codeigniter setting up a password!

Question

Hello there! I try to set up a password in a codeigniter form... Everything seems ok to my eyes but no matter which password I use the form is still submitted...

here is the code in the controler:

class MyBlog extends Controller{


   function MyBlog(){
       parent::Controller();
       $this->load->helper(array('url','form','html')); //here we load some classes that we use 

       $this->load->scaffolding('entries');  //scaffolfing is a feature that lets you add or remove elements from the database
        $this->load->scaffolding('comments');

       $this->load->library('form_validation');//load validation class used to validate our forms...
   }

  function index(){

      $data['title'] = "My Blog Title"; //the title of my blog
      $data['query'] = $this->db->get('entries'); //here we make a small query to entries table


      $this->load->view('myBlog_view', $data); ///load all data variables on myBlog_view.php
     //this is also for the form validation


        $this->form_validation->set_rules('title', 'Title', 'required');
        $this->form_validation->set_rules('body', 'Body', 'required');
        $this->form_validation->set_rules('author', 'Author', 'required');
        $this->form_validation->set_rules('pass', 'Pass', 'callback_pass_check');


        function pass_check($str) {
        if ($str == 'baywatch'){
            return TRUE;
        }
        else{
            return FALSE;
        }
    }



      if ($this->form_validation->run() == TRUE)
        {   


            $this->myBlog_insert();
            //$this->load->view('formSuccess_view');
        }

      }



 function myBlog_insert(){

        $insert = array( 'title' => $_POST['title'],
                        'body' => $_POST['body'],
                        'author' => $_POST['author']
                        );

       $this->db->insert('entries',$insert);

       redirect('myBlog/');
       }


} 

and this is my form:

<div class="theForm">

<?php echo $this->form_validation->error_string; ?>
<?php echo validation_errors(); ?>
<?php echo form_open('myBlog'); ?>


<label for="title">Title:</label>

<input type='text' name="title" size="40" id="title" />
<p>
<label for="body">Body:</label>
<textarea name="body" rows = "10" cols="60" id="body"></textarea>
</p>
<p>
<label for="author">Author:</label>
<input type="text" name="author" size="40" id="author"/>
</p>
<p>
<label for="pass">Password:</label>
<input type="password" name="pass" size="38" id="pass"/>
</p>
<p><input type="submit" value="Submit New Post"/></p>
</form>
</div>
</body>
</html>

any ideas? thanks in advance

Answer 1

<label for="pass">Password:</label>
<input type="text" name="pass" size="38" id="author"/>

The input type is text no password, the id='pass'.

Answer 2

Ok, a couple of things first:

1) id's should be unique. ie your author field and your password field shouldn't have the same id. 2) password fileds should use the type "password" not "text".

I think the reason you're having problems is with your callback function pass_check(). Try changing your function to:

function pass_check($pass)
{
if($pass !== 'baywatch')
{
  return FALSE;
}

By the way, scaffolding has now been deprecated. Can I suggest you look into using models and the active record class as a way of interacting with your db? Also, this really isn't a very secure way of handling passwords. Have a look at some of the CI authentication libraries and see if you can implement one of them.

Answer 3

Ok guys...I found what the problem was...function pass_check was declared inside index()...and for some reason it needs to be outside as a method of the class...Hope this will help others... I give some ups for all the suggestions...