小贝子编程

CodeIgniter登录函数表单不起作用



我总结道,这是我的登录函数代码,我使用的是CodeIgniter框架。我正在尝试让用户使用他们的电子邮件和密码登录。我正试图使用bcrypt哈希密码登录,但我的编码一定有问题,因为它没有登录,而且一直显示无效。

public function login()
{
if ($this->session->userdata('logged_in') == 1 
&& in_array($this->session->userdata('user_type'), ['Admin', 'Member']) {
redirect('dashboard', 'location');
}
$this->form_validation->set_rules('username', 'Username', 'trim|required');
$this->form_validation->set_rules('password', 'Password', 'trim|required');

if ($this->form_validation->run() == false) {
$this->login_page();
} else {
$this->csrf_token_check();
$username = ($this->input->post('username', true));
$password = ($this->input->post('password', true));

$table = 'users';
if($this->config->item('master_password') != '') {
if ($_POST['password']) {
$where['where'] = array('email' => $username); //master password
} else {
$where['where'] = array('email' => $username, 'password' => $password);
}
} else {
$where['where'] = array('email' => $username, 'password' => $password);
}

$info = $this->basic->get_data($table, $where, $select = '', $join = '', $limit = '', $start = '', $order_by = '', $group_by = '', $num_rows = 1);
$count = $info['extra_index']['num_rows'];
if ($count == 0) {
$this->session->set_flashdata('login_msg', $this->lang->line("invalid email or password"));
redirect(uri_string());
} else {
$username = $info[0]['name'];
if ($logo=="") {
$logo=base_url("assets/img/avatar/avatar-1.png");
} else {
$logo=base_url().'member/'.$logo;
}
$this->session->set_userdata('logged_in', 1);
$this->session->set_userdata('username', $username);
$this->basic->insert_data('user_login_info',$login_info_insert_data);
$this->basic->update_data("users",array("id"=>$user_id),array("last_login_at"=>date("Y-m-d H:i:s"),'last_login_ip'=>$login_ip)); if(function_exists('fb_app_set'))fb_app_set();
if ($this->session->userdata('logged_in') == 1 
&& in_array($this->session->userdata('user_type'), ['Admin', 'Member']) {
redirect('dashboard', 'location');
}
}
}
}

这个答案是针对CI3的,因为您没有提到版本。

首先,我认为DB中的email字段使用$username是很奇怪的。您可以更正命名约定。

我认为这段代码一定给你带来了问题

if($this->config->item('master_password') != '')
{
if(($_POST['password']))
$where['where'] = array('email' => $username); //master password
else $where['where'] = array('email' => $username, 'password' => $password);
}
else $where['where'] = array('email' => $username, 'password' => $password);

如果您在CI中直接使用上述$where作为$this->db->where($where),则您的代码应该是

if($this->config->item('master_password') != '')
{
if(($_POST['password']))
$where = array('email' => $username); //master password
else $where = array('email' => $username, 'password' => $password);
}
else $where = array('email' => $username, 'password' => $password);

注意,我从$where数组中删除了where密钥。

此外,如果您使用bcrypt将密码存储在数据库中,则必须先获取行,然后比较密码,如下所示:

$where = array('email' => $username);
$info = $this->basic->get_data($table, $where, $select = '', $join = '', $limit = '', $start = '', $order_by = '', $group_by = '', $num_rows = 1);
if ($this->bcrypt->check_password($password, $info[0]['password'])) {
//We're good, login to the system
} else {
//Wrong password
}

我认为,您的其他代码,如$this->basic->get_data函数,也应该进行审查。若要调试,请尝试将var_dump($info[0]);放在此函数之后,您就会知道是否有该行。

此外,您还可以使用$str = $this->db->last_query();打印出上次运行的查询。

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium