我有以下控制器,它在验证表单和显示错误方面工作正常。
用户尝试从http://mydomain.com/index.php/login
登录但是,当用户输入错误的凭据时,它会正确加载登录视图(应该如此)并正确显示错误“无效登录”,但浏览器窗口中的URI显示:
http://mydomain.com/index.php/verify_login(与上面的相反)。
如何在验证失败后将其重定向到“... / index.php / login”
以下是相关代码:
<?
class Login extends CI_Controller {
public function index()
{
$this->load->helper(array('form'));
$this->load->helper('url');
$this->load->view('login_page');
}
function verify_login()
{
$this->load->model('login_model','',TRUE);
$this->load->library('form_validation');
$this->form_validation->set_error_delimiters('<label class="error">', '</label>');
$this->form_validation->set_rules('username', 'Login', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
if($this->form_validation->run() == FALSE)
{
//Field validation failed. User redirected to login page
$this->index();
}
else
{
//Go to private area
redirect('private_area', 'refresh');
}
}
function check_database($password)
{
//Field validation succeeded. Validate against database
$username = $this->input->post('username');
//query the database
$result = $this->login_model->login($username, $password);
if($result)
{
$sess_array = array();
foreach($result as $row)
{
$sess_array = array(
'id' => $row->id,
'username' => $row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
}
else
{
$this->form_validation->set_message('check_database', '<div class="alert alert-error">Invalid username or password</div>');
return false;
}
}
}
更新: Cyrode的解决方案解决了这个问题,但现在它在加载视图时没有显示check_database()函数中的“Invalid Login”错误消息(set_message)。我在这里做错了什么想法?
更新2: 你走了:
class Login extends CI_Controller {
public function index()
{
$this->load->helper(array('form'));
$this->load->helper('url');
$this->load->view('login_page');
$this->load->model('login_model','',TRUE);
$this->load->library('form_validation');
$this->form_validation->set_error_delimiters('<label class="error">', '</label>');
$this->form_validation->set_rules('username', 'Login', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
if($this->form_validation->run() == FALSE)
{
$this->load->view('login_page');
}
else
{
//Go to private area
redirect('private_area', 'refresh');
}
}
function check_database($password)
{
//Field validation succeeded. Validate against database
$username = $this->input->post('username');
//query the database
$result = $this->login_model->login($username, $password);
if($result)
{
$sess_array = array();
foreach($result as $row)
{
$sess_array = array(
'id' => $row->id,
'username' => $row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
}
else
{
$this->form_validation->set_message('check_database', '<div class="alert alert-error">Invalid username or password</div>');
return false;
}
}
}
答案 0 :(得分:2)
只需使用index()
方法完成所有表单处理。
public function index()
{
$this->load->model('login_model','',TRUE);
$this->load->library('form_validation');
$this->load->helper('url');
$this->form_validation->set_error_delimiters('<label class="error">', '</label>');
$this->form_validation->set_rules('username', 'Login', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
if ($this->form_validation->run() == false)
{
$this->load->view('login_page');
}
else
{
redirect('private_area', 'refresh');
}
}
然后,确保您的表单操作转到login
而不是verify_login
。
顺便说一句,不要使用xss_clean密码字段,因为它可能会改变它们的值,并且您的用户将不知道为什么他们的完美类型的密码不起作用。无论如何,您应该使用哈希密码来消除安全问题。