1

I have problem when creation session
login to system done with no error and I can print session data but my problem is

First, when I move from page to page no session data found and I can open any function by writing URL of my protect without transferring me in login page

Second: I want to apply all session in all controller

This is my code: controller

class Users extends CI_Controller
{
    public function __construct()
    {
        parent::__construct();
        $this->load->library('session');
    //  print_r($this->session->userdata);

    }

    public function Login()
    {
        if($this->input->post("login"))
        {
            $this->load->library('form_validation');
            $this->form_validation->set_rules("username","UserName",'required|min_length[3]|max_length[30]|alpha');
            $this->form_validation->set_rules("password","password",'required|min_length[3]|max_length[30]');
            if ($this->form_validation->run())
            {
                $username=$this->input->post("username");
                $password=$this->input->post("password");
                $encpassword=md5($password);
                $this->load->model("DatabaseModel");

                if($info=$this->DatabaseModel->mainlogin($username,$encpassword))
                {
                    if(is_object($info)){

                            $session_data=array(
                                'username' => $info->username,
                                'id'       =>$info->id,
                                'email' => $info->email,
                                'image' => $info->image

                            );
                        $this->session->set_userdata($session_data);
                    }
                    $this->session->set_userdata($session_data);
                    redirect(site_url("Dashboard/index"));

                }else{
                    $this->session->set_flashdata('error', 'Error With Login ');
                    redirect(site_url("Users/login"));
                }

            }else{
                //error for validation
            }
        }

        $data['pagetitle']="IStore | Login";
        $this->load->view("users/login",$data);
        //$this->load->view("users/login");
    }

    public function logout()
    {
        $this->session->unset_userdata('username');
        $this->session->unset_userdata('id');
        $this->session->unset_userdata('email');
        $this->session->unset_userdata('image');
        redirect(site_url("Users/login"));
    }
}

This is my databasemodel

public function mainlogin($username,$password)
{
    $this->db->select('*');
    $this->db->from("users");
    $this->db->where('username',$username);
    $this->db->where('password',$password);
    $sql=$this->db->get();
    return $sql->row();
}
Cœur
  • 37,241
  • 25
  • 195
  • 267
Ahmed Gaber
  • 115
  • 1
  • 10
  • yes password hashed – Ahmed Gaber Apr 14 '18 at 12:01
  • Just noticed you are using md5 for passwords not good choice as not secure enough any more for passwords http://php.net/manual/en/function.password-hash.php 255 on password varchar to create a hash and this to verify http://php.net/manual/en/function.password-verify.php –  Apr 14 '18 at 12:02
  • http://php.net/manual/en/faq.passwords.php –  Apr 14 '18 at 12:03
  • ok i will convert md5 later put i want yo to help me to apply session in all my app controller ? – Ahmed Gaber Apr 14 '18 at 12:04
  • I would suggest autoload the session library in config/autoload.php then you can access the session library in any controller. –  Apr 14 '18 at 12:06
  • Make sure you have set the session save path on config.php –  Apr 14 '18 at 12:08
  • i already load session library but i can access any page directly without return me first to login page first for authentication and create session data – Ahmed Gaber Apr 14 '18 at 12:08
  • Please load your session library in autoload, Or each page(controller) where you want session data. – Kaushik solanki Apr 14 '18 at 13:28

1 Answers1

1

autoload.php

you should set your session library in autoload.php file of config folder

/*
| -------------------------------------------------------------------
|  Auto-load Libraries
| -------------------------------------------------------------------
| These are the classes located in the system/libraries folder
| or in your application/libraries folder.
|
| Prototype:
|
|   $autoload['libraries'] = array('database', 'session', 'xmlrpc');
*/


$autoload['libraries'] = array('session');

After set session in autoload.php you can get session data in all contoller ,and then you can check your session that this is destroy or not if your session has destroyed than you can redirect user from that page

This is answer to how prevent user to access pages without login

codeigniter check for user session in every controller

I hope this will help you

Community
  • 1
  • 1
F5 Buddy
  • 474
  • 4
  • 4