i'm new in codeigniter , tried create login system on website. when try enter on page overview, sends me on login page after put correct email , password nothing happens.
login.php - controller
<?php if ( ! defined('basepath')) exit('no direct script access allowed'); class login extends ci_controller { function __construct() { parent::__construct(); } function index() { $this->load->helper(array('form')); $this->load->view('login'); } } ?> overview.php - controller
<?php if ( ! defined('basepath')) exit('no direct script access allowed'); class overview extends ci_controller { function __construct() { parent::__construct(); } function index() { if($this->session->userdata('logged_in')) { $session_data = $this->session->userdata('logged_in'); $data['username'] = $session_data['username']; $this->load->view('overview', $data); } else { //if no session, redirect login page redirect('login', 'refresh'); } } function logout() { $this->session->unset_userdata('logged_in'); session_destroy(); redirect('home', 'refresh'); } } ?> verifylogin.php - controller
<?php if ( ! defined('basepath')) exit('no direct script access allowed'); class verifylogin extends ci_controller { function __construct() { parent::__construct(); $this->load->model('user','',true); } function index() { //this method have credentials validation $this->load->library('form_validation'); $this->form_validation->set_rules('email', 'e-mail', 'trim|required|xss_clean'); $this->form_validation->set_rules('password', 'password', 'trim|required|xss_clean|callback_check_database'); if($this->form_validation->run() == false) { //field validation failed. user redirected login page $this->load->view('login'); } else { //go private area redirect('home', 'refresh'); } } function check_database($password) { //field validation succeeded. validate against database $username = $this->input->post('username'); //query database $result = $this->user->login($username, $password); if($result) { $sess_array = array(); foreach($result $row) { $sess_array = array( 'id' => $row->id, 'username' => $row->username ); $this->session->set_userdata('logged_in', $sess_array); } return true; } else { $this->form_validation->set_message('check_database', 'invalid username or password'); return false; } } } ?> login.php - views
<div class="container"> <div class="row"> <div class="col-md-4 col-md-offset-4 well"> <form role="form" action="<?php echo $_server['php_self']; ?>" method="post" name="loginform"> <fieldset> <legend>login</legend> <div class="form-group"> <label for="name">email</label> <input type="text" name="email" placeholder="your email" required class="form-control" /> </div> <div class="form-group"> <label for="name">password</label> <input type="password" name="password" placeholder="your password" required class="form-control" /> </div> <div class="form-group"> <input type="submit" name="login" value="login" class="btn btn-primary" /> </div> </fieldset> </form> <span class="text-danger"><?php if (isset($errormsg)) { echo $errormsg; } ?></span> </div> </div> thanks , hope somene give me solution.
when enter login page, action "login.php" because of $_server['php_self'].
<form role="form" action="<?php echo $_server['php_self']; ?>" method="post" name="loginform"> the $_server["php_self"] super global variable returns filename of executing script.
you need change action verifylogin, when submit form, index() method in verifylogin.php execute.
<form role="form" action="verifylogin" method="post" name="loginform"> xss_clean no longer part of form validation remove it. xss cleaning should used on output not input.
$this->form_validation->set_rules('email', 'e-mail', 'trim|required'); $this->form_validation->set_rules('password', 'password', 'trim|required|callback_check_database'); 