我完全被这个问题难住了,创建这个模板系统的我的伙伴也是。
我有一个注册页面,它会向用户发送一封电子邮件,其中包含帐户激活页面的链接,用户必须在其中填写密码才能确认。链接中有他们的user_id和一个注册密钥的随机字符串。
以下是我正常url的样子:
kansaoutlawwrestling.com/kowmanager/activate/1000/da54d6fad5fa5fadf
我想做的是,如果这两种说法中的任何一种都是真的,那么它会显示我的404错误页面:
- url中没有user_id
- url中没有注册密钥
- url中没有这两个参数
激活控制器:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Activate extends CI_Controller
{
public function __construct()
{
parent::__construct();
$this->load->library('kow_auth');
}
public function index($param1 = NULL, $param2 = NULL)
{
//Config Defaults Start
$msgBoxMsgs = array();//msgType = dl, info, warn, note, msg
$cssPageAddons = '';//If you have extra CSS for this view append it here
$jsPageAddons = '<script src="http://www.kansasoutlawwrestling.com/kowmanager/assets/js/activatevalidate.js"></script>';//If you have extra JS for this view append it here
$metaAddons = '';//Sometimes there is a need for additional Meta Data such in the case of Facebook addon's
$siteTitle = '';//alter only if you need something other than the default for this view.
//Config Defaults Start
//examples of how to use the message box system (css not included).
//$msgBoxMsgs[] = array('msgType' => 'dl', 'theMsg' => 'This is a Blank Message Box...');
/**********************************************************Your Coding Logic Here, Start*/
$x = 0;
if(($param1 !== NULL)&&($param2 !== NULL))
{
//params not null yay..
if((isset($param1))&&((trim($param1) !== '')||(!empty($param1))))
{
if(!is_numeric($param1))
{
$x++;
}
}
if((isset($param2))&&((trim($param2) !== '')||(!empty($param2))))
{
if(!is_string($param2))
{
$x++;
}
}
}
else
{
$x++;
}
if($x !== 0)
{
$bodyContent = "error_page";
}
else
{
$bodyContent = "activate_form";
}
$bodyType = "full";//type of template
/***********************************************************Your Coding Logic Here, End*/
//Double checks if any default variables have been changed, Start.
//If msgBoxMsgs array has anything in it, if so displays it in view, else does nothing.
if(count($msgBoxMsgs) !== 0)
{
$msgBoxes = $this->msgboxes->buildMsgBoxesOutput(array('display' => 'show', 'msgs' =>$msgBoxMsgs));
}
else
{
$msgBoxes = array('display' => 'none');
}
if($siteTitle == '')
{
$siteTitle = $this->metatags->SiteTitle(); //reads
}
//Double checks if any default variables have been changed, End.
$this->data['msgBoxes'] = $msgBoxes;
$this->data['cssPageAddons'] = $cssPageAddons;//if there is any additional CSS to add from above Variable this will send it to the view.
$this->data['jsPageAddons'] = $jsPageAddons;//if there is any addictional JS to add from the above variable this will send it to the view.
$this->data['metaAddons'] = $metaAddons;//if there is any addictional meta data to add from the above variable this will send it to the view.
$this->data['pageMetaTags'] = $this->metatags->MetaTags();//defaults can be changed via models/metatags.php
$this->data['siteTitle'] = $siteTitle;//defaults can be changed via models/metatags.php
$this->data['bodyType'] = $bodyType;
$this->data['bodyContent'] = $bodyContent;
$this->load->view('usermanagement/index', $this->data);
}
function activate_submit()
{
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|min_length[6]|max_length[12]|alpha_numeric');
$user_id = $this->uri->segment(3);
$registration_key = $this->uri->segment(4);
if (($registration_key == '') OR ($user_id == ''))
{
echo json_encode(array('error' => 'yes', 'message' => 'URL was not complete!'));
}
else
{
if (!$this->form_validation->run())
{
echo json_encode(array('error' => 'yes', 'message' => 'There was a problem submitting the form! Please refresh the window and try again!'));
}
else
{
if ($this->kow_auth->activate_user($user_id, $registration_key, $this->input->post('password')))
{
echo json_encode(array('sucess' => 'yes', 'message' => 'Your account has been successfully activated!'));
}
else
{
echo json_encode(array('error' => 'yes', 'message' => 'The activation code you entered is incorrect or expired!'));
}
}
}
}
}
/* End of file activate.php */
/* Location: ./application/controllers/activate.php */
路线:
$route['activate/:num/:any'] = 'activate/index/$1/$2';
$route['404_override'] = 'error';
以下是我对每一个实例的了解:
kansaoutlawwrestling.com/kowmanager/activate-更正
kansaoutlawwrestling.com/kowmanager/activate/10000/更正
kansanoutlawwrestling.com/kowmanager/activate/10000/271cce3ab11ced5fd10aeca41323a3c-显示激活表单时应不正确
编辑:任何人都有任何想法,因为似乎什么都不起作用。
我将从简化一点参数检查开始:
$this->error = FALSE;
if(NULL != $param1 AND NULL != $param2)
{
if(!is_numeric($param1) OR (string)trim($param2)!= '')
{
$this->error = TRUE;
}
}
else
{
$this->error = TRUE;
}
$this->data['bodyContent'] = $this->error? 'error_page' : 'activate_form';
这里很晚了,所以我可能会搞砸一些事情,但基本上:
- 如果两个param都为null,则将$error设置为TRUE(它们不必为null)
- 如果至少有一个不为空:
-如果param1不是数字(userid)或
-如果param2不是字符串(甚至不是空字符串),$error将再次为TRUE
最后,如果error为FALSE(初始化时),我们将"activate_form"值传递给视图,否则(即,如果上述任何条件导致错误设置为TRUE),我们传递"error_page"值。
此外,根据文档,自定义路线应该在固定路线之后:
$route['404_override'] = 'error';
$route['activate/(:num)/(:any)'] = 'activate/index/$1/$2';
出于好奇。。。如果删除以下行会发生什么?
if(!is_string($param2))
你只需要:
if((isset($param2))&&((trim($param2) !== '')||(!empty($param2))))
{
$x++;
}
您不需要为帐户激活创建新的controller/模块,只需在现有的auth-controller/模块中添加一个新方法即可。
如果你设置了一条有条件的路线,但它们失败了,你会显示一个错误或404。
class Auth extends CI_Controller
{
public function __construct(){parent::__construct();}
/**
* Activate user account
* $route['activate/(:num)/(:any)'] = 'auth/activate/$1/$2';
*/
public function activate($uid, $code)
{
//if need be, double check
if(!$uid OR !$code){show_404();} //BOTH need to exists
//if $route['activate/(:num)/(:any)'] = 'auth/activate/$1/$2'; FAILS CI will show error or 404
//grab $code and $uid and seek a match from DB, if failure do your own errors.
}
}
我建议从uri段中删除用户id,并将激活代码设置为UNIQUE db约束,这样您只需要查询即可。
看看坦克认证
这是一个已经做到了这一点的CI库,但有一个密钥差异,你不想传递更多。所以只需生成一个HASH(例如加密的),它可以让你找到userid&同时激活。
它减少了检查,减少了复制的问题;粘贴URL。还消除了对ID有效性和哈希有效性进行所有这些额外检查的必要性。
但正如我所说,查看tank auth代码,并提取出激活部分所需的内容,这是非常直接的,并且已经用于CI。