Thread

In users.php I noticed the purge_na() function used to delete non-activated users.

function purge_na($expire_period = 172800)
    {
        $this->db->where('activated', 0);
        $this->db->where('UNIX_TIMESTAMP(created) <', time() - $expire_period);
        $this->db->delete($this->table_name);
        $this->db->delete($this->profile_table_name); //added by me
    }

I added the last line to also delete profile data because I add profile data immediately when a user registers.

Is this function for the the email activation expire in config?

$config['email_activation_expire'] = 60*60*24*2;

thanks for help about my previous question.

so here is a new question, when user decides to signup to site with twitter, he/she have to fill a form with username and email. I added a new form field there called “location”.

When the person fills the form and “location” field and submits the form location row at users section stays empty.

Perhaps i should add info about this new form field about where it should be submitted. But i can’t manage to find in which file i should add that new location information to save database.

Hi all,

I just wanted to point out a bug (!?!) I think I’ve found in tank_auth autologin feature. For autologin, Tank_auth saves the user id and random key as cookie and md5 of their concatenation in the database. It all works fine so long as the user_id in users table and id in user_profiles table are in sync and have same value. But, since $user->id returns id of user_profile not user_id of users table, when users.user_id!=user_profiles.id… wrong user is set for autologin. I’m working on customized code of tank_auth, I’ll go through the code and will confirm. I’ve, in the meanwhile fixed the issue by using $this->....->create_autologin(userdata(‘user_id) instead of what’s in the code that is $this->...->create_autologin($user->id). I’ll confirm it in the morning after I’ve got some sleep. Its 3am in India :(

Hi x3cu73. Thank you for sharing the issue! I noticed that autologin does not work in some browsers and wanted to investigate that.

I’m looking forward to your confirmation.

x3cu73

You were dead on with that analysis and you saved me from hours of work tonight.

To fix the issue I changed the following lines:

Line 85 from :

$this->create_autologin($user->id);

to:

$this->create_autologin($user->user_id);

Line 390 from:

$this->ci->user_autologin->clear($user->id);

to

$this->ci->user_autologin->clear($user->user_id);

Do you do the same or similar. Anything else you caught?

I tested that out by logging in using autologin, then deleting just the ci_session cookie, closing my browser, opening back up and going back to the page. Whereas before that would have logged me in as a different user, it seems to be working as intended now.

If you found anything further please share.

Thanks again!

whoisinkus,

Glad I could be of help.

You missed one thing. In auth controller,

public function autologin()
    {
         .....
         ......
        $this->ci->session->set_userdata(array(
                'user_id'    => $user->id,
                'username'    => $user->username,
                'email'        => $user->email,
                'status'    => STATUS_ACTIVATED,
        ));

Change this to…

public function autologin()
    {
         .....
         ......
        $this->ci->session->set_userdata(array(
                'user_id'    => $user->user_id,
                'username'    => $user->username,
                'email'        => $user->email,
                'status'    => STATUS_ACTIVATED,
        ));

x3cu73,

Good catch. That’s in the Tank_auth library though, right?

Yup, library, not controller..

Does anybody have any idea what is wrong with the following function from Tank Auth controller (application\controllers\auth.php):

function logout()
{
  $this->tank_auth->logout();
  $this->session->set_userdata(array('twitter_id' => '', 'facebook_id' => ''));
  $this->_show_message($this->lang->line('auth_message_logged_out'));
}

The problem is that the message passed to the _show_message() function is NEVER showed. Actually the same problem is everywhere the tank_auth->logout() function is used. After this call all messages set using _show_message() are ignored.

Later edit
I found the solution here:
http://ellislab.com/forums/viewthread/99612/

I tweaked on the purge_na function in models/tank_auth/users.php, as I am using a database other than MySQL and the function UNIX_TIMESTAMP is MySQL-specific. Rather than depending on a database-specific function, I use a PHP function to pass an ISO-8601 datetime format, with the timezone correction removed (MS SQL doesn’t like that part of the ‘standard’ - grr).

function purge_na($expire_period = 172800)
{
$this->db->where('activated', 0);
# MySQL Specific: $this->db->where('UNIX_TIMESTAMP(created) <', time() - $expire_period);
# now creates a generic sql like WHERE created < '2011-06-15T06:15:58'
$this->db->where('created <', substr(date('c',time() - $expire_period),0,19));
$this->db->delete($this->table_name);
}

I use the same logic in can_reset_password() and reset_password() and it appears to be working fine.

Couple questions about extending functionality…

1- Is there a way to automatically log a user in after they register (assuming everything passes and email validation is not required)?

2 - Has anyone modified the library to redirect to the page the user came from rather than back to the homepage after login?

Thanks!

Yes.  This is for Tank Auth 1.0.9

In libraries/Tank_auth,  change

private function create_autologin($user_id)

to

function create_autologin($user_id)

DONT copy paste the whole block BELOW, mine is slightly customised.

In controllers/auth,  comment out $this->_show_message and check out the last 2 lines I added.

if ($this->form_validation->run()) {                                // validation ok
                if (!is_null($data = $this->tank_auth->create_user(
                        $use_username ? $this->form_validation->set_value('username') : '',
                        $this->form_validation->set_value('email'),
                        $this->form_validation->set_value('password'),
                        $email_activation,
                        $profile_array))) {                                        // success


                    $data['site_name'] = $this->config->item('website_name', 'tank_auth');

                    if ($email_activation) {                                    // send "activate" email
                        $data['activation_period'] = $this->config->item('email_activation_expire', 'tank_auth') / 3600;

                        $this->_send_email('activate', $data['email'], $data);

                        unset($data['password']); // Clear password (just for any case)

                        //$this->_show_message('<h1>Registration</h1>' . $this->lang->line('auth_message_registration_completed_1'));

                    } else {
                        if ($this->config->item('email_account_details', 'tank_auth')) {    // send "welcome" email

                            $this->_send_email('welcome', $data['email'], $data);
                        }
                        unset($data['password']); // Clear password (just for any case)

                        //$this->_show_message('<h1>Registration</h1>' . $this->lang->line('auth_message_registration_completed_2').' '.anchor('/auth/login/', 'Login'));
                    }
                    
                    /*
                     * Set autologin here
                     *
                     */
                     
                     $this->tank_auth->create_autologin($data['user_id']);
                     redirect('/profile/#ui-tabs-1');

installed tank auth, but the captcha is blank in other words there is no captcha but it tells me to enter the words i see??

Somebody asked a while back about allowing special characters in passwords but didn’t get a response. I’ve got the same question as well. Is this limitation just on the count of the form validation or will allowing it break phpass or something? I haven’t been able to find any info about it online. Thanks!

For ninja.dude: if you want to see the captcha, make sure the captcha folder is writable.

It is written in the doc, step 4 of Installing Tank Auth.
Tank Auth

I missed it too the first time.

Thanks for the Tank Auth library.  I was 4 hours into writing my own when I found yours as a much better option.

I have a question regarding the database schema though.  Why is user_profiles.user_id not a FK of users.id but rather a copy of information?