perpetually.inquisitive

Hey Larry, No worries, I managed to figure it out. Thanks anyway!

It's my pleasure! Look forward to your response! Cheers.

Hi all, Larry, firstly I'd like to thank you for an awesome set of articles on Yii! They've really helped me come to terms with Yii and MVC! In your article on simple authentication in Yii (http://www.larryullman.com/2010/01/04/simple-authentication-with-the-yii-framework/), you've mentioned that the LoginForm model needs some code in two methods: authenticate(), and login(). authenticate() is used purely to verify that the password is correct, and login() performs the actual login. However, in the sample code you've shown, there is the following code in the authenticate() method: switch($this->_identity->errorCode) { case UserIdentity::ERROR_NONE: $duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days Yii::app()->user->login($identity,$duration); break; So we are also logging in the user if their password is correct. I don't understand why this is being done in authenticate(), if we are also doing this in login(), where we have the following code: if($this->_identity->errorCode === UserIdentity::ERROR_NONE) { $duration = $this->rememberMe ? 3600*24*30 : 0; // 30 days Yii::app()->user->login($this->_identity, $duration); return true; This seems redundant and confusing to me (the authentication section shouldn't log in the user). I've tried removing the code from the authenticate() section, and the login works fine. Am I misunderstanding something? The code for my two functions is available here: http://pastebin.com/LAAPNiD5 Thanks!