Jump to content
Larry Ullman's Book Forums

Unknown_Identity Error


mint
 Share

Recommended Posts

I have entered username and password directly in the database, now when i try to login with the data values in the default login page it shows UNKNOWN_IDENTITY error. I have printed out the error code in the log file, it shows error code is 100 which is i think is unknown identity error, the application is showing the default error which is unknown identity.

 

Here is UserIdentity.php

http://pastebin.com/emWFEwZc

 

Here is LoginForm.php

http://pastebin.com/r8WxW0CQ

 

 

Here is SiteController.php

http://pastebin.com/VYL3DcXV

 

 

Here is login.php

http://pastebin.com/0BhbhbmU

Link to comment
Share on other sites

Without knowing YII, I would suggest you apply a couple of print_r() and echos inside the validation methods. This way, you'll at least know that the data is passed correctly. This way, you'll also see if any logical test is not working as expected.

 

I also think you could improve your logic a bit. An example from UserIdentity::authenticate()

 

return ! $this->errorCode;

 

Why not change this to something along:

 

return isset($this->_id) ? true : false;

 

It is just much easier to understand and read.

 

I also suggest to make an all lower-/uppercase comparison of usernames. Improving logic also makes it easier to escape bugs.

 

Creating some more methods would not hurt neither. An example is password checking inside UserIdentity. Something along these lines would greatly improve readability of code:

 

public function authenticate()
{
$user = User::model()->findByAttributes(array('username'=>$this->username));
$dbPassword = $user->password;
$inputPassword = $this->password;
$dbPassLength = strlen($dbPassword);

   // We found a user
   if ( $user !== null )
   {
       // Compare passwords
       if ( $this->passwordMatch($dbPassword, $inputPassword, $inputLength) )
       {
           $this->_id = $user->id;
           $this->errorCode = self::ERROR_NONE;
           return true;
       }
       else
       {
           $this->errorCode = self::ERROR_PASSWORD_INVALID;
       }
   }
   else
   {
       $this->errorCode = self::ERROR_USERNAME_INVALID;
   }

Yii::log('errorCode: '.$this->errorCode,'trace');
return false;

}

/**
* Performs length specific comparison of two passwords.
* Returns true if equal, else false
*
* @param {String} $dbPassword
* @param {String} $inputPassword
* @param {int} $inputLength
* @return {boolean} True if passwords are equal, else false
*/

private function passwordMatch( $dbPassword, $inputPassword, $dbPassLength)
{
return strncmp($dbPassword, $inputPassword, $dbPassLength) === 0;
}

 

It it not my point to write bad about your code, but easier and more understandable logic gives fewer errors/bugs/weird cases. Just a generall sugestion.

  • Upvote 2
Link to comment
Share on other sites

 Share

×
×
  • Create New...