashdata('error', $e->getMessage());
        log_message('error', $e->getMessage()); 
        redirect('/');
    }

    //we got this far so everything should be OK

    $this->session->set_flashdata('success', 'Login Successfull');
    redirect('dashboard');
}

Note: You would want to use a better password hashing algorithim than this in production mode!! 

protected function hash_password($password){
    return sha1( $pw . $this->config->item('encryption_key') );
}

protected function compare_password($pw, $dbpw){
    return ( sha1($pw . $this->config->item('encryption_key') ) === $dbpw )
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using custom where clause in codeigniter Active Record Issue in Where clause CodeIgniter Where and Or Where clause in a single query ? Using codeigniter Codeigniter using different function's where clause Unknown column in WHERE clause using Codeigniter Using array as a condition in where clause codeigniter Using an array in a MySql WHERE clause in CodeIgniter Codeigniter issue with escaping values when passing array to query with “in” in the where clause codeigniter activerecord where clause issue with own clauses manually Grouping WHERE clause in CodeIgniter
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM