0

I have problem to login a user.I saved the encrypted password with md5 method in database.Now when I want to select a user with encrypted password form database it returns null.

This is my code:

controller:

function login(){
    $username=$this->input->post('username');
    $password=$this->input->post('password');
    $user=$this->mymodel->login($username,$password);
    if($user)
      $this->load->view('home');
    else
      echo "The user name or password is wrong";
}

model:

function login($username,$password){
    $where=array('username'=>$username,'password'=>md5($password));
    $this->db->select()->from('user')->where($where);
    $query=$this->db->get();
    return $query->first_row('array');
}

but this query returns null;

setara
  • 31
  • 8
  • `$this->db->get()` would be a call to a function. You also have a syntax error in that code. An extra closing bracket and apostrophe is after first_row(); – BrightIntelDusk Mar 05 '14 at 06:13
  • Something very useful to use for debugging queries in codeigniter is `echo $this->db->last_query();` – BrightIntelDusk Mar 05 '14 at 06:15
  • @IntegrityFirst.sorry these mistakes are from my typing here not my code which I worked.now I correct that. – setara Mar 05 '14 at 06:23

1 Answers1

1

From looking at your code I notice you don't have any rows specified in the select function. You can pass in an asterisk '*' to represent getting all rows from the database table. Also your where clause can be separated into two separate lines. Last of all the row function can be used to get the first row of a query result.

Model code:

function login($username, $password
{

    $this->db->select('*')
             ->from('user')
             ->where('username', md5(username))
             ->where('password', md5($password));

    $query = $this->db->get();
    return $query->row();
}

I would also discourage you from using md5 to store a password. There are stronger encryption methods available for PHP. In addition it is a good practice to use a salted password when storing it in the database. For more information see How do you securely store a user's password and salt in MySQL?

You can find more information regarding how to use codeigniters active record class in the codeigniter manual.

Community
  • 1
  • 1
BrightIntelDusk
  • 4,577
  • 2
  • 25
  • 34