Thread

Wondered that myself… thought about just passing an empty array… I don’t think it matters what is passed, as long as something is. But haven’t had a chance to explore it yet.

-tg

Where’s the register page?

check the: create_user.php file under: views/auth

you can use that as a basis to make one easy enough. Basically clone it and adjust displayed text and fields as needed.

Been trying out auth projects the past few days, read all 58 pages, and have a few questions.

I noticed this does something different than tank_auth.  That is create a database table for sessions.  I was wondering what the benefits of that are, why you’d do it one way or the other, etc.  Admittedly, my knowledge of sessions is lacking even in general php.

If I were to want all user’s with group ‘moderator’ or higher, how would I do that?  From what I can tell, each group authorized must be specifically mentioned in an array.  If a moderator is allowed, surely the admin is allowed. Assuming my group id’s are in order, with Admin being 1, and increasing lower ranks getting higher numbers… I’m thinking of a function like group_at_least(3), where group id’s 3 and lower are good to go.  Does that make sense or am I just complicating things?

Finally, why not just use the timestamp in ‘created_on’ as the salt?  Or say, the last X numbers of the timestamp?

i tried ion_auth and it’s really a very nice lightweight auth library .. but: why is there a “id” column in groups and users database table ?!? the group_id and user_id is always unique, why an additional id field ???

i tried ion_auth and it’s really a very nice lightweight auth library .. but: why is there a “id” column in groups and users database table ?!? the group_id and user_id is always unique, why an additional id field ???

It’s good practice… In case of expansion by the creator or by someone else that wants to call just a group perhaps.

If you choose an authorisation by email (not username), registering with already existing mail is not allowed. This is good. But the situation with the usernames are a little bit strange. Can someone give some more details about the logic here?

For example, auth login method is email/password. Trying to register with already registered mail is not possible. But registering with an existing username is some kind of possible. If there is already an user “testing” and I try to register as “testing”, there is no error. But anyway the user is added in the database as “testing1”. If I try one more time, again a new row in the `users` table, with username “testing12”, then “testing123”.

What is the point of this? I mean… If it is allowed, then all of those registrations should have the username “testing”.

And I want to ask how to avoid this. I don’t want dublicate usernames in my case. And also I don’t like the approach with adding 1,2,3 at the end of the username.

There was an example code here, about checking this during registration. But there is a function also ... extra_where
Can it be used in this case?

the logic checks to see if a username is already taken, if thats the case rathen than throwing up a error the code changes the username to “tester1” “tester2” ... you can obviously change this logic so that it does throw up a error ( i beleive the function is username_check ) 

So the lines of code your talking about lies here :

// If username is taken, use username1 or username2, etc.        
if ($this->identity_column != 'username'){
    for($i = 0; $this->username_check($username); $i++){
    if($i > 0){
        $username .= $i;
    }    
    }        
}

This is found in the register function in the ion_auth_model.php file

This is what you need to change in order to remove this functionality.

@Bainzy, thank you! I mean ... it is a strange functionality. I’ve never seen this in any site. The options normally are ... You can register with an existing username, or not. In my case, I prefer not. But that’s my own site logic. Anyway I am asking as why is this? What it is suppose to do? Should I inform the user after registration with a message like:

Your registration is successful, but anyway the username “testing” was already taken. That’s why your username is “testing1”. Have fun!

And what if the user does not like “testing1” as an option? I think in these cases 99% of the sites are displaying something like:

The username “testing” is already taken. Please, choose another username.

Yeah, you can offer him options like:

testing1
testing80 // if the user’s birth year is 1980 for example

But to choose an username instead of the user, it is not good I think. Strange for a basic functionality. Really ...

TBH its a good question and one that i would not know how to answer.  I personally think its there to speed up the registration process rather than kicking them back to the registration page again for validation errors ... another option you have is using a little bit of jquery here ... and when the user types the username and then clicks on the next box for example password ... as your username box looses it focus you can use jquery to call a little script that checks the username against the one in the database, if its taken you can then show a error saying the username is taken.  There is lots of tutorials on the internet on how to create this.

http://shawngo.com/wp/blog/gafyd/index.html?q=gafyd/index.html
http://roshanbh.com.np/2008/04/check-username-available-ajax-php-jquery.html

I like this as it 1. saves on a page request by refresh ... and 2. it looks cool 😊

hope this helps

Not only that but you could also use it to prevent the use of either questionable/banned/or otherwise taboo usernames pretty quickly.

Just a quick note of warning implementing either of those methods, don’t forget to sanitize the user name before comparing it to the database. Otherwise “0’; DELETE * FROM Users;” will have a field day logging in. 😉

-tg

Just starting with Ion Auth and everything working great. Couple of questions:

1. Activate/Deactivate - these functions set a flag and I am assuming it is up to us to use as we want. Does Ion Auth use the flag anywhere in its code?

2. I see a view for editing a user and a function in the model, but nothing in the controller similar to create_user. Am I missing something?

Thanks,
Terrt

I’ve just got up and running with this library. Great stuff seems to do everything I want but I’m running into a problem.

I want to make the result of the logged_in() function available to all of the views in my application, and I figured the best way to do that was to include a variable ($logged_in) in every $data array I pass though to the view.

In order to do that I tried to simply extend the base controller (in the method described below).

http://codeigniter.com/wiki/MY_Controller_-_how_to_extend_the_CI_Controller/

There now seems to be a problem with loading the ion_auth library (And at this stage I’m not even using any functionality of the library, just trying to load it along with my custom controller which I’ve implemented exactly as outlined in the above link).

A PHP Error was encountered

Severity: Notice

Message: Undefined property: MY_Controller::$ion_auth_model

Filename: libraries/Loader.php

Line Number: 1035

Fatal error: Call to a member function _assign_libraries() on a non-object in {my site root}/system/libraries/Loader.php on line 1035

It looks like it’s something to do with loading the model - which I don’t understand because the ion_auth model simply extends the core CI_Model. Why should it care what controller I’m using?

Any help appreciated. Thanks.

drumbassrockroll,

Please post your MY_Controller, the controller that you are running, and your autoload config file.

TerryT,

1.  Yes, the library does use the flag.  For retrieving active or inactive users.

2.  The code that’s there is an example, the library and model are Ion Auth and the controllers and views are just examples for you to add to and customize to suit your needs.