From b622c2ddc921615de4fd266ed41491ec2f3e4720 Mon Sep 17 00:00:00 2001
From: Rogier Neeleman <rogier@sciuro.org>
Date: Mon, 7 Mar 2016 22:17:11 +0100
Subject: [PATCH] Enabled sessions

---
 README.md                             |  5 ++-
 application/config/config_example.php |  2 +-
 application/controllers/Login.php     | 61 ++++++++++++++++++++-------
 application/models/Login_model.php    | 13 +++++-
 application/views/login.php           |  8 +++-
 5 files changed, 69 insertions(+), 20 deletions(-)

diff --git a/README.md b/README.md
index 20b6577..2a1adf5 100644
--- a/README.md
+++ b/README.md
@@ -7,5 +7,8 @@ This is a score system for scout patrols in the Netherlands.
 * Copy the whole tree to a webserver with php support.
 * In /application/config/ copy config_example.php to config.php.
 * In /application/config/ copy database_example.php to database.php.
-* Edit the config.php and edit the variable base_url, language.
+* Edit the config.php and edit the variables:
+	 * base_url, the URL of the website.
+	 * language, your language. Dutch or English.
+	 * sess_*, your session cookie preferences.
 * Edit the database.php to your needs.
diff --git a/application/config/config_example.php b/application/config/config_example.php
index 9e6d625..a41a519 100644
--- a/application/config/config_example.php
+++ b/application/config/config_example.php
@@ -368,7 +368,7 @@ $config['encryption_key'] = '';
 |
 */
 $config['sess_driver'] = 'files';
-$config['sess_cookie_name'] = 'ci_session';
+$config['sess_cookie_name'] = 'session';
 $config['sess_expiration'] = 7200;
 $config['sess_save_path'] = NULL;
 $config['sess_match_ip'] = FALSE;
diff --git a/application/controllers/Login.php b/application/controllers/Login.php
index f7e3394..ae582fb 100644
--- a/application/controllers/Login.php
+++ b/application/controllers/Login.php
@@ -13,6 +13,31 @@ class Login extends CI_Controller
 	}
 	
 	public function	index()
+	{
+		// redirect if session exists
+		$this->load->library('session');
+		if(! $this->session->userdata('validated')){
+			redirect('/dashboard');
+		}
+		
+		$this->form_validation->set_rules('username', 'Username', 'required');
+		$this->form_validation->set_rules('password', 'Password', 'required');
+		
+		if (! ($this->input->post('username') AND $this->input->post('password')))
+		{
+			$this->_showlogin();
+		}
+		elseif ($this->form_validation->run() == FALSE)
+		{
+			$this->_showlogin('No username or password.');
+		} else {
+			// check login
+			$this->_checklogin();
+		}
+				
+	}
+	
+	private	function _showlogin($errormsg = NULL)
 	{
 		// Load model
 		$this->load->model('Regio_model');
@@ -23,20 +48,16 @@ class Login extends CI_Controller
 			$data['regio'][$regio['id']] = $regio['naam'];
 		}
 		
+		if ($errormsg)
+		{
+			$data['errormsg'] = $errormsg;
+		}
+		
 		// Header
 		$this->load->view('header');
 		
-		$this->form_validation->set_rules('username', 'Username', 'required');
-		$this->form_validation->set_rules('password', 'Password', 'required');
-		
-		if ($this->form_validation->run() == FALSE)
-		{
-			// login page
-			$this->load->view('login', $data);
-		} else {
-			// check login
-			$this->_checklogin();
-		}
+		// login page
+		$this->load->view('login', $data);
 		
 		// Footer
 		$this->load->view('footer');
@@ -46,15 +67,25 @@ class Login extends CI_Controller
 	{
 		// Load model
 		$this->load->model('Login_model');
-		$logincheck = $this->Login_model->check_user();
+		$userdata = $this->Login_model->check_user();
 		
-		if ($logincheck == FALSE) {
-			echo "No user ";
+		if ($userdata == FALSE) {
+			$this->_showlogin('Wrong username or password');
 		} else {
-			echo "Ok";
+			$this->_startsession($userdata);
 		}
 		
 	}
+	
+	private	function _startsession($userdata)
+	{
+		// Start session with user data
+		$this->load->library('session');
+		$this->session->set_userdata($userdata);
+		
+		// Redirect to dashboard
+		redirect('/dashboard');
+	}
 }
 	
 ?>
\ No newline at end of file
diff --git a/application/models/Login_model.php b/application/models/Login_model.php
index 0565492..f55e506 100644
--- a/application/models/Login_model.php
+++ b/application/models/Login_model.php
@@ -20,7 +20,7 @@ class Login_model extends CI_Model
 		$regioid = $this->security->xss_clean($this->input->post('regioid'));
 		
 		// Search for user
-		$this->db->select('id');
+		$this->db->select('id, regioid');
 		$this->db->where('username', $username);
 		$this->db->where('password', sha1($password));
 		$this->db->where('regioid', $regioid);
@@ -30,7 +30,16 @@ class Login_model extends CI_Model
 
 		if ($query->num_rows() == 1)
 		{
-			return TRUE;
+			$row = $query->row();
+			
+			$userdata = array(
+				'id' => $row->id,
+				'regio' => $row->regioid,
+				'validated' => true
+				);
+			
+			// Sent user information
+			return $userdata;
 		} else {
 			return FALSE;
 		}
diff --git a/application/views/login.php b/application/views/login.php
index db034d3..c244ca1 100644
--- a/application/views/login.php
+++ b/application/views/login.php
@@ -8,7 +8,13 @@
 	<div class='col_3'>
 	</div>
 	<div class='col_4 right'>
-		<?php echo validation_errors(); ?>
+		<?php
+		// Viewing error's
+		if (isset($errormsg)) { ?>
+			<div class="notice error">
+			<?php echo $errormsg; ?>
+			</div>
+			<?php } ?>
 		<?php echo form_open(base_url('login/')); ?>
 		<label for='text2'>Username:</label>
 		<?php echo form_input('username');	?><br>