I have a simple database with users table, it have simple admin user with
UserName= "Admin"
Password="admin"
I am using NHibernate to query over this table to login form.
Suppose the login form inserted UserName="ADMIN" and password="ADMIN" both in upper case.
The system should not allow login. However when I use the query like this
using (var session = NhibernateHelper.OpenSession())
{
return new List<User>
(session.QueryOver<User>()
.Where(u => u.UserName == userName)
.And(u => u.Password == password)
.Future());
}}
The system ignores the case sensitivity and selects the user. So how can I make case sensitive query?
We can specify COLLATE directly as a part of SQL column evaluation
session
.QueryOver<User>()
// expecting that user name could be any case
// if not, we can use the same as for password below
.Where(u => u.UserName == userName)
// instead of this
//.And(u => u.Password == password)
.And(Expression.Sql(" Password = ? COLLATE Latin1_General_CS_AS"
, password, NHibernateUtil.String));
.Future()
;
The above statement will use Latin1_General_CS_AS where CS means: Case sensitive and AS means Accent sensitive
Also, there is some draft of a custom LikeExpression, which could consume the COLLATE string as a const or from setting:
Nhibernate QueryOver collation without hard coded column name
Another approach, not with QueryOver, but LINQ:
session.Query<User>().Where(u => SqlMethods.Like(u.Username, "something")).ToList();
Or, with Criteria:
session.CreateCriteria(typeof(User), "u").Add(Restrictions.Like(Projections.Property("u.Username"), "something")).List<Username>();
Finally, QueryOver:
session.QueryOver<User>().Where(Expression.Sql("Username LIKE ?", "something", NHibernateUtil.String)).List<User>()
Related
I have user information in my database. I wish to get the ID of a user given the email address. To get this in sql you would write the following query code:
SELECT Id FROM TableName WHERE email_address = "xyz#somename.com";
How do I write this using ASP.NET MVC Entity-Framework?
Well, it depends entirely on your public API, which we have no visibility into. Generally speaking, it would look something like:
var userId = db.Users
.Where(m => m.email_address == "xyz#somename.com")
.Select(m => m.Id)
.SingleOrDefault();
I suggest you take some time with the tutorials at https://www.asp.net/mvc/overview/models-data, to get your bearings.
I have a database with columns sEmail and sPassword. But I need to call :
Auth::attempt(Input::only('email', 'password')
in order to log in my user. So I get a SQL Exception because email and password doesnt exists in my table...
I can't change my columns names, so how is it possible to solve my problem?
Laravel should know that you are using different column names, you should change your code to
$email = $input['email'];
$password = $input['password'];
Auth::attempt(array('sEmail' => $email, 'sPassword' => $password));
I have a Laravel 4 app in which I have set up one user. In my login route I'm calling Auth::attempt with the email and password but it always comes back as false. I definitely have the password correct and the correct hash in the database as Hash::check returns true.
I think it may be due to using email as the login field instead of username, but I can't see any setting for that. This question implied you could add an option to config/auth.php but it didn't work. This question says to use username as the array key, but then I get SQL error because it tries to select on a username field in the database.
Do I need to add something to the User model to specify the username field? Here is my login route:
Route::post('login', function() {
// data from login form
$credentials = array(
'email' => Input::get('email'),
'password' => Input::get('password')
);
$auth = Hash::check(Input::get('password'), Hash::make('mypass'));
var_dump($auth); // this is TRUE
// login was good
$auth = Auth::attempt($credentials);
var_dump($auth); // this is FALSE
});
I found the problem. As suggested by Jason in the comment above, I had modified the models/User.php file and removed some functions that I didn't realise were necessary.
The getAuthIdentifier() and getAuthPassword() methods must be included in the User model for authentication!
In app/config/app.php make sure you have the 'key' set. This made me pull my hair out. Everything will apear to work, password seems hashed in the DB, but it will always return false until you set this key and re-hash your password into the DB.
"php artisan key:generate"
Had the same problem and made me sweat for hours. Definitively check your User.php model and make sure you have not overwritten the default one. Thanks Jason!
hi all I'm trying to search a database for a username using cakephp, the username isnt the primary key in the database but it must be unique. here is the code I have for the search function but cake does not like it.
function index(){
$this->User->recursive = 0;
if ($this->data['users']['username']) {
$this->set('users',
$this->paginate('users', array('or' => array('users.username LIKE' => '%' . )));
else {
$this->set('users', $this->paginate());
}
}
}
the database contains a id(the primary key) and a username. The goal of this is to send a friend request. User searches the username and then if the username is there, the other user will receive their request in a relationship inbox and can select 'yes' or 'no'.
the other thing is, if the username exists I want the data to be stored in a table called users_users - i realize i dont have any code for what to do once the search has happened. but I am pulling my hair out trying to figure this out as their doesnt seem to be many tutorials on the web for this.
Make sure your usernames are unique by validating it when they're entered.
http://book.cakephp.org/2.0/en/models/data-validation.html
I'm not sure, but this users.username looks like you're using the username as foreign key in the jointable!? Thats totally wrong.
Even if it would be then the notation is wrong and does not follow the CakePHP standards and won't work. It should be User.username then.
I would suggest you to start over with the blog tutorial for CakePHP and read the book.
I may be wrong, but why there are a dot besides '%'? The dot is the string concatenation operator and you aren't providing anything as second argument. Also, you're putting an OR condition but there's just one argument. So try this:
function index(){
$this->User->recursive = 0;
if ($this->data['users']['username']) {
$this->set('users',
$this->paginate('users', array('users.username LIKE' => '%')));
}
else {
$this->set('users', $this->paginate());
}
}
Hope this helps
Cake defaults to AND but you can specify any hierarchy of AND and OR
or AND or OR... until you get dizzy in the head :)
Your search could probably be formatted like:
'or' => array(
'Model.column1 LIKE' => '%keyword%',
'Model.column2 LIKE' => '%keyword'
I can get the username by doing this:
public function indexAction()
{
$this->view->username = Zend_Auth::getInstance()->getIdentity();
}
"username" is the column in the table that validates the identity. "firstname" is also a column in that table. Does Zend_Auth only store the username? Or is there a way to access other columns from the user's row in the table?
So you're using a DbTable adapter, right. And are you retrieving the table row after authentication like so:
$authAdapter->getResultRowObject()
Then yes, the whole user-row is available. Just try!
From the manual:
In addition to the availability of the getIdentity() method upon the authentication result object, Zend_Auth_Adapter_DbTable also supports retrieving the table row upon authentication success:
// Print the identity
echo $result->getIdentity() . "\n\n";
// Print the result row
print_r($authAdapter->getResultRowObject());
/* Output:
my_username
Array
(
[id] => 1
[username] => my_username
[password] => my_password
[real_name] => My Real Name
)
*/
Or see for yourself!