hi i'm working on codeigniter for now.and i got some problem with the user login system.
basically user can login using his/her email address, and then the login system will retrieve the user corresponding "username" base on the email address entered.This username will then be stored as session and will going to be used for all of the user's activities on the site.
So, for login system, after the user has entered the details of his own, the validate_credentials() function will be called :
function validate_credentials()
{
$this->load->model('membership_model');
$query = $this->membership_model->validate();
if($query) // if the user's credentials validated...
{
$sql = $this->db->query("SELECT * FROM membership WHERE email_address=".$this->input->post('email'));
if ($sql->num_rows() > 0)
{
$row = $query->row_array();
$username = $row['username'];
}
$data = array(
'username' => $username,
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('site/home/'.$username);
}
else // incorrect username or password
{
$this->index();
}
}and this function will interact with the validate() method in the membership_model to check weather or not the details entered is correct.this is the validate() method :
function validate()
{
$this->db->where('email_address', $this->input->post('email'));
$this->db->where('password', md5($this->input->post('password')));
$query = $this->db->get('membership');
if($query->num_rows == 1)
{
return true;
}
}i get this error when try to login :
A Database Error Occurred
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@yahoo.com' at line 1
SELECT * FROM membership WHERE email_address=test_email@yahoo.com
Filename: C:\xampp\htdocs\project\system\database\DB_driver.php
Line Number: 330
So whats the mistake that i have done?any helps guys?
thanks :)
