Thread

Dear Ben

Is it oke if I change the field created_on and Last_login to DATETIME and active to enum(‘0’,‘1’)?

Thanks

Hey guys.

First thing first: Ion_auth is awesome!
I got stuck on this one though: when I run profile function:
$profile = $this->ion_auth->profile();

I only get results from users and groups table.

For some reason i don’t get anything back in that query from meta table (phone, company, firstname, last name).
I can run separate query against meta table using user_id to get that data, but it seems to me that profile() function should return that info.

Does anyone have any idea what’s up?

Thanks

Hi Ben,

Can you add regex check in the email check for checking illegal characters?

A customer of mine using PyroCMS has some users entering charters like + - etc.

Thank you
InsiteFX

huuray,
There isn’t one.  Just check out the methods in the model.

- Obonk -,
That should be fine.  You can always try it and change it back if needed.

dreamer111,
The profile method is still there for backwards compatibility with redux auth.  I recommend using get_user() instead.

InsiteFX,
It is using the CI validation ‘valid_email’.  Is there an issue with this function?

Thanks for quick reply Ben.

I’ve tried get_user() - but it does the same thing. It return users and groups tables
without any info from meta table.

Could you confirm that the latest github build with default included schema returns meta info?

Thanks

dreamer111,

Yes it does.  Please post your ion_auth settings file and your meta schema.

Thanks Ben
Schema was taken directly from latest github file:
benedmunds-CodeIgniter-Ion-Auth-235b81d.zip
here is settings file:
  $config[‘tables’][‘groups’]  = ‘groups’;
  $config[‘tables’][‘users’]  = ‘users’;
  $config[‘tables’][‘meta’]  = ‘meta’;
  $config[‘site_title’]        = “www.example.com”;
  $config[‘admin_email’]        = “[email protected]”;
  $config[‘default_group’]    = ‘members’;
  $config[‘admin_group’]      = ‘admin’;
  $config[‘join’]          = ‘user_id’;
  $config[‘columns’]        = array(‘first_name’, ‘last_name’, ‘company’, ‘phone’);
  $config[‘identity’]        = ‘email’;
  $config[‘min_password_length’] = 8;
  $config[‘max_password_length’] = 20;
  $config[‘email_activation’]  = false;
  $config[‘remember_users’]    = true;
  $config[‘user_expire’]      = 7200;
  $config[‘user_extend_on_login’] = false;
  $config[‘email_templates’]    = ‘inserts/ionauthemails/’;
  $config[‘email_activate’]  = ‘activate.tpl.php’;
  $config[‘email_forgot_password’]  = ‘forgot_password.tpl.php’;
  $config[‘email_forgot_password_complete’]  = ‘new_password.tpl.php’;
  $config[‘salt_length’] = 10;
  $config[‘store_salt’] = false;
  $config[‘message_start_delimiter’] = ‘’;
  $config[‘message_end_delimiter’] = ‘’;
  $config[‘error_start_delimiter’] = ‘’;
  $config[‘error_end_delimiter’] = ‘’;

Yep. it’s weird. Everything seems to be correct to me.

Ghmm. never mind. 😊
just got everything working. Not sure what was wrong though.
Just replaced library/model and it worked. I get meta data now.
Thanks for replies Ben.

Turns out problem was with notepad++ dbgp plugin that I use for php edbugging.
For some reason it was only showing part of the data.
dunno how this is even possible.

Hi Ben,

As I said above, some how the users are entering ( + - etc ) and other characters that should not be
allowed in the email address. I’ll I see if I can fix it and then post it here.

Thanks Ben
InsiteFX

About the password generation…

public function salt()
    {
        return substr(md5(uniqid(rand(), true)), 0, 10);
    }


    public function hash_password($password, $salt=false)
    {
        if (empty($password))
        {
            return FALSE;
        }

        if (FALSE && $salt)
        {
            return  sha1($password . $salt);
        }
        else
        {
            $salt = $this->salt();
            return  $salt . substr(sha1($salt . $password), 0, -10);
        }
    }

By default, what part of the code run? “return sha1($password . $salt);” or “return $salt . substr(sha1($salt . $password), 0, -10);” ?

I’am struggling to get the password generation running in a Database procedure whitout success until now.

Best Regards,

Ok done with the password hashing in PostgreSQL.

To hash passwords like this:

return  $salt . substr(sha1($salt . $password), 0, -10);

We need two functions in PlpgSQL:

CREATE OR REPLACE FUNCTION sha1(bytea) returns text AS $$
      SELECT encode(digest($1, 'sha1'), 'hex')
    $$ LANGUAGE SQL STRICT IMMUTABLE;

CREATE OR REPLACE FUNCTION "public"."hash_password" (pPASSWORD varchar) RETURNS varchar AS
$body$    
    DECLARE
    pPASSWORD                     alias for $1;
    vSALT                        varchar;
    vTO_HASH                    bytea;
    vHASHED                        varchar;

    
    BEGIN
    select INTO vSALT substr(gen_salt('md5'), 0, 10) as salt;

    vTO_HASH := vSALT || pPASSWORD;
    SELECT INTO vHASHED vSALT || substr(sha1(vTO_HASH), 0, 30) as hashed;
    
    RETURN vHASHED;
    END;
$body$
LANGUAGE 'plpgsql' VOLATILE RETURNS NULL ON NULL INPUT SECURITY DEFINER;

Then we can call the HASH_PASSWORD function, just like:

select hash_password('123456789')

Just in case that someone need to generate users in the database(PostgreSQL).

Best Regards,

Thanks for posting the solution Sinclair

how to check whether is user logged or not in view?

huuray,

Some people make an auth helper that just returns ion_auth->logged_in() but I usually create a user object in a MY_Controller and pass that to every view.  Then in the view I can just make sure the user object isn’t empty.

thanks ben,
i think ion auth need a wiki 😉