phpass matching input password with stored password - mysql

I used phpass to hash my password on Insert as follows
public function addAdmin(){
$this->load->library('phpass');
$this->load->database();
$psw = 'admin1234';
$hashed = $this->phpass->hash($psw);
$now = date("Y-m-d H:i:s");
$data = array(
'userid' => 'admin_user' ,
'userfname' => 'Admin' ,
'userlname' => 'Admin',
'userdname' => 'Admin' ,
'useraddress' => '20/72,Vidarshana Mawatha, Galawilawatta, Homagama' ,
'usercountry' => 'Sri Lanka',
'usercontactno' => '0112-892199' ,
'userlastlog' => $now ,
'userpassword' => $hashed ,
'userpermission' => '1',
'useremail' => 'dilukshanmahendra#gmail.com'
);
$this->db->insert('ecom-user', $data);
echo "Successfully Added!";
}
But when I input the same userid & password (Correct UserID and Password) at the Login where it validate by matching them with the stored ones, it returns '0' for the following where I expcted '1'
public function validateLogin($userid,$userpass){
$this->load->library('phpass');
$this->load->database();
$hashed = $this->phpass->hash($userpass);
$this->db->select('*');
$this->db->from('ecom-user');
$this->db->where('userid', $userid);
$this->db->where('userpassword', $hashed);
$result = $this->db->get();
echo $this->db->last_query();
echo '<br/>'.$result->num_rows();
}
Please some one help me to solve this

Better have a look here
, meanwhile, trim all input fields you've got for login and registering new users!

Related

MySQL doesn't update properly

I am trying to update status for users. code works fine .but it can't update in DB
controller.php
public function update_customer(Request $request)
{
$sid = 1;
$setting['setting'] = Settings::editGeneral($sid);
$site_max_image_size = $setting['setting']->site_max_image_size;
$name = $request->input('name');
$username = $request->input('username');
$email = $request->input('email');
$user_type = $request->input('user_type');
$status =$request->input('status');
$data = array('name' => $name, 'username' => $username, 'email' => $email, 'user_type' => $user_type, 'password' => $pass, 'earnings' => $earnings, 'user_photo' => $user_image,'status'=>$status, 'updated_at' => date('Y-m-d H:i:s'));
Members::updateData($token, $data);
return redirect($page_url)->with('success', 'Update successfully.');
}
}
model.php
public static function updateData($token,$data){
DB::table('users')
->where('user_token', $token)
->update($data);
}
how to solve it??
You can use Model class instead of DB Facade. Like below:
User.php
protected $fillable = [
'name' , 'username' , 'email' , 'user_type' , 'password' , 'earnings' , 'user_photo' ,'status', 'updated_at'
];
public static function updateData($token,$data)
{
User::where('user_token', $token)
->update($data);
}

ErrorException Creating default object from empty value in Laravel 6

when I'm trying to update user I got this error
this error point out at $user->first_name = $request->input('first_name');
update method
public function update($id, Request $request){
$this->validate($request, array(
'first_name' => 'string|max:255',
'last_name' => 'string|max:255',
'email' => "string|email|max:255|unique:users,email,$id",
'password' => "sometimes|nullable |string|min:8,$id",
'avatar' => 'image|mimes:jpg,jpeg,gif,png,svg|max:2048',
));
$password = bcrypt(request('password'));
$user = User::where('email',$request['email'])->first();
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
if(!empty($request->password))
{
$user->password = $password;
}
if($request->hasFile('avatar')){
$avatar = $request->file('avatar');
$filename = time() . '.' . $avatar->getClientOriginalExtension();
Image::make($avatar)->resize(300, 300)->save( public_path('/images/avatars/' . $filename ) );
$user->avatar = $filename;
}
$user->roles()->detach();
if ($request['user']) {
$user->roles()->attach(Role::where('name','User')->first());
}
if ($request['editor']) {
$user->roles()->attach(Role::where('name','Editor')->first());
}
if ($request['admin']) {
$user->roles()->attach(Role::where('name','Admin')->first());
}
$user->save();
return redirect('admin/users')->with('success', 'user is successfully saved');
}
Your assignment $user is null because there is no record with the email you are providing.
Use findOrFail($request['email']) so that you throw a ModelNotFoundException in this scenario.
OR
$user = User::where('email',$request['email'])->first();
if(!is_null($user) { // check not null of $user here
$user->first_name = $request->input('first_name');
$user->last_name = $request->input('last_name');
}
References:
https://laravel.com/docs/5.7/eloquent#retrieving-single-models
https://laracasts.com/discuss/channels/laravel/errorexception-in-profilecontrollerphp-line-98-creating-default-object-from-empty-value
You should use FindOrFail method instead
so instead of using this line:
$user = User::where('email',$request['email'])->first();
use this:
$user = User::findOrFail($id);
so FindOrFail will get the user by id and if it does not exist it will fail and show 404 Not found.

Inserting variables in Yii2 to Database

I am trying to insert $product, $pric and $user to database table cart. Following is the function that I have created in SiteController.php.
public function actionCartadd($id)
{
$product = Additem::find()
->select('product')
->where(['id' => $id])
->one();
$pric = Additem::find()
->select('price')
->where(['id' => $id])
->one();
$user = Yii::$app->user->identity->username;
$connection = Yii::$app->getDb();
$result = Yii::$app->db->createCommand()
->insert('cart', [
'product' => '$product',
'price' => '$pric',
'user' => '$user',
])->execute();
if ($result)
return $this->render('custstore');
}
However, this end up in error. Can anyone suggest any fix
Try this following code
$result = Yii::$app->db->createCommand()->insert('cart', [
'product' => $product->product,
'price' => $pric->price,
'user' => $user
])->execute();
Look at this fragment:
'product' => '$product',
'price' => '$pric',
'user' => '$user',
Use double quotes in values or just variables without quotes
Also, better way to fetch product and price:
$productItem = Additem::findOne($id);
if ($productItem instanceof Additem) {
$product = $productItem->product;
$pric = $productItem->price;
}

Yii2-user Dektrium - how to hash password

i want to do hash password and check that with database ( password_hash )
How can I do it????
$username = $auth['username'];
my password is
$password = $auth['password'];
i want hash that :
$find = \dektrium\user\models\User::findOne(['username' => $username, 'password_hash' => $password]);
You could generate the $hash using
$hash = Yii::$app->getSecurity()->generatePasswordHash($password);
$find = \dektrium\user\models\User::findOne(['username' => $username,
'password_hash' => $hash]);
Th code belowe is from dektrium/yii2-user/helpers/password.php ( the code for hash function ..of dektrium adn as you see the extensions use the generatePasswordHash and a cost
public static function hash($password)
{
return \Yii::$app->security->generatePasswordHash($password,
\Yii::$app->getModule('user')->cost);
}
default cost = 8
I know quite late to answer this, but for those who are still looking.. I recently encountered this issue and after lots of testing below code worked for me:
$behaviors['authenticator'] = [
'class' => HttpBasicAuth::className(),
'auth' => function ($username, $password) {
$user = \dektrium\user\models\User::findOne(['username' => $username]);
if ($user->validate($password)) {
return $user;
}
return null;
}
];

MySQL database table not inserting data

I have a MySQL database table named login which stores user information and login details. The table has been working well (inserting, updating and selecting) but from yesterday,the table is not inserting data from my php codeigniter scripts but its selecting and updating.
Also, when I insert a row manually (in phph Myadmin), its inserting well. The table has only 470 rows and its using InnoDB ingine and its 192KB. What could be the problem? The database is on a shared host. Here is the php code
function insertUser($pfNo, $fName, $mName, $lName, $email, $username, $encPassword, $userType,$preuniYear, $salt, $creationDate){
$data = array(
'pfNo' => $pfNo,
'fName' => $fName,
'mName' => $mName,
'lName' => $lName,
'email' => $email,
'username' => $username,
'password' => $encPassword,
'userType' => $userType,
'year' => $preuniYear
);
$query1 = $this->db->insert('login', $data);
$data = array(
'username' => $pfNo,
'creationDate' => $creationDate
);
$query3 = $this->db->insert('systemdetails', $data);
if ($query1 && $query3) {
return true;
} else {
return false;
}
}`