Question

由于某种原因，用户可以使用任何密码登录，首先我以为我忘记检查密码但我没有...而且我无法找到问题

这是模型：

/*#######################################################*/
    function validate()
/*#######################################################*/
    {
        $this->db->where('username', $this->input->post('username'));
        $this->db->where('password', md5($this->input->post('password')));
        $q = $this->db->get('user_extra');

        if($q->num_rows() == 1):
            return true;
        else:
            return false;
        endif;
    }//end of function validate()

控制器

/*#######################################################*/
        function validate_credentials()
/*#######################################################*/
        {
            $this->load->model('membership_model');

            $this->load->library('form_validation');

            $this->form_validation->set_rules('username', 'Name', 'trim|required');
            $this->form_validation->set_rules('password', 'password', 'trim|required');
            if(!$this->membership_model->validate()):
                $this->form_validation->set_message('check_login', 'Login not correct, please try again.');
            endif;

            if($this->form_validation->run() == FALSE):
                $this->index();
            else:
                $this->membership_model->userinfo($this->input->post('username'));
                //should redirect to last view
                redirect($this->session->flashdata('redirect_url'));
            endif;
        }// end of validate_credentials()

Answer 1

为什么不在验证字符串中创建回调函数？

将此功能放在同一个控制器中

/*##############PRIVATE FUNCTION WITHIN THE SAME CONTROLLER###########*/
    function validate($username,$password) //if you use php 5 i would set this method to  private one
/*#######################################################*/
    {
        $this->db->where('username', $username);
        $this->db->where('password', md5($password));
        $q = $this->db->get('user_extra');

        if($q->num_rows() <= 1)
            return true;
        return false;

    }//end of function validate()

规则行：

$this->form_validation->set_rules('username', 'Name', 'trim|required|callback_validaion[password]');

Answer 2

为什么不直接使用caalback作为表单验证的一部分？

e.g。

$this->form_validation->set_rules('password', 'Password', 'prep_for_form|required|xss_clean|callback_password_check');

和回调函数......

function password_check($value) { /* call model and query database to get password */   if ($value == $password_from_model))    {       return TRUE;    }   else    {       $this->form_validation->set_message('password_check', 'You have not used the correct %s.');         return FALSE;   } }

Answer 3

我尝试使用回调函数，但由于某种原因它不起作用，所以我只是在validation-＆gt; run（）的else语句中移动了if语句，这是代码：

$this->form_validation->set_rules('username', 'Name', 'trim|required|xss_clean');
            $this->form_validation->set_rules('password', 'password', 'trim|required|xss_clean');


            if($this->form_validation->run() == FALSE):
                redirect(base_url().'login/index/error');
            else:       
                if($this->membership_model->validate()):
                    $this->membership_model->userinfo($this->input->post('username'));
                    //should redirect to last view
                    redirect('home/index');
                else:
                    redirect(base_url().'login/index/error');
                endif;
            endif;

Codeigniter：验证问题

3 个答案: