Jump to content



Photo

Unknown_Identity Error

database login

  • Please log in to reply
2 replies to this topic

#1 mint

mint

    Newbie

  • Members
  • Pip
  • 13 posts

Posted 23 June 2012 - 2:22 PM

I have entered username and password directly in the database, now when i try to login with the data values in the default login page it shows UNKNOWN_IDENTITY error. I have printed out the error code in the log file, it shows error code is 100 which is i think is unknown identity error, the application is showing the default error which is unknown identity.

Here is UserIdentity.php
http://pastebin.com/emWFEwZc

Here is LoginForm.php
http://pastebin.com/r8WxW0CQ


Here is SiteController.php
http://pastebin.com/VYL3DcXV


Here is login.php
http://pastebin.com/0BhbhbmU
  • 0

#2 Antonio Conte

Antonio Conte

    Advanced Member

  • Members
  • PipPipPip
  • 1,070 posts
  • LocationOslo, Norway

Posted 24 June 2012 - 10:30 AM

Without knowing YII, I would suggest you apply a couple of print_r() and echos inside the validation methods. This way, you'll at least know that the data is passed correctly. This way, you'll also see if any logical test is not working as expected.

I also think you could improve your logic a bit. An example from UserIdentity::authenticate()

return ! $this->errorCode;

Why not change this to something along:

return isset($this->_id) ? true : false;

It is just much easier to understand and read.

I also suggest to make an all lower-/uppercase comparison of usernames. Improving logic also makes it easier to escape bugs.

Creating some more methods would not hurt neither. An example is password checking inside UserIdentity. Something along these lines would greatly improve readability of code:

public function authenticate()
{
	$user = User::model()->findByAttributes(array('username'=>$this->username));
	$dbPassword = $user->password;
	$inputPassword = $this->password;
	$dbPassLength = strlen($dbPassword);
	
    // We found a user
    if ( $user !== null )
    {
        // Compare passwords
        if ( $this->passwordMatch($dbPassword, $inputPassword, $inputLength) )
        {
            $this->_id = $user->id;
            $this->errorCode = self::ERROR_NONE;
            return true;
        }
        else
        {
            $this->errorCode = self::ERROR_PASSWORD_INVALID;
        }
    }
    else
    {
        $this->errorCode = self::ERROR_USERNAME_INVALID;
    }
	
	Yii::log('errorCode: '.$this->errorCode,'trace');
	return false;

}

/**
* Performs length specific comparison of two passwords.
* Returns true if equal, else false
*
* @param {String} $dbPassword
* @param {String} $inputPassword
* @param {int} $inputLength
* @return {boolean} True if passwords are equal, else false
*/

private function passwordMatch( $dbPassword, $inputPassword, $dbPassLength)
{
	return strncmp($dbPassword, $inputPassword, $dbPassLength) === 0;
}

It it not my point to write bad about your code, but easier and more understandable logic gives fewer errors/bugs/weird cases. Just a generall sugestion.
  • 2

#3 mint

mint

    Newbie

  • Members
  • Pip
  • 13 posts

Posted 24 June 2012 - 11:06 PM

Thanks Antonio Conte that solved the problem. :)
  • 0