我正在使用 Yii 1.1.16 ,并尝试添加accessRules
以按IP过滤
这是我CommentsController
中的代码。它仍然允许我的localhost IP访问该操作。除了我的动作,这是我控制器中唯一的其他功能。
我错过了什么或做错了什么?感谢
public function accessRules() {
return array (
array ('allow', // allow all users to perform these actions
'actions' => array ( 'Comments' ),
'ips' => array(
/*"127.0.0.1",*/ /* localhost */
/*"::1",*/ /* localhost */
"52.XX.XX.XX" //live site
)
),
);
}
答案 0 :(得分:2)
您可以尝试以下代码。
//controller file.
public function filters()
{
return array( 'accessControl' ); // perform access control for CRUD operations
}
public function accessRules() {
return array (
array ('allow', // allow all users to perform these actions
'actions' => array ( 'Comments' ),
'ips' => array(
"52.XX.XX.XX" //live site
)
),
array ('deny', // deny all users to perform these actions
'actions' => array ( 'Comments' ),
'ips' => array('*')
),
);
}
答案 1 :(得分:2)
您还必须添加deny
:
......
public function filters()
{
return array(
'accessControl', //access control filter should be applied to every action of the controller
);
}
public function accessRules() {
return array (
array ('allow', // allow all users to perform these actions
'actions' => array ( 'comments' ),
'ips' => array("52.XX.XX.XX")
),
array ('deny', //deny by default
'ips' => array("*")
),
);
}
拥有deny
规则的原因是因为如果没有规则与上下文匹配,则会执行deny
规则。更多信息here。