0

Login.php (login form which displays the Enter username and Password fields) 

<?php echo validation_errors(); ?>
<form action="http://www.parthfolder.com/admin/login" method="post">
<h5>Username</h5>
<input type="text" name="adminuser" value="" size="50" />
<!--
<h5>Password</h5>
<input type="password" name="password" value="" size="50" />

<h5>Confirm Password </h5>
<input type="password" name="passconf" value="" size="50" />-->

<h5>Password </h5>
<input type="password" name="password" value="" size="50" />

<div><input type="submit" value="submit" /></div>
</form>

Admin.php (Controller)

<?php 
    class Admin extends CI_Controller{
        public function __construct(){
            parent::__construct();
            $this->load->model('admin_model');
            $this->load->helper(array('form','url'));
            $this->load->library('session');
        }
        public function login(){
            $this->load->library('form_validation');
            $this->form_validation->set_rules('adminuser','Username','required');
            $this->form_validation->set_rules('password','Password','required');

            if($this->form_validation->run()==FALSE){           
                $this->load->view('admin/login');
            }
            else{
                redirect('admin/success');
            }

        }
        public function success(){
            echo $_POST['adminuser'];
            echo $_POST['password'];
        }
        public function home(){
            if(isset($_SESSION['adminuser'])){
                redirect('admin/login');
            }
            else{
                echo "set";
            }
        }
    }
?>

My question is when I comment out the all the syntax related to form_validation library like this

Login.php

//<?php echo validation_errors(); ?>
<form action="http://www.parthfolder.com/admin/success" method="post">
<h5>Username</h5>
<input type="text" name="adminuser" value="" size="50" />
<!--
<h5>Password</h5>
<input type="password" name="password" value="" size="50" />

<h5>Confirm Password </h5>
<input type="password" name="passconf" value="" size="50" />-->

<h5>Password </h5>
<input type="password" name="password" value="" size="50" />

<div><input type="submit" value="submit" /></div>
</form>

Note:- I changed the action link in Login.php

Admin.php

public function login(){
            //$this->load->library('form_validation');
            //$this->form_validation->set_rules('adminuser','Username','required');
            //$this->form_validation->set_rules('password','Password','required');

            //if($this->form_validation->run()==FALSE){         
                $this->load->view('admin/login');
            //}
            //else{
                //redirect('admin/success');
            //}

        }

I get the desired behaviour. The form is submitted and the function success in the controller admin echoes the username and password using the $_POST[] superglobal.

However when I use the form_validation library (the original uncommented codes), I get the warnings stating that username and password fields are required. But when I supply the correct input I get an error which says 

A PHP Error was encountered

Severity: Notice

Message: Undefined index: adminuser

Filename: controllers/Admin.php

Line Number: 23

Backtrace:

File: /usr/local/apache2/htdocs/parth/application/controllers/Admin.php
Line: 23
Function: _error_handler

File: /usr/local/apache2/htdocs/parth/index.php
Line: 292
Function: require_once


A PHP Error was encountered

Severity: Notice

Message: Undefined index: password

Filename: controllers/Admin.php

Line Number: 24

Backtrace:

File: /usr/local/apache2/htdocs/parth/application/controllers/Admin.php
Line: 24
Function: _error_handler

File: /usr/local/apache2/htdocs/parth/index.php
Line: 292
Function: require_once

What is the reason behind such a behaviour? Thanks..

Abhishek Singh
  • 27
  • 6

1 Answers1

0

The problem is the redirect. The $_POST is only available after the post. After redirect the var is deleted.

To access the username and password you should save those values in a session var. But it's not recommended to save passwords anywhere => insecure!!

http://www.codeigniter.com/userguide3/libraries/sessions.html

So it should look like this:

<?php 
    class Admin extends CI_Controller{
        public function __construct(){
            parent::__construct();
            $this->load->model('admin_model');
            $this->load->helper(array('form','url'));
            $this->load->library('session');
        }
        public function login(){
            $this->load->library('form_validation');
            $this->form_validation->set_rules('adminuser','Username','required');
            $this->form_validation->set_rules('password','Password','required');

            if($this->form_validation->run()==FALSE){           
                $this->load->view('admin/login');
            }
            else{
                $this->session->set_userdata('adminuser', $this->input->post('adminuser'));
                $this->session->set_userdata('password', $this->input->post('password'));  // not recommended! => insecure
                redirect('admin/success');
            }

        }
        public function success(){
             echo $this->session->userdata('adminuser');
             echo $this->session->userdata('password');
        }
        public function home(){
            if(isset($_SESSION['adminuser'])){
                redirect('admin/login');
            }
            else{
                echo "set";
            }
        }
    }
?>
Lirux
  • 145
  • 9