Hi, i have a problem with login. I’ve just created a new web. Which one uses md5 and the other uses combination of md5 and salt. But when i check like this:
This question is not really clear… do you have the old “plain” password or just the md5… if it’s the later… than how would you convert that password to new one?
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
/*
You caling record find inputusername
*/
$record = User::model()->find(array(
'condition' => 'LOWER(username) = :username',
'params' => array(
':username' => strtolower($this->username),
),
));
/*
set old password
*/
$oldPassword = trim($this->password);
if($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
/*
ok user this pasword is not saltet password returns false
in case you didint trim(password before)
*/
}else if($record->password !== User::hashPassword($oldPassword)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
/*
user pasword not equal to md5 this password this step means that pasword is allredy saltet
else if($record->password !== md5($oldPassword)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} returns false dont need this
*/
}else if($record->password === md5($oldPassword){
/*
rturn the $this->pasword equal old password
cose if you put else he is confused,
Now you try to say ok both method false , lets salt a passwod
you dont need if($record != null) { returns true,
couse you get alledy if($record === null) ,returns false
hash the password now
*/
$record->password = User::hashPassword($oldPassword);
/*
if record save();
returns false vadation couse you have model rules with more then one attributes
*/
$record->save(false);
$this->_id = $record->id;
$this->username = $record->username;
$this->errorCode = self::ERROR_NONE;
}else{
/*
if all (else if returns false)
all validation pass now return true
*/
$this->_id=$record->id;
$this->username=$record->username;
$this->errorCode=self::ERROR_NONE;
}
/*
your not returning error code???
return !$this->errorCode,
your confusing CFormModel
with UserIdentity
public function login()
{
if($this->_identity===null)
{
$this->_identity=new UserIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
{
$duration=$this->remeberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else
return false;
}
*/
return $this->errorCode==self::ERROR_NONE;
}
public function getId() {
return $this->_id;
}
}