Codeigniter Login

Question

Ive got a Codeigniter login system here, and just wondering where im going wrong. Heres my code:

View

<?php
echo form_open('handyman/logIn');
echo form_label('Email: ','useremail');
echo form_input('useremail');
echo "<br />";
echo form_label('Password: ','userpassword');
echo form_input('userpassword');
echo "<br />";
echo form_submit('Logmein','Log In');
echo form_close();
?>

Controller

public function logIn(){
      $useremail=$this->input->post('useremail');
      $userpassword=md5($this->input->post('userpassword'));
      $this->load->model("HandymanModel");

      if($useremail && $userpassword && $this->HandymanModel->logInUser($useremail,$userpassword)){
        $data['msg']="Successfully Logged in!";
        $data['title']="Logged In";
        $this->load->view("header",$data);
        $this->load->view("confirmation",$data);
        $this->load->view("footer",$data);
      } else{
        $data['title']="Sign up / Log in";
        $this->load->view("header",$data);
        $this->load->view("page3", $data);
        $this->load->view("footer",$data);
      }
    }

Model

 function logInUser($useremail,$userpassword) { 
    $this->db->where('email',$useremail );
    $this->db->where( 'password', $userpassword );

    $login = $this->db->get()->result();

    if (is_array($login) && count($login) == 1) {
        return true;
    } else {
        return false;
    }

I'm getting Error Number: 1064 which is check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE email = 'email@gmail.com' AND password = '1a1dc91c9073' at line 2

Thanks

This doesn't answer your question, but see http://stackoverflow.com/questions/7044785/what-is-the-safest-way-to-store-a-password-using-code-igniter-solved. You shouldn't be using md5 for your passwords. — Mike, Mar 01 '14 at 22:52
I invite you to use $login = $this->db->get()->num_rows(); instead. It works better for your purpose — Kalzem, Mar 01 '14 at 23:13
@Mike I know you shouldn't use MD5 but its for a university project so it doesn't really matter! — adamalexanderw, Mar 01 '14 at 23:16

score 3 · Accepted Answer · answered Mar 01 '14 at 23:01

3

You re missing the table name

$login = $this->db->get( )->result();
                        ^^here

Try this by adding table name

$login = $this->db->get('your table name')->result();

$this->db->get();

answered Mar 01 '14 at 23:01

M Khalid Junaid

63,861
10
90
118

score 1 · Answer 2 · answered Mar 01 '14 at 23:11

1

I would change your model to something like...

function logInUser($useremail,$userpassword) {

$query = $this->db->query('SELECT * FROM tbl_name WHERE account_email="'.$useremail.'" AND account_password = "'.$userpassword.'"');

if ($query->num_rows() != 0){
    return true;
} else {
    return false;
}

}

I would also suggest encrypting user passwords as well. take a look at MD5. Make sure you use a hash as well.

Cheers!

answered Mar 01 '14 at 23:11

AndrewMac

279
2
9

Thanks, and I already am hashing and using MD5 just didn't post the code! :) – adamalexanderw Mar 01 '14 at 23:14

Codeigniter Login

2 Answers2