-
-
Save good-orbit/7d59e7295b167883bbd2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //CONTROLLER (auth.php) THIS IS JUST THE VALIDATE PORTION THAT IS RELEVENT TO THIS QUESTION | |
| public function validate() { | |
| $this->load->model('auth_model'); | |
| $query = $this->auth_model->validate(); | |
| if($query) { | |
| $data = array( | |
| 'email' => $this->input->post('email'), | |
| 'is_logged_in' => true | |
| ); | |
| $this->session->set_userdata($data); | |
| redirect('home/dashboard'); | |
| } | |
| else { | |
| $this->index(); | |
| } | |
| } | |
| //MODEL (auth_model.php) | |
| <?php | |
| class Auth_model extends CI_Model { | |
| public function validate() { | |
| //SEE IF THEIR INFO IS IN THE DB | |
| $this->db->where('email', $this->input->post('email')); | |
| $this->db->where('password', $this->input->post('password')); | |
| $query = $this->db->query('SELECT id FROM users WHERE email = ' . mysql_real_escape_string($this->input->post('email')) . ' && password = ' . mysql_real_escape_string($this->input->post('password')) . ' LIMIT 1'); | |
| //IF THE QUERY MATCHES THEN LOGIN and RETURN TRUE | |
| if($query->num_rows() == 1) { | |
| return true; | |
| }else{ | |
| return false; | |
| } | |
| } | |
| } | |
| //VIEW (login.php) | |
| <title>Login</title> | |
| <div id="login_image"> | |
| </div> | |
| <h1 id="login_text_basic">Please Sign In</h1> | |
| <div id="login_form"> | |
| <?php | |
| //THE FORM | |
| echo form_open('auth/validate'); | |
| echo form_input('email', 'Email'); | |
| echo form_password('password', 'Password'); | |
| echo form_submit('submit', 'Login'); | |
| echo form_close(); | |
| ?> | |
| </div> | |
| //Here is the error that I am getting only when I put in the correct 'email' and 'password' I've manually stored in my table or I just enter gibberish | |
| Error Number: 1064 | |
| You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com && password = Password LIMIT 1' at line 1 | |
| SELECT id FROM users WHERE email = mr-t@gmail.com && password = Password LIMIT 1 | |
| Filename: /Users/michaelsanger/Sites/CodeIgniter/models/auth_model.php | |
| Line Number: 11 | |
| //This is line 11 | |
| $query = $this->db->query('SELECT id FROM users WHERE email = ' . mysql_real_escape_string($this->input->post('email')) . ' && password = ' . mysql_real_escape_string($this->input->post('password')) . ' LIMIT 1'); | |
| // ALSO PLEASE NOTE: that when I just submit the form with the template text in the input values 'Email' 'Password' it takes me to the right page and logs me in. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment