我无法获得用户详细信息以在会话中正确保存

时间:2013-08-13 19:02:26

标签: javascript ajax codeigniter session

我正在尝试创建一个聊天框,我无法在登录并保存到数据库后让user_id在会话中正确保存。

这是登录功能

public function login() {

    $this->form_validation->set_rules('email', 'Username', 'trim|required|xss_clean');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');

    if ($this->form_validation->run() == FALSE) {

        // return main page if submitted form is invalid.

        $this->load->view('abt_login');
    } else {

        $this->load->model('abt_db');
        $q = $this->abt_db->check_login(
                $this->input->post('email'), $this->input->post('password')
        );
        if ($q) {

            redirect('index.php/abovetheblues/abt_abovetheblues');
            $this->abt->set_session();
        } else {
            $this->show_login(true);
        }
    }
}

这是我的Javascript代码

$(document).ready(function(){

    $("a#submit").click(function(){

        var chat_message_content = $("input#chat").val();

        if(chat_message_content == ""){

            return false;
        }

        $.post(base_url + "index.php/abovetheblues/add_chat_messages", {
            chat_message_content : chat_message_content, 
            user_id : user_id
        }, 
        function(data){

            alert(data);
        },"json");


        return false;
    });
    return false;

});

这是我的控制器

function add_chat_messages() {
        // Grab the $chat_message_content, $user_id
        $user_id = $this->input->post($this->session->userdata("user_id"));
        $chat_message_content = $this->input->post('chat_message_content');

        $this->abt_db->add_chat_message($user_id, $chat_message_content);
    }

这是我的模特

function check_login($email, $password) {
    $this->load->database();
    // Query to retrieve the user's details
    // based on the received username and password

    $this->db->from('user');
    $this->db->where('email', $email);
    $this->db->where('password', $password);
    $q = $this->db->get()->result();

    // The results of the query are stored in $q.
    // If a value exists, then the user account exists and is validated

    if (is_array($q) && count($q) == 1) {
        // Set the users details into the $details property of this class
        $this->details = $q[0];
        // Call set_session to set the user's session 
        $this->set_session();
        return true;
    }
    return false;
}


   function set_session() {
        // session->set_userdata is a CodeIgniter function that
        // stores data in a cookie in the user's browser.  Some of the values are built in
        // to CodeIgniter, others are added (like the user_id).  
        $this->session->set_userdata(array(
            'user_id' => $this->details->user_id,
            'email' => $this->details->email,
            'username' => $this->details->username,
            'isLoggedIn' => true
                )
        );
    }


function add_chat_message($user_id, $chat_message_content) {

    $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
    $this->db->query($query_str, array($user_id, $chat_message_content));
}

我的观看页面

<script type="text/javascript">

    var user_id = "<?php echo $this->session->userdata("user_id"); ?>";
var base_url = "<?php echo base_url();?>";



</script>

<!--loads the header-->
<?php $this->load->view('abt-header'); ?>
<!--this is the login page-->

<div data-role="page" id="Abt-chat" data-add-back-btn="true">
    <div data-role="header" data-position="fixed">
        <h1>Peer Chat</h1>

    </div>
    <div data-role="content">

        <div data-role="fieldcontain">
            <div id="chat_viewport"></div>

            <p>
                <label>Input Chat: </label>
                <input name="chat" id="chat" type="text" value=""/>

            </p>

            <p>
                <?php echo anchor('#', 'Send Chat', array('title' => 'Send Chat', 'id' => 'submit')); ?>
            </p>  

        </div> 
        <?php echo form_close(); ?>

    </div>

</div>

2 个答案:

答案 0 :(得分:0)

如果user_id已在会话中定义,则无需每次通过javascript发送它,或在页面中将其定义为javascript变量。

在控制器中你必须通过javascript传递变量名称,你要调用的会话数据会给你id而不是变量名

$user_id = $this->input->post($this->session->userdata("user_id")); // wrong

$user_id = $this->input->post("user_id"); // right

$user_id = $this->session->userdata("user_id"); // this way without pass through javascript

答案 1 :(得分:0)

您的代码中有几处错误:

我从模型

开始

这里最重要的问题是:你不应该将用户密码存储在数据库中,这是一个非常糟糕的做法,使用PHP crypt函数{{ 1}}哈希类型用于加密密码,然后将加密版本保存在数据库中。您可能需要考虑Hashing libraries几个PHPASS

仔细检查里面的评论:

BLOWFISH

返回function check_login($email, $password) { $this->load->database(); $this->db->from('user') ->where('email', $email) ->where('password', $password); // <-- Check the encryped password $q = $this->db->get(); if ($q->num_rows() == 1) { // Set the users details into the $details property of this class $this->details = $q->first_row(); // Call set_session to set the user's session $this->set_session(); return TRUE; } return FALSE; } function set_session() { $this->session->set_userdata(array( 'user_id' => $this->details->user_id, 'email' => $this->details->email, 'username' => $this->details->username/*, // You don't need to store this in session // If user is logged-in, his/her user_id would be in session // you can easily check whether user is logged-in or not // by looking for user_id in session. 'isLoggedIn' => true*/ )); } function add_chat_message($user_id, $chat_message_content) { // You are binding two parameter to SQL query, // But the following query has three question mark. // $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)"; $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?)"; $this->db->query($query_str, array($user_id, $chat_message_content)); } 函数,login()之后的行将不会执行:

redirect()

redirect('index.php/abovetheblues/abt_abovetheblues'); // $this->abt->set_session(); <-- This is not necessary 方法中,使用Controller/add_chat_messages是错误的。

如果用户必须登录网站,则无需通过POST请求传递用户的$this->input->post($this->session->userdata("user_id")。只需从会话中阅读:

id

最后,在客户端,JavaScript部分:

您无需将用户的ID发送到服务器,因为这些用户可以访问已登录的聊天页面:

function add_chat_messages()
{
    // The following statement is wrong!
    //$user_id = $this->input->post($this->session->userdata("user_id"));

    $user_id = $this->session->userdata("user_id");
    $chat_message_content = $this->input->post('chat_message_content');

    $this->abt_db->add_chat_message($user_id, $chat_message_content);
}

希望它有意义。

更新#1:

在使用$.post(base_url + "index.php/abovetheblues/add_chat_messages", { chat_message_content : chat_message_content/*, user_id : user_id*/ // <-- This is not necessary }, function(data) { alert(data); },"json"); 之前,请确保已加载session库。

打开Session文件并将config/autoload.php添加到自动加载库:

session

更新#2:

模型中的$autoload['libraries'] = array('database', 'session'); check_login功能更改为:

set_session

控制器

function check_login($email, $password)
{
    $this->load->database();

    $this->db->from('user')
             ->where('email', $email)
             ->where('password', $password);

    $q = $this->db->get();

    if ($q->num_rows() == 1) {
        // Return the users details
        return $q->first_row('array');
    }

    return FALSE;
}

function set_session($details)
{
    $this->session->set_userdata(array(
        'user_id'    => $details['user_id'],
        'email'      => $details['email'],
        'username'   => $details['username']
    ));
}

最后在您的JS文件中,从if ($q) { $this->abt_db->set_session($q); redirect('index.php/abovetheblues/abt_abovetheblues'); } else { $this->show_login(true); } 方法中删除json dataType

还有一件事,$.post方法不会向输出发送任何内容(不回显任何内容),因此返回的abovetheblues/add_chat_messages为空:

data