Codeigniter:验证问题

时间:2010-06-09 11:57:46

标签: php authentication codeigniter login

由于某种原因,用户可以使用任何密码登录,首先我以为我忘记检查密码但我没有...而且我无法找到问题

这是模型:

/*#######################################################*/
    function validate()
/*#######################################################*/
    {
        $this->db->where('username', $this->input->post('username'));
        $this->db->where('password', md5($this->input->post('password')));
        $q = $this->db->get('user_extra');

        if($q->num_rows() == 1):
            return true;
        else:
            return false;
        endif;
    }//end of function validate()

控制器

/*#######################################################*/
        function validate_credentials()
/*#######################################################*/
        {
            $this->load->model('membership_model');

            $this->load->library('form_validation');

            $this->form_validation->set_rules('username', 'Name', 'trim|required');
            $this->form_validation->set_rules('password', 'password', 'trim|required');
            if(!$this->membership_model->validate()):
                $this->form_validation->set_message('check_login', 'Login not correct, please try again.');
            endif;

            if($this->form_validation->run() == FALSE):
                $this->index();
            else:
                $this->membership_model->userinfo($this->input->post('username'));
                //should redirect to last view
                redirect($this->session->flashdata('redirect_url'));
            endif;
        }// end of validate_credentials()

3 个答案:

答案 0 :(得分:0)

为什么不在验证字符串中创建回调函数?

将此功能放在同一个控制器中

/*##############PRIVATE FUNCTION WITHIN THE SAME CONTROLLER###########*/
    function validate($username,$password) //if you use php 5 i would set this method to  private one
/*#######################################################*/
    {
        $this->db->where('username', $username);
        $this->db->where('password', md5($password));
        $q = $this->db->get('user_extra');

        if($q->num_rows() <= 1)
            return true;
        return false;

    }//end of function validate()

规则行:

$this->form_validation->set_rules('username', 'Name', 'trim|required|callback_validaion[password]');

答案 1 :(得分:0)

为什么不直接使用caalback作为表单验证的一部分?

e.g。

$this->form_validation->set_rules('password', 'Password', 'prep_for_form|required|xss_clean|callback_password_check');

和回调函数...... 

function password_check($value) { /* call model and query database to get password */   if ($value == $password_from_model))    {       return TRUE;    }   else    {       $this->form_validation->set_message('password_check', 'You have not used the correct %s.');         return FALSE;   } }

答案 2 :(得分:0)

我尝试使用回调函数,但由于某种原因它不起作用,所以我只是在validation-&gt; run()的else语句中移动了if语句,这是代码:

$this->form_validation->set_rules('username', 'Name', 'trim|required|xss_clean');
            $this->form_validation->set_rules('password', 'password', 'trim|required|xss_clean');


            if($this->form_validation->run() == FALSE):
                redirect(base_url().'login/index/error');
            else:       
                if($this->membership_model->validate()):
                    $this->membership_model->userinfo($this->input->post('username'));
                    //should redirect to last view
                    redirect('home/index');
                else:
                    redirect(base_url().'login/index/error');
                endif;
            endif;
相关问题
最新问题