I recently created a register page where a user can sign up and create their own account. But say if I log out and then go back into the account and try logging in only the encrypted version of the password is accepted. How can I make my loguserin function talk to my database and have it understand that it's actually a normal password the user orignally entered?
Controller:
function loguserin()
{
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'required|min_length[4]|max_length[12]|callback_validateUser|trim');
$this->form_validation->set_rules('password', 'Password', 'required|md5|trim');
if ($this->form_validation->run())
{
$username = $this->input->post('username');
$password = $this->input->post('password');
$this->session->set_userdata('status', 'OK');
$this->session->set_userdata('username', $username);
redirect('home');
}
else
{
$this->session->set_userdata('status', 'NOT_OK');
$this->load->view('shared/header');
$this->load->view('account/logintitle');
$this->load->view('account/loginview');
$this->load->view('shared/footer');
}
}
function validateUser($username, $password)
{
$this->db->select('*')->from('membership');
$this->db->where('username', $username);
$this->db->where('password',MD5($password));
$query = $this->db->get();
if ($query ->num_rows ==1)
{
$this->form_validation->set_message('validateUser', 'Invalid username/password');
return false;
}
else{
return true;
}
}