@Jonny Blaze

There’s a few different things that were going on with regard to this.

Firstly, I presume to replicate this problem you were logging in, going to the Privilege Example page where it would correctly say ‘User logged in via password’.
If you then closed the browser and then reopened this same page, it would still say ‘User logged in via password’. If you then refreshed the page, the user would be logged out.

This problem has now been fixed so the users session credentials are instantly removed, rather than after 1 page refresh. The update is available via the Github repo.

——————————————————————————————————————-

Now further into possibly the behaviour you were expecting.
The reason why the user was logged out rather than saying ‘User logged in via “remember me”’ is because of the config setting:

This logs the user out when the browser is closed.

If you were to set the above setting to FALSE, and repeat the steps outlined at the top, it will still say ‘User logged in via password’ - this is because of the timelimit defined via the the config setting:

If you were to change this to for example 10 seconds, provided you don’t refresh the page within 10 seconds, the users login status will fall back to ‘User logged in via “remember me”’ (Provided the remember option was selected on login), or log the user out completely.

After considering this, I think it is best that the login via password status should always be removed upon the browser being closed - so I will look to include this feature into the library soon.

——————————————————————————————————————-

I hope that helps explain whats happening.

@netty

The problem you were having is caused by the class ‘tooltip_parent’ that is used throughout the demo to transform the next html element with a class of ‘tooltip’ into a popup element that is shown when the parent element is focused on.

So to remove the ‘Example Users’ popup from the demo login page, you would remove the entire span with the classes ‘tooltip width_400’ (As you say you did), but then also remove the ‘tooltip_parent’ class from input element with an id of ‘identity’.

Awesome, thanks.

@Klausch

Regarding issue #1.
A table with an Auto Increment column (As the user account table has), will by default start from the number 1, therefore the id of 0 should never occur.

In any case, to patch this possible occurrence, I’ve updated the instances of where this can occur withing the library.

—————————————————————————————————————————————-

Regarding issue #2.
You’ve possibly inadvertently highlighted a bug within the demo that may not directly solve the problem you were having, but may shed some light on what should be happening.

To start with, I tried to replicate the bug as you stated by updating a users email via the ‘verify_updated_email()’ function, and then calling the ‘get_user_by_identity_row_array()’ function immediately afterwards to get the new user data.

The data returned was as should be expected and formated as follows:

There seemed to be no problem here.

However, within the demo example, I noticed it was impossible to access the ‘update_email’ page without being logged in, therefore any non-logged in user (Perhaps using a different device) trying to verify their change of email address would not be able to access the page - this is because the email verification token only validates whether an email should be updated, it does not by default grant login access within the demo.

Therefore, if you were running the function behind a controller/model that required the user to be logged in, you may be getting returned an empty array…?

I’ve updated the Github repo to include both of these updates.

@karanits on 19 September.

Geez I was meant to get back to you on this much earlier.
If your still following the thread…

The errors you were getting when auto loading the CI form_validation library have been fixed.

The update is available from the Github repo.

@Klausch

The bug you highlighted from your 26th September post regarding the ‘insert_custom_user_data() ’ function has been fixed.

The function has been updated to return an array of the table name and row id that have been updated by the function.
This means if more than 1 table has a record inserted into it, each table name and row id are paired together in the returned array.

If nothing is returned, the function returns FALSE.

The changes are documented via the user guide page http://haseydesign.com/flexi-auth/user_guide/user_account_set_data#insert_custom_user_data

@Jonny Blaze and as a general NEW FEATURE announcement!

Two new config settings have been added to the config file that define whether a user who has logged in via a password (Rather than via the ‘Remember me’ feature), should have their ‘logged in via password’ credential unset as soon as they close their browser.

Previously, if the user had logged in via a password, then closed the browser and reopened it, they would still be recognised as using the same browser session, and so their login status would remain as ‘Logged in via password’.

With the new setting enabled, the user would be restricted to ‘Logged in via “Remember me”’ status (If they enabled this option on login), or else they would be logged out.

The config settings can be found in the usual flexi auth config file and are as follows:

The ‘login_via_password_token’ config setting defines the name of the cookie.
The ‘unset_password_status_onclose’ config setting defines whether the feature should be enabled.

The user guide has been updated with the new information @ http://haseydesign.com/flexi-auth/user_guide/login_session_config (You’ll need to scroll down to find the corresponding settings).

The update as usual is available via the latest Github repo.

haseydesign - 06 October 2012 10:46 AM

@Jonny Blaze and as a general NEW FEATURE announcement!

Thank you Hasey, this works exactly like I expected it to now.

Hello,

I am new to codeigniter and started using flexi_auth but i’ve strumbled on a problem.
After registering or logging in these errors are thrown:

Does anyone know how to solve this, probably a mistake made by myself but can’t find out what the problem might be.

Hey Caprisun,

Your problem is almost certainly related to a problem with your original configuration when setting up the auth library.

From the error message you have stated, it suggests to me its something to do with the user group table.

The purpose of user groups is for them to be used to enforce security within a site, restricting access to specific content based on the user group that a user belongs to.

To try fixing the problem, first of all I would check that your have at least one user group defined within the table. Typically even the most basic of sites would have 2 rows, ‘public user’ and ‘admin user’.

If your table does contain records, then check the tables settings are defined correctly via the flexi auth config file.

—————————————————————————————————————————————

If you have no luck with finding out if the user group tables are the problem, then I would suggest you go through the installation guide step by step and install the demo files and sql dump.

The demo example within the Github repo is a replica of everything you can access via the live demo at http://haseydesign.com/flexi-auth/

Let us know how you get on.

Thanks the installation didn’t add these groups, the structure was there though.
Problem solved, all working like a charm right now.

Hope to setup my project without any further problems, if so ill let you know.

@haseydesign

Hi there! This is my first time using your library and because of that, I was going to do exactly what you recommend, play with the demo.

So I’ve downloaded and installed everything yesterday, but when I try to login, CI gives me this error:

A Database Error Occurred

Error Number: 1364

Field ‘usess_series’ doesn’t have a default value

INSERT INTO `user_login_sessions` (`usess_uacc_fk`, `usess_token`, `usess_login_date`) VALUES (‘1’, ‘59f3540717c4ff6d6f5273ea17e584d45bff395a’, ‘2012-10-09 11:55:04’)

Filename: C:\zend\Apache2\htdocs\flexi_auth\system\database\DB_driver.php

Line Number: 330

I’m using the latest version of Zend Server CE on a Windows machine (as you can tell by the path on “Filename” line).

Since I’m still trying to understand a bit more the library, I’m not sure if I can just set a default value directly at the db structure or if I can do that somewhere within the library files.

Can you help me with that?

Thx in advance

In reply to an email I received from ‘Wills’, this may also help others with the same problem.

I use the routes function in codeigniter to make prettier URLS but when I set the logout one to:
$route[‘logout’] = ‘auth/logout’;

All it does is goes to the user dashboard, but accessing the URL auth/logout, it logs out nicely. Any ideas?

This is simply a conflict with the way the demo example has been setup, and is not a problem with the library.

In the __construct() of the current ‘auth’ controller, there is an IF condition that performs a redirect if true.

Because of the new url routing the uri_string() function would now return ‘logout’, rather than ‘auth/logout’, and therefore causing a the __construct() to redirect before the logout method got to be called.

Changing the code to the following would allow for both url paths.

@PyroDev

This error seems to be related to the CodeIgniter database config (application/config/database.php):

If this is defined as TRUE, then I also get the same errors as yourself.

If you were to update the database table ‘user_login_sessions’ with the following sql statement it would fix this particular error message.

However, you will then receive other errors for other table columns that also do not have a default value defined.

So your options are, either update your CI database config as follows:

Or alternatively, you will need to go through all of the libraries database tables and define default values for each column.

Hope that helps.

@haseydesign

Thanks for your reply.

I’ve fixed it setting the column to allow NULL and it’s default value to NULL also. It seems to be fixed, since I have not noticed any errors after.

One thing it’s weird though, I’ve checked my db config and striction it’s set to false already.

Later on, I caught myself thinking setting “usess_series” to NULL as default value, makes sense as Barry Jaspan states in the first 2 items of his “Improved Persistent Login Cookie Best Practice” solution that:

1. When the user successfully logs in with Remember Me checked, a login cookie is issued in addition to the standard session management cookie.
2. The login cookie contains the user’s username, a series identifier, and a token. The series and token are unguessable random numbers from a suitably large space. All three are stored together in a database table.

If the user doesn’t check Remember Me, that cookie wouldn’t need to be set, right? If so, the “usess_series” column wouldn’t have to set a default value other than NULL or another value that represents emptiness.

Well… that makes sense to me. If you have another point of view of this particular subject, I’ll be more than glad to hear.

BTW… Great auth lib!

Cheers