Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
How to check if a user is a group member while not logged in
  • I'm trying to use the Auth::member() method to see if a validated user (not logged in) is a member of a certain group but I'm getting false returned.

    It seems the Auth::member() method requires a user to be logged in even though the docs say you can pass a specific user (http://fuelphp.com/docs/packages/auth/ormauth/usage.html#/method_member).

    Here's my sample:

    <code>
    if ($user = \Auth::validate_user(\Input::param('username'), \Input::param('login-password')))
    {
    // the login credentials are valid
            if( ! \Auth::member(7, $user))
    {
    echo 'not in group 7';
    }
    }
    </code>

    I am most likely using this wrong or have messed something up.  Any help would be greatly appreciated.

    Thanks!
  • Since Auth has multiple driver support, a "user" is defined as an array with driver name and user identification.

    It's in a format as returned by get_user_id(), documented here: http://docs.fuelphp.com/packages/auth/drivers.html#/implementing_function, so something like

    array('ormauth', $user)
  • Thanks, I have read the docs and dug really deep into this before posting. But, I'm still having some trouble with this. Something I should mention, not sure if it matters but, no user is logged in.
    In my app/config/auth.php
    return array(
    'driver' => 'Ormauth',
    'verify_multiple_logins' => false,
    'salt' => 'saltysaltsalt',
    'iterations' => 10000,
    );

    The app/config/ormauth.php is default.

    Here is the result of $user = \Auth::validate_user(\Input::param('username'), \Input::param('login-password')) as an array:

    username (String): "email@mail.com" (24 characters)
    email (String): "email@mail.com" (24 characters)
    group_id (String): "7" (1 characters)
    last_login (String): "1390939427" (10 characters)
    previous_login (String): "1390933666" (10 characters)
    user_id (String): "35" (2 characters)
    created_at (String): "1390932715" (10 characters)
    updated_at (String): "1390939427" (10 characters)
    id (String): "35" (2 characters)

    So then I tried:
    if ($user = \Auth::validate_user(\Input::param('username'), \Input::param('login-password')))
    {
    // the login credentials are valid
    if(\Auth::member(7, array('ormauth', $user)))
    {
    echo 'not in group 7';
    }
    else
    {
    echo 'in group 7';
    }
    }

    Prints 'not in group 7'.

    Ok, so I tried to changing the $user object after realizing I was sending it wrong:
    if(\Auth::member(7, array('Ormauth', (int)$user->id)))
    {
    echo 'in group 7';
    }
    else
    {
    echo 'not in group 7';
    }

    and it printed 'not in group 7'.

    Hmm... now I'm pretty confused.

    So I made this code to test:
    if(\Auth::member(7, array('ormauth', 35)))
    {
    echo 'in group 7';
    }
    else
    {
    echo 'not in group 7';
    }

    Which prints "not in group 7".

    Alright, now I'm not understanding. Any explanation of what I'm doing wrong or any help would be awesome. I'm not an expert with OrmAuth so I could be messing things up.
    Maybe I'm confusing which member() function is getting used?
    https://github.com/fuel/auth/blob/1.8/develop/classes/auth/login/driver.php#L126
    or
    https://github.com/fuel/auth/blob/1.8/develop/classes/auth/group/ormgroup.php#L63

    Thanks
  • if(\Auth::member(7, array('ormauth', $user)))

    must be

    if(\Auth::member(7, array('ormauth', $user->id)))

    It needs the user's PK there, not the entire object.
  • I already tried that and it didn't work.

    Ok, so I tried to changing the $user object after realizing I was sending it wrong:
    if(\Auth::member(7, array('ormauth', (int)$user->id)))
    {
    echo 'in group 7';
    }
    else
    {
    echo 'not in group 7';
    }

    and it printed 'not in group 7'.

    So I made this code to test:
    if(\Auth::member(7, array('ormauth', 35)))
    {
    echo 'in group 7';
    }
    else
    {
    echo 'not in group 7';
    }

    Which prints "not in group 7".
  • HarroHarro
    Accepted Answer
    Had to dive into the code to see what exactly happens, and it seems I'm wrong.

    If you pass a driver/user combination, all it uses is the driver info, to fetch an alternative list of groups. It ignores any user information you pass to it, it hard-coded checks the current logged-in user.

    I would consider this a bug, I'll see if I can find time to fix this.
  • Ok thanks. I dug into it but couldn't quite figure out how to fix it.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion