1. 技术文章
  2. Check if user is not active, not to log in

Check if user is not active, not to log in

ぃ、小莉子 提交于 2019-12-25 02:55:40

问题


I want to add condition for my login form - if a user is not already active, not to log in. I'm using CodeIgniter. That's my controller:

public function login ()
    {
            
        $this->load->model('user_model');
        $user=$this->user_model->login();
        
        $this->form_validation->set_rules('username', 'Username', 'trim|required|callback_login_check');
        $this->form_validation->set_rules('password', 'Password', 'trim|required'); 

        if ($this->form_validation->run()==FALSE)
        {

            $this->index();
        }
        else 
        {
            if(count($user) > 0 )    
            {
                $this->load->library('session'); 
            
                 $data = array(
                    'username' => $user['username'],
                    'user_id' => $user['user_id'],
                    'is_logged_in' => TRUE,
                    'role_id' => $user['role_id']
                
                );
                $this->session->set_userdata($data);         
                
                redirect('index/home_page');
            }
        }
    }

My model is:

 public function login()
    {
        $this->db->select('*'); 
        $this->db->from('users');     
        $this->db->where('username', $this->input->post('username'));
        $this->db->where('password',sha1($this->input->post('password')));
        //$this->db->where('deactivated_at = "0000-00-00 00:00:00" OR deactivated_at IS NULL');
        
        $result=$this->db->get();
            return $result->row_array();            
    }

I have tried with this: $this->db->where('deactivated_at = "0000-00-00 00:00:00" OR deactivated_at IS NULL'); in my login function, but it does not work. How could I make this authentication, if not active user, not to log in at all?


回答1:


There's a few things I would say is wrong with your code.

First off, you're trying to login the user before the form validation has completed. This should be done afterwards, or I don't see the need for validation?

This would be my version of your login function, within your controller.

function login()
{
  $this->load->model('users_model');

  $this->form_validation->set_rules('username', 'Username', 'trim|required');
  $this->form_validation->set_rules('password', 'Password', 'trim|required');

  if (!$this->form_validation->run())
  {
    $this->index(); // Show the login form..
  }
  else
  {
    // This is where we try to login the user, now the validation has    passed
    if ($user = $this->users_model->login())
    {
      // Start the session...
    }
    else
    {
      // The model returned false..
    }
  }
}

So you don't go to the model, until the form validation has passed. Then, in your model;

function login()
{
  $where = array(
    'username' => $this->input->post('username'),
    'password' => sha1($this->input->post('password'))
  );
  // $this->db->select('*'); No need for this line
  $query = $this->db->get_where('users', $where);
  if ($query->num_rows() > 0)
  {
    // Found a match
    // Are they activated?
    if (!is_null($query->row('deactivated_at'))
    {
      // The user isn't deactivated
      return $query->row_array();
    }
    else
    {
      // The user is deactivated
      return false;
    }
  }
  else
  {
    // The username and/or password is wrong...
    return false;
  }
}

Hope this helps.



来源:https://stackoverflow.com/questions/29800064/check-if-user-is-not-active-not-to-log-in

标签
codeigniter
authentication
login
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!