我正在尝试创建一个聊天框,我无法在登录并保存到数据库后让user_id在会话中正确保存。
这是登录功能
public function login() {
$this->form_validation->set_rules('email', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE) {
// return main page if submitted form is invalid.
$this->load->view('abt_login');
} else {
$this->load->model('abt_db');
$q = $this->abt_db->check_login(
$this->input->post('email'), $this->input->post('password')
);
if ($q) {
redirect('index.php/abovetheblues/abt_abovetheblues');
$this->abt->set_session();
} else {
$this->show_login(true);
}
}
}
这是我的Javascript代码
$(document).ready(function(){
$("a#submit").click(function(){
var chat_message_content = $("input#chat").val();
if(chat_message_content == ""){
return false;
}
$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
chat_message_content : chat_message_content,
user_id : user_id
},
function(data){
alert(data);
},"json");
return false;
});
return false;
});
这是我的控制器
function add_chat_messages() {
// Grab the $chat_message_content, $user_id
$user_id = $this->input->post($this->session->userdata("user_id"));
$chat_message_content = $this->input->post('chat_message_content');
$this->abt_db->add_chat_message($user_id, $chat_message_content);
}
这是我的模特
function check_login($email, $password) {
$this->load->database();
// Query to retrieve the user's details
// based on the received username and password
$this->db->from('user');
$this->db->where('email', $email);
$this->db->where('password', $password);
$q = $this->db->get()->result();
// The results of the query are stored in $q.
// If a value exists, then the user account exists and is validated
if (is_array($q) && count($q) == 1) {
// Set the users details into the $details property of this class
$this->details = $q[0];
// Call set_session to set the user's session
$this->set_session();
return true;
}
return false;
}
function set_session() {
// session->set_userdata is a CodeIgniter function that
// stores data in a cookie in the user's browser. Some of the values are built in
// to CodeIgniter, others are added (like the user_id).
$this->session->set_userdata(array(
'user_id' => $this->details->user_id,
'email' => $this->details->email,
'username' => $this->details->username,
'isLoggedIn' => true
)
);
}
function add_chat_message($user_id, $chat_message_content) {
$query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
$this->db->query($query_str, array($user_id, $chat_message_content));
}
我的观看页面
<script type="text/javascript">
var user_id = "<?php echo $this->session->userdata("user_id"); ?>";
var base_url = "<?php echo base_url();?>";
</script>
<!--loads the header-->
<?php $this->load->view('abt-header'); ?>
<!--this is the login page-->
<div data-role="page" id="Abt-chat" data-add-back-btn="true">
<div data-role="header" data-position="fixed">
<h1>Peer Chat</h1>
</div>
<div data-role="content">
<div data-role="fieldcontain">
<div id="chat_viewport"></div>
<p>
<label>Input Chat: </label>
<input name="chat" id="chat" type="text" value=""/>
</p>
<p>
<?php echo anchor('#', 'Send Chat', array('title' => 'Send Chat', 'id' => 'submit')); ?>
</p>
</div>
<?php echo form_close(); ?>
</div>
</div>
答案 0 :(得分:0)
如果user_id已在会话中定义,则无需每次通过javascript发送它,或在页面中将其定义为javascript变量。
在控制器中你必须通过javascript传递变量名称,你要调用的会话数据会给你id而不是变量名
$user_id = $this->input->post($this->session->userdata("user_id")); // wrong
$user_id = $this->input->post("user_id"); // right
$user_id = $this->session->userdata("user_id"); // this way without pass through javascript
答案 1 :(得分:0)
您的代码中有几处错误:
我从模型:
开始这里最重要的问题是:你不应该将用户密码存储在数据库中,这是一个非常糟糕的做法,使用PHP crypt
函数{{ 1}}哈希类型用于加密密码,然后将加密版本保存在数据库中。您可能需要考虑Hashing libraries几个PHPASS。
仔细检查里面的评论:
BLOWFISH
返回function check_login($email, $password)
{
$this->load->database();
$this->db->from('user')
->where('email', $email)
->where('password', $password); // <-- Check the encryped password
$q = $this->db->get();
if ($q->num_rows() == 1) {
// Set the users details into the $details property of this class
$this->details = $q->first_row();
// Call set_session to set the user's session
$this->set_session();
return TRUE;
}
return FALSE;
}
function set_session()
{
$this->session->set_userdata(array(
'user_id' => $this->details->user_id,
'email' => $this->details->email,
'username' => $this->details->username/*,
// You don't need to store this in session
// If user is logged-in, his/her user_id would be in session
// you can easily check whether user is logged-in or not
// by looking for user_id in session.
'isLoggedIn' => true*/
));
}
function add_chat_message($user_id, $chat_message_content)
{
// You are binding two parameter to SQL query,
// But the following query has three question mark.
// $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
$query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?)";
$this->db->query($query_str, array($user_id, $chat_message_content));
}
函数,login()
之后的行将不会执行:
redirect()
在redirect('index.php/abovetheblues/abt_abovetheblues');
// $this->abt->set_session(); <-- This is not necessary
方法中,使用Controller/add_chat_messages
是错误的。
如果用户必须登录网站,则无需通过POST请求传递用户的$this->input->post($this->session->userdata("user_id")
。只需从会话中阅读:
id
最后,在客户端,JavaScript部分:
您无需将用户的ID发送到服务器,因为这些用户可以访问已登录的聊天页面:
function add_chat_messages()
{
// The following statement is wrong!
//$user_id = $this->input->post($this->session->userdata("user_id"));
$user_id = $this->session->userdata("user_id");
$chat_message_content = $this->input->post('chat_message_content');
$this->abt_db->add_chat_message($user_id, $chat_message_content);
}
希望它有意义。
更新#1:
在使用$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
chat_message_content : chat_message_content/*,
user_id : user_id*/ // <-- This is not necessary
}, function(data) {
alert(data);
},"json");
之前,请确保已加载session
库。
打开Session
文件并将config/autoload.php
添加到自动加载库:
session
更新#2:
将模型中的$autoload['libraries'] = array('database', 'session');
和check_login
功能更改为:
set_session
在控制器:
中function check_login($email, $password)
{
$this->load->database();
$this->db->from('user')
->where('email', $email)
->where('password', $password);
$q = $this->db->get();
if ($q->num_rows() == 1) {
// Return the users details
return $q->first_row('array');
}
return FALSE;
}
function set_session($details)
{
$this->session->set_userdata(array(
'user_id' => $details['user_id'],
'email' => $details['email'],
'username' => $details['username']
));
}
最后在您的JS文件中,从if ($q) {
$this->abt_db->set_session($q);
redirect('index.php/abovetheblues/abt_abovetheblues');
} else {
$this->show_login(true);
}
方法中删除json
dataType
。
还有一件事,$.post
方法不会向输出发送任何内容(不回显任何内容),因此返回的abovetheblues/add_chat_messages
为空:
data