davo Posted October 21, 2014 Share Posted October 21, 2014 I can't understand what is wrong with my login template. It's the same one I've used before and not had issues. when a user submits the form back to itself I get the 'login failed' message and $message is equal to 'not logged in', however, other parts of the experience would indicate the use IS logged in. If a user were to submit the form a second time, the page loads correctly and directs them to /contest. I've been banging my head for three days with this and still can't work out the logic that is wrong with it. any help much appreciated. <?php if($user->isLoggedin()) { $mydash = "/contest"; $session->redirect($mydash); $message = "logged in"; }else{ $message = "not logged in"; if($input->post->username && $input->post->pass) { $username = $sanitizer->username($input->post->username); $pass = $input->post->pass; $u = $users->get($username); if($u->id && $u->tmp_pass && $u->tmp_pass === $pass) { // user logging in with tmp_pass, so change it to be their real pass $u->of(false); $u->pass = $u->tmp_pass; $u->save(); $u->of(true); } $u = $session->login($username, $pass); if($u) { // user is logged in, get rid of tmp_pass $u->of(false); $u->tmp_pass = ''; $u->save(); } } // present the login form $headline = $input->post->username ? "$message Login failed {$input->post->username} " : "$message Please login {$input->post->username} "; $page->body = " <h2>$headline</h2> <form role='form' action='./' method='post'> <div class='form-group'> <label for='username'>Username </label> <input type='text' class='form-control' style='border-radius:0px' id='username' placeholder='username' name='username'> </div> <div class='form-group'> <label for='pass'>Password</label> <input type='password' class='form-control' style='border-radius:0px' id='pass' placeholder='Password' name='pass'> </div> <button type='submit' class='btn btn-sm btn-default'>Sign in</button> </form> <p><a href='/reset-pass/'>Forgot your password?</a></p> <p><a href='/forms/registration/'>Don't yet have a login?</a></p> "; $page->editor = "Login to view content editor"; include("./main.php"); // main markup template } Link to comment Share on other sites More sharing options...
pwFoo Posted October 22, 2014 Share Posted October 22, 2014 I use this code. try { $login = $session->login($user, $pass); if($login && $login->id) return true; else return false; } catch(Exception $e) { return $e->getMessage(); } 1 Link to comment Share on other sites More sharing options...
Soma Posted October 22, 2014 Share Posted October 22, 2014 Simple logic issue of your code. 1. User logged in? ... redirect 2. Form submitted, check and login 2. User not logged in show login After sending the form, he's not yet logged in... you log them in later (but still show the form as if not logged in), but don't redirect after the login. So you get what you have. 4 Link to comment Share on other sites More sharing options...
davo Posted October 22, 2014 Author Share Posted October 22, 2014 Of course! Thank you. I was showing the login and redirect test before the login was actually taking place. Hence they were logged in by the time of the end of parsing the whole page but not at test time. Which also explains why when I then visited a different page I did appear to be logged in (because by then they were!) Thank you for helping me see this. Link to comment Share on other sites More sharing options...
davo Posted October 23, 2014 Author Share Posted October 23, 2014 Soma, I thought I had this sorted but I'm still getting the same behaviour. I moved the session redirect to after the login lines of code hoping that this time the user would have been logged in and trigger the redirection. Can you advise what I'm doing wrong please. ~David <?php if($input->post->username && $input->post->pass) { $username = $sanitizer->username($input->post->username); $pass = $input->post->pass; $u = $users->get($username); if($u->id && $u->tmp_pass && $u->tmp_pass === $pass) { // user logging in with tmp_pass, so change it to be their real pass $u->of(false); $u->pass = $u->tmp_pass; $u->save(); $u->of(true); } // this part actually logs the user in $u = $session->login($username, $pass); if($u) { // user is logged in, get rid of tmp_pass $u->of(false); $u->tmp_pass = ''; $u->save(); } } // redirect if the user is login is successful which should have happened above if($user->isLoggedin()) { $message = "good!"; $session->redirect("/processwire"); } // present the login form $headline = $input->post->username ? "$message Login failed {$input->post->username} " : "$message Please login {$input->post->username} "; $page->body = " <h2>$headline</h2> <form role='form' action='./' method='post'> <div class='form-group'> <label for='username'>Username </label> <input type='text' class='form-control' style='border-radius:0px' id='username' placeholder='username' name='username'> </div> <div class='form-group'> <label for='pass'>Password</label> <input type='password' class='form-control' style='border-radius:0px' id='pass' placeholder='Password' name='pass'> </div> <button type='submit' class='btn btn-sm btn-default'>Sign in</button> </form> <p><a href='/reset-pass/'>Forgot your password?</a></p> <p><a href='/forms/registration/'>Don't yet have a login?</a></p> "; $page->editor = "Login to view content editor"; include("./main.php"); // main markup template Link to comment Share on other sites More sharing options...
Soma Posted October 23, 2014 Share Posted October 23, 2014 You don't need to check if user is logged in, cause you log him in just before and test if it's working with if($u) which should be if($u->id) $u = $session->login($username, $pass); if($u && $u->id) { // user is logged in, get rid of tmp_pass $u->of(false); $u->tmp_pass = ''; $u->save(); // redirect here } Apart from that $user->isLoggedin() wouldn't work anyway cause you have $u which is the logged in user. The template var $user at that moment isn't updated. 2 Link to comment Share on other sites More sharing options...
davo Posted October 23, 2014 Author Share Posted October 23, 2014 That works - thank you. but just to clarify so i understand what i'm doing, "if($u && $u->id)" checks to see if the variable $u exists AND $u->id exists? Link to comment Share on other sites More sharing options...
Soma Posted October 23, 2014 Share Posted October 23, 2014 login() returns null if login failed so a test like $u->id would give a warning or error that $u is not an object. if($u) would also work here. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now