我的代码中有以下错误: 1(我在会话中存储的数据未显示在视图中 2(表单验证集规则不起作用。所需的不起作用。每当我按登录而不输入任何字段时,它都会打印一个。
我有自动加载的会话和表单验证。
我应该使用 php 会话还是 ci 会话?
控制器:
public function loginFormValidation()
{
$this->form_validation->set_rules('email','Username','required'); //not working
$this->form_validation->set_rules('pass','Password','required');
$this->form_validation->set_error_delimiters('<div class = "text-danger">', '</div>');
if($this->form_validation->run())
{
$email = $this->input->post('email');
$pass = $this->input->post('pass');
$this->load->model('loginModel');
$result = $this->loginModel->loginValidation($email,$pass);
$user_id = $result->user_id;
$user_name = $result->user_name;
$password = $result->password;
$arrayDb = array(
'user_id' => $user_id,
'user_name' => $user_name,
'password' => $password,
);
$this->session->set_userdata('row', $arrayDb);
header("location:".base_url()."/Users/dashboard");
}
else
{
echo "a";
}
}
型:
class loginModel extends CI_Model
{
public function loginValidation($email,$pass)
{
$q = $this->db->where(['email' => $email, 'password' => $pass])
->get('users');
if($q->num_rows())
{
return $q->row();
}
else
{
return false;
}
}
}
我正在打印它进行测试的控制器:
class Users extends CI_Controller
{
public function dashboard()
{
echo $this->session->userdata('user_name'); // Empty no data showing
exit;
}
}
您的代码有一些错误和疏忽。
- 切勿存储明文密码,更不用说将它们添加到会话变量中了。没有必要这样做。退房: http://php.net/manual/en/function.password-verify.php
- 您需要检查登录函数是否实际返回了数据,否则只要通过表单验证,任何人都可以"登录"。
- 您根据要访问变量的方式错误地设置了数组的会话数据。
控制器:
public function loginFormValidation() {
$this->form_validation->set_rules('email', 'Username', 'required');
$this->form_validation->set_rules('pass', 'Password', 'required');
$this->form_validation->set_error_delimiters('<div class = "text-danger">', '</div>');
if ($this->form_validation->run()) {
$email = $this->input->post('email');
$pass = $this->input->post('pass'); // do not store plaintext!!!
$this->load->model('loginModel');
$result = $this->loginModel->loginValidation($email, $pass);
if ($result) {
$user_id = $result->user_id;
$user_name = $result->user_name;
$password = $result->password;
//https://www.codeigniter.com/user_guide/libraries/sessions.html#adding-session-data
$arrayDb = array(
'user_id' => $user_id,
'user_name' => $user_name,
'password' => $password, // why are you storing their PLAINTEXT password in a session?!
);
$this->session->set_userdata($arrayDb);
header("location:" . base_url() . "/Users/dashboard");
} else {
echo 'login failed; bad username/password.';
}
} else {
echo validation_errors();
}
}
型:
public function loginValidation($email, $pass) {
$q = $this->db->where(['email' => $email, 'password' => $pass])
->get('users');
if ($q->num_rows() == 1) {
return $q->row();
}
return false;
}
与其重新发明轮子,不如检查:https://github.com/benedmunds/CodeIgniter-Ion-Auth 我个人使用它并推荐它。