[sanjay1024]

Hi,

I am still learning YII.

I want to login in my application with database user. but i am getting Incorrect username or password while login.
password is stored in encrypted format in database. I am using the below code.

can someone please help me.

class UserIdentity extends CUserIdentity
{
	/**
	 * Authenticates a user.
	 * The example implementation makes sure if the username and password
	 * are both 'demo'.
	 * In practical applications, this should be changed to authenticate
	 * against some persistent user identity storage (e.g. database).
	 * @return boolean whether authentication succeeds.
	 */

	 private $_id;

	public function authenticate()
	{
		$user=User::model()->findbyAttributes(array('username'=>$this->username));

		if($user===null)
		{
		  $this->errorCode=self::ERROR_USERNAME_INVALID;
		}
		else
		{
			if($user->password!==$user->encrypt($this->password))
			{
			$this->errorCode=self::ERROR_PASSWORD_INVALID;
			}
			
		}
		return !$this->errorCode;
	}

	public function getId()
	{
		return $this->_id;
	}
}

protected function afterValidate()
	{
		parent::afterValidate();
		$this->password = $this->encrypt($this->password);
	}
		public function encrypt($value)
		{
			return md5($value);
		}

Thanks

[seenivasan]

Dear Sanjay

Kindly check the following is helpful.

 public function authenticate()
        {
                $user=User::model()->findbyAttributes(array('username'=>$this->username));

                if($user===null)
                    {
                         $this->errorCode=self::ERROR_USERNAME_INVALID;
                    }
                else if($user->password!==$user->encrypt($this->password))
                    {
                          
                         $this->errorCode=self::ERROR_PASSWORD_INVALID;        
                    }
                else     $this->errorCode=self::ERROR_NONE;

                return !$this->errorCode;
        }

[Stefano Mtangoo]

if($user->password!==$user->encrypt($this->password))
{
   $this->errorCode=self::ERROR_PASSWORD_INVALID;
}

Are you sure you are storing plain text passwords? If no thn change it to

if($user->password!==$user->$this->password)
{
   $this->errorCode=self::ERROR_PASSWORD_INVALID;
}

[sanjay1024]

Hi seenivasan,

Thanks for your quick response.

I used your code, for wrong password it is giving error incorrect username or password but for correct password it is showing nothing and remains on the login page only.


Hi Stefano Mtangoo,

Thanks for your quick response.

I am storing the password in md5 format.

When i changed the line suggested by you it is giving below error

Recoverable error
Object of class UserIdentity could not be converted to string 

[sanjay1024]

OK Thank for your support,

Now I am able to login with database user.

here is my code below.

class UserIdentity extends CUserIdentity
{
	/**
	 * Authenticates a user.
	 * The example implementation makes sure if the username and password
	 * are both 'demo'.
	 * In practical applications, this should be changed to authenticate
	 * against some persistent user identity storage (e.g. database).
	 * @return boolean whether authentication succeeds.
	 */

	 private $_id;  
	 
	 public function authenticate() 
        { 
                $user=User::model()->findbyAttributes(array('username'=>$this->username)); 
 
                if($user===null) 
                    { 
                         $this->errorCode=self::ERROR_USERNAME_INVALID; 
                    } 
                else if($user->password!==$user->encrypt($this->password)) 
                    { 
                           
                         $this->errorCode=self::ERROR_PASSWORD_INVALID;         
                    } 
                else     $this->errorCode=self::ERROR_NONE; 
 
                return !$this->errorCode; 
        }

}

Model User.php

protected function afterValidate()
	{
		parent::afterValidate();
		$this->password = $this->encrypt($this->password);
	} 
		public function encrypt($value)
		{
			return md5($value);
		} 

I am developing a application which will have customer login to view their details and admin & members login to manage/update the application/user's data.

I am having one table which consists of user's data and the same data when login with customer login id he will see only his data.

can it be possible to create seperate login table & login page for customer eg:- (tbl_cust) and another table eg:- (tbl_staff)

customer's user ids will be stored in tbl_cust & Staffs user ids will be saved in tbl_staff table.

Kindly suggest.

Thanks

[alirz23]

Hi sanjay

that is possible you can do that, but there is another approach that i would suggest you can have only one table for all your users and then you assign them groups based on groups/permission you can give them permission to access certain areas of your website/app.

[sanjay1024]

Hi alirz23,

We don't want to mess the table with both the username (Staff & cutomer).

We want it to be seperate.

Thanks

[sanjay1024]

Hi alirz23,

On searching the forum i came to know that for my below requirement i have to do the following.

1) create 2 table tbl_cust & tbl_staff

tbl_cust will contain the customer data and customer user login
tbl_staff will contain the members/admin login to manage the data.

2)create a front end and back end directories (http://www.yiiframew...ionend-behavior)

front end for customer view & back end for members/admin to manage

3) create 2 UserIdentity.php file one for front end and other for back end.

front end UserIdentity.php file will check for users in tbl_cust if found it will login and redirect to customer profile page and if not found it will give error. it wont be checking tbl_staff for user's.

back end UserIdentity.php file will check for users in tbl_staff if found it will login and redirect to members page and if not found it will give error. it wont be checking tbl_cust for user's.


please correct me i am wrong, so that i can start working on it.

Thanks in advance

[alirz23]

you can go ahead there is nothing wrong with that approach