Yii Framework Forum: Wrong Password Causing Error - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Wrong Password Causing Error Chapter 6 - Authenticating users using the DB

#1 User is offline   Jonpolygon 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 2
  • Joined: 12-May 13

Posted 12 May 2013 - 12:58 PM

I am completely new to Yii development and I am also completely new to these forums. Reading the forums has helped me so far, but I was unable to find anything on the error I am getting. I hoping someone can help me get past a stumbling block I have encountered. For reference I am now up to Chapter 6 - Authenticating users using the DB.

Before I discuss my problem it may help to know what I am doing differently to the book. Firstly, I made the decision to use crypt with blowfish in place of MD5. I am crypting the passwords with blowfish on creation or update of users after form validation has occurred, big thanks to this article.

Secondly, I am using the password stored in the database to salt user entered passwords entered into the login form and I am comparing this against the password string in the database.

/**
     * Checks if the given password is correct.
     * @param string password to be validate
     * @return boolean whether the password is valid
     */
    public function validatePassword($password)
    {
        return $this->hashPassword($password)===$this->$password;
    }

    /**
     * Calling the hashPassword function crypts the user entered password using
     * the existing blowfish password contained in the DB as the salt.
     */
    public function hashPassword($password)
    {
        return crypt($password, $this->$password);
    }


I can successfully login when the username and password match what is in the DB. I also get a valid error message when entering a username that is not found in the database. However, when I type in a correct username and an incorrect password I get the following error:

CException

Property "User.test" is not defined.

/Users/jonpolygon/Documents/workspace/dev/yii/framework/db/ar/CActiveRecord.php(143)


"test" is the password that I have entered in that did not match the stored password in the database.

My authentication script has come from the book, which I think may be the culprit, but I cannot see the problem.

public function authenticate()
	{
	    $user=User::model()->find('LOWER(username)=?', array(strtolower($this->username)));
        if($user===null)
        {
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        }
        elseif(!$user->validatePassword($this->password))
        {
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        }
        else
        {
            $this->_id=$user->id;
            $this->username=$user->username;
            $this->setState('lastLogin', date("m/d/y g:i A", strtotime($user->last_login_time)));
            $user->saveAttributes(array('last_login_time'=>date("Y-m-d H:i:s", time()),
            ));
            $this->errorCode=self::ERROR_NONE;
        }
        return $this->errorCode==self::ERROR_NONE;
    }


Also I should mention that I am completely new to frameworks in general. Also, I have worked with PHP for a few years but I still consider myself a novice, so I apologize in advance if I am a bit slow to catch on.

Thanks,
Jonathan
0

#2 User is offline   Tsunami 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 150
  • Joined: 16-February 12

Posted 12 May 2013 - 01:24 PM

You're using $this->$password, which tries to use the value of $password as a property of $this. I assume it should be $this->password.
0

#3 User is offline   Jonpolygon 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 2
  • Joined: 12-May 13

Posted 12 May 2013 - 02:13 PM

View PostTsunami, on 12 May 2013 - 01:24 PM, said:

You're using $this->$password, which tries to use the value of $password as a property of $this. I assume it should be $this->password.


Thank you so much. I made the change from $this->$password to $this->password and that did the trick.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users