Jump to content
Larry Ullman's Book Forums

Unknown_Identity Error


Recommended Posts

I have entered username and password directly in the database, now when i try to login with the data values in the default login page it shows UNKNOWN_IDENTITY error. I have printed out the error code in the log file, it shows error code is 100 which is i think is unknown identity error, the application is showing the default error which is unknown identity.


Here is UserIdentity.php



Here is LoginForm.php




Here is SiteController.php




Here is login.php


Link to comment
Share on other sites

Without knowing YII, I would suggest you apply a couple of print_r() and echos inside the validation methods. This way, you'll at least know that the data is passed correctly. This way, you'll also see if any logical test is not working as expected.


I also think you could improve your logic a bit. An example from UserIdentity::authenticate()


return ! $this->errorCode;


Why not change this to something along:


return isset($this->_id) ? true : false;


It is just much easier to understand and read.


I also suggest to make an all lower-/uppercase comparison of usernames. Improving logic also makes it easier to escape bugs.


Creating some more methods would not hurt neither. An example is password checking inside UserIdentity. Something along these lines would greatly improve readability of code:


public function authenticate()
$user = User::model()->findByAttributes(array('username'=>$this->username));
$dbPassword = $user->password;
$inputPassword = $this->password;
$dbPassLength = strlen($dbPassword);

   // We found a user
   if ( $user !== null )
       // Compare passwords
       if ( $this->passwordMatch($dbPassword, $inputPassword, $inputLength) )
           $this->_id = $user->id;
           $this->errorCode = self::ERROR_NONE;
           return true;
           $this->errorCode = self::ERROR_PASSWORD_INVALID;
       $this->errorCode = self::ERROR_USERNAME_INVALID;

Yii::log('errorCode: '.$this->errorCode,'trace');
return false;


* Performs length specific comparison of two passwords.
* Returns true if equal, else false
* @param {String} $dbPassword
* @param {String} $inputPassword
* @param {int} $inputLength
* @return {boolean} True if passwords are equal, else false

private function passwordMatch( $dbPassword, $inputPassword, $dbPassLength)
return strncmp($dbPassword, $inputPassword, $dbPassLength) === 0;


It it not my point to write bad about your code, but easier and more understandable logic gives fewer errors/bugs/weird cases. Just a generall sugestion.

  • Upvote 2
Link to comment
Share on other sites


  • Create New...