我在注册表单时有以下代码:
function register()
{
$this->form_validation->set_rules('txt_username', 'Username', 'trim|required');
$this->form_validation->set_rules('cpassword', 'Confirm Password', 'trim|required|matches[txt_password]|md5');
$this->form_validation->set_rules('txt_password', 'Password', 'trim|required|md5');
//other codes
$data = array('username' => $this->input->post('txt_username'),
'password' => $this->input->post('txt_password')
);
// insert form data into database
if ($this->account_model->insertUser($data));
{
$this->session->set_flashdata('msg','successfully registered!');
redirect('account/register');
}
}
密码在此匹配。但当我使用相同的数据来登录用户名和密码时:它显示无效的用户名或密码:登录功能如下:
function login()
{
//set validations
$this->form_validation->set_rules("txt_username", "Username", "trim|required");
$this->form_validation->set_rules("txt_password", "Password", "trim|required");
$username = $this->input->post("txt_username");
$password = $this->input->post("txt_password");
$usr_result = $this->account_model->get_user($username, $password);
if ($usr_result > 0) //active user record is present
{
$this->account_model->login();
$data['message'] ="You are logged in!";
}
else
{
$this->session->set_flashdata('msg', 'Invalid username and password!');
}
}
}
我有一个将注册表数据插入数据库的模型:
function insertUser($data)
{
return $this->db->insert('user', $data);
}
我有这个模型来检索登录数据:
function get_user($usr, $pwd)
{
$sql = "select * from user where username = '" . $usr . "' and password = '".md5($pwd). "'";
$query = $this->db->query($sql);
return $query->num_rows();
}
代替MD5的最佳方法是在Codeigniter中使用base64。即CCD_ 3和CCD_。
编码
$password = 'mYp@ssw0rd'; // or $password
$encriptKey = 'super-secret-key';
$encrypted_string = $this->encrypt->encode($password, $encriptKey);
解码
$password = 'mYp@ssw0rd'; // or $password
$encriptKey = 'super-secret-key';
$decrypted_string = $this->encrypt->decode($password, $encriptKey);
此外
同时加载库$this->load->library('encrypt');
您可以在您的模型中做到这一点:
public function login()
{
$user = $this->get_by(array(
'email' => $this->input->post('email'),
'password' => $this->hash($this->input->post('password')),
), TRUE);
if (count($user))
{
// Log in user
$data = array(
'name' => $user->name,
'email' => $user->email,
'id' => $user->id,
'user_type'=>$user->user_type,
'emp_id'=>$user->emp_id,
'loggedin' => TRUE,
);
$this->session->set_userdata($data);
return TRUE;
}
return FALSE;
}
public function logout ()
{
$this->session->sess_destroy();
$this->session->unset_userdata('logged_in','id','name','email');
}
public function loggedin ()
{
return (bool) $this->session->userdata('loggedin');
}
public function hash ($string)
{
return hash('sha512', $string . config_item('encryption_key'));
}
并且可以让用户登录。使用CI会话进行登录,这将是一个更好的选择。点击此处阅读更多
对于控制器这样做:
public function login()
{
$dashboard ='admin/dashboard';
$rules = $this->secure_m->rules;
$this->form_validation->set_rules($rules);
if ($this->form_validation->run() == TRUE)
{
if ($this->secure_m->login() == TRUE)
{
$this->secure_m->loggedin() == FALSE || redirect($dashboard);
redirect($dashboard);
}
else
{
$this->session->set_flashdata('error', 'That email/password combination does not exist');
redirect('secure/login', 'refresh');
}
}
$this->load->view("Your View");
}
请在插入时存储加密密码
例如:
$data['password'] = md5($data['password']);
我认为这会解决你的问题。其他代码对我来说运行良好。