Posted by Charles Luck on Monday 18th March 2024 at 16:14 GMT

Hello, hope y'all are doing well.
I am having a perplexing issue...
Here are the pertinent functions...
function login() {
        $data['username']  = post('username');
        $data['password']   = post('password');
        $data['remember']  = post('remember');
        $data['view_file']     = 'account_login';
        $this->template('framework', $data); 

    function submit_login() {
        var_dump($_POST); //die;

        $f1_rules = 'required|callback_login_check';
        $this->validation_helper->set_rules('username', 'Username', $f1_rules);
        $f2_rules = 'required';
        $this->validation_helper->set_rules('password', 'Password', $f2_rules);

        $result = $this->validation_helper->run();  

        if($result === false) {
        } else {
            $username = post('username');
            $remember = (int) post('remember');
            $this->_continue_inward($username, $remember);

Notice the VAR_DUMP at the top of submit login.
And it shows, that the value of "remember" is null, whether I check the box or not.
array (size=5)
  'username' => string 'NewMember' (length=9)
  'password' => string 'NewPassword' (length=11)
  'remember' => string '' (length=0)
  'submit' => string 'Submit' (length=6)
  'csrf_token' => string 'b0e21ef00a488ecc472de2818865639dabae319655da927258a1b8d08295e72a' (length=64)

It matters NOT whether I check the box, the value of "remember" remains the same. The form doesn't seem to be posting the value of the checkbox.
Any ideas?
Level One Member

Charles Luck

User Level: Level One Member

Date Joined: 18/06/2023

Posted by djnordeen on Monday 18th March 2024 at 16:56 GMT

Here is where you should look.
'remember' => string '' (length=0)
length should be 1

Early Adopter


User Level: Early Adopter

Date Joined: 20/08/2021

Posted by Charles Luck on Tuesday 19th March 2024 at 15:19 GMT

Apparently, if a checkbox is not checked, it won't get posted.
I believe that is standard PHP behavior. I didn't know.

It turns out that the DAVCON in his 3-part Private Members Area series, uses the "remember" checkbox as follows:
echo '<div>';
            echo form_checkbox('remember');
            echo 'remember me';
            echo '</div>';

Well, in that example, When I checked the box, and had some other validation error, it came back unchecked, and I would have to check the box again.
I checked the box, but it just wouldn't stay checked.
It turns out that the following... works the way I intended.
echo '<div>';
            echo form_checkbox('remember', 1, $remember);
            echo 'remember me';
            echo '</div>';

BTW, the callback_login_check, in the tutorial video, because it is a validation rule of the username, the validation_errors method will potentially return an error message concerning invalid credentials, prior to checking whether the required password was even entered.
The callback_login_check is premature.

I found that I can alleviate this situation by removing the callback from the "username" validation rules, do the password validation rule first. Then, if there are values in both the posted username and password, then make a second pass of the username with only the callback function as a validation rule. Actually, the only real purpose of not calling the login_check as a stand alone function call after the validation run returns error free, is to make use of the validation_errors handling.

T'was a fun filled day of digging threw Trongate code.
Level One Member

Charles Luck

User Level: Level One Member

Date Joined: 18/06/2023

Posted by DaFa on Wednesday 20th March 2024 at 06:16 GMT

Hi Charles,

I've been leaving things for Dan and others to answer questions...

While video tutorials are great for the visually inclined, they date quickly and in my opinion nothing beats working code examples.

Your query on the checkbox issues you have been having is curious, as I see a returned selected checkbox as
["remember"]=> string(1) "1"
from $_POST and as you pointed out, is omitted when not checked - standard PHP form handling.

If you look at the view_file from the 'Simple Members' module and not the video tutorial you will see
echo '<div>Remember me: ';
echo form_checkbox('remember', 1, $remember);
echo '</div>';
for the 'Remember Me' checkbox.

the callback logic in the 'Simple Members' module works well
function login_check($str) {
    $error_msg = 'Your username and/or password was not valid.';
    $params['username'] = $str;
    $params['email_address'] = $str;

    $sql = 'SELECT * FROM members WHERE username = :username OR email_address = :email_address';
    $rows = $this->model->query_bind($sql, $params, 'object');

    if (!isset($rows[0])) {
        //invalid username and/or email
        return $error_msg;
    } else {
        //record found, is account confirmed & what about the password?
        $confirmed = $rows[0]->confirmed ?? 0;

        if ($confirmed === 0) {
            return $error_msg;

        $stored_password = $rows[0]->password;
        $password = post('password');
        $password_result = $this->_verify_hash($password, $stored_password);

        if ($password_result == false) {
            //wrong password
            return $error_msg;
        } else {
            //password was correct
            return true;

This comment was edited by DaFa on Wednesday 20th March 2024 at 06:36 GMT

Founding Member


User Level: Founding Member

Date Joined: 30/11/2018

Posted by Charles Luck on Thursday 21st March 2024 at 16:58 GMT

Thank you for reaffirming that I'm not losing my mind.
We're on the same page over the checkbox.

I don't doubt that the login callback works, but it is invoked before the validation rule "required" is checked for the password.
I realize that all of this is a matter of personal preference; no need to follow along blindly. But in this instance, are you saying that the "required" validation rule for the password is superfluous, and instead just check the login credentials in the callback? Which is fine.
I was attempting to remove the possibility that that validation errors don't say "Your credentials are incorrect" before also saying that the "Password is required".

This comment was edited by Charles Luck on Thursday 21st March 2024 at 17:28 GMT

Level One Member

Charles Luck

User Level: Level One Member

Date Joined: 18/06/2023