我有个问题。我试图在自定义主题的布局中创建checkAccess规则。但在决定保持以前的状态后,我撤销了所有操作,但现在它仍以管理员身份登录,即使我单击注销,仍然呈现我不想显示的内容(如果没有登录)。。这是我的主要布局自定义:
<?php
if(Yii::app()->user->name = 'admin')
{
$this->widget('bootstrap.widgets.TbNavBar',array(
'brandLabel'=>TbHtml::b(Yii::app()->name),
'color'=>TbHtml::NAVBAR_COLOR_INVERSE,
'items'=>array(
array(
'class'=>'bootstrap.widgets.TbNav',
'items'=>array(
array('label'=>'Home', 'url'=>array('/site/index')),
array('label'=>'About', 'url'=>array('/site/page', 'view'=>'about')),
array('label'=>'Contact', 'url'=>array('/site/contact')),
array('label'=>'Users', 'url'=>array('/user/index')),
),
),
array(
'class'=>'bootstrap.widgets.TbNav',
'htmlOptions'=>array('class'=>'pull-right'),
'items'=>array(
array('label'=>'Login', 'url'=>array('/site/login'), 'visible'=>Yii::app()->user->isGuest),
array('label'=>'Logout ('.Yii::app()->user->name.')', 'url'=>array('/site/logout'), 'visible'=>!Yii::app()->user->isGuest)
),
),
),
));
}
else
{
$this->widget('bootstrap.widgets.TbNavBar',array(
'brandLabel'=>TbHtml::b(Yii::app()->name),
'color'=>TbHtml::NAVBAR_COLOR_INVERSE,
'items'=>array(
array(
'class'=>'bootstrap.widgets.TbNav',
'items'=>array(
array('label'=>'Home', 'url'=>array('/site/index')),
array('label'=>'About', 'url'=>array('/site/page', 'view'=>'about')),
array('label'=>'Contact', 'url'=>array('/site/contact')),
),
),
array(
'class'=>'bootstrap.widgets.TbNav',
'htmlOptions'=>array('class'=>'pull-right'),
'items'=>array(
array('label'=>'Login', 'url'=>array('/site/login'), 'visible'=>Yii::app()->user->isGuest),
array('label'=>'Logout ('.Yii::app()->user->name.')', 'url'=>array('/site/logout'), 'visible'=>!Yii::app()->user->isGuest)
),
),
),
));
}
?>
我在菜单上做了一个echo,显示当前登录用户的名称,但仍然以admin的身份返回。。我不知道它在干什么。。这是我的控制器。
<?php
class UserController extends Controller
{
/**
* @var string the default layout for the views. Defaults to '//layouts/column2', meaning
* using two-column layout. See 'protected/views/layouts/column2.php'.
*/
public $layout='//layouts/column2';
/**
* @return array action filters
*/
public function filters()
{
return array(
'accessControl', // perform access control for CRUD operations
'postOnly + delete', // we only allow deletion via POST request
);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('create', 'new'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('index', 'view', 'admin', 'delete'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
/**
* Displays a particular model.
* @param integer $id the ID of the model to be displayed
*/
public function actionView($id)
{
$this->render('view',array(
'model'=>$this->loadModel($id),
));
}
public function actionNew($id)
{
$this->render('new',array(
'model'=>$this->loadModel($id),
));
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$user = new User;
$gunwcuser =new Gunwcuser;
$game = new Game;
$cash = new Cash;
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
$auth = '1';
$time = '0000-00-00 00:00:00';
$gp = '1000';
$gold = '200000';
$cash1 = '10000';
$rank = '19';
if(isset($_POST['User']))
{
// Set data column in DB before saving
$user->Status = '1';
$user->MuteTime = $time;
$user->RestrictTime = $time;
$user->Authority = $auth;
$user->User_Level = '1';
$user->Authority2 = $auth;
$user->attributes=$_POST['User'];
$gunwcuser->Status = '1';
$gunwcuser->MuteTime = $time;
$gunwcuser->RestrictTime = $time;
$gunwcuser->Authority = $auth;
$gunwcuser->User_Level = '1';
$gunwcuser->Authority2 = $auth;
$gunwcuser->AuthorityBackup = $auth;
$gunwcuser->attributes=$_POST['User'];
$game->attributes=$_POST['User'];
$game->Nickname = $user->NickName;
$game->Money = $gold;
$game->EventScore1 = '0';
$game->EventScore2 = '0';
$game->EventScore3 = '0';
$game->AvatarWear = '0';
$game->Prop1 = '0';
$game->Prop2 = '0';
$game->AdminGift = $gp;
$game->TotalScore = $gp;
$game->SeasonScore = $rank;
$game->TotalGrade = $rank;
$game->SeasonGrade = '0';
$game->TotalRank = '0';
$game->SeasonRank = '0';
$game->AccumShot = '0';
$game->AccumDamage = '0';
$game->StageRecords = '0';
$game->LastUpdateTime = $time;
$game->NoRankUpdate = '0';
$game->ClientData = '0';
$game->CountryGrade = '20';
$game->CountryRank = '0';
$game->GiftProhibitTime = $time;
$cash->Cash = $cash1;
if($user->save() && $gunwcuser->save() && $game->save() && $cash->save())
/*$this->redirect(array('view','id'=>$user->Id, 'message'=>$message));*/
$this->redirect(array('new', 'id'=>$user->Id));
}
$this->render('create',array(
'user'=>$user, 'gunwcuser'=>$gunwcuser, 'game'=>$game, 'cash'=>$cash,
));
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->save())
$this->redirect(array('view','id'=>$model->Id));
}
$this->render('update',array(
'model'=>$model,
));
}
/**
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'admin' page.
* @param integer $id the ID of the model to be deleted
*/
public function actionDelete($id)
{
$this->loadModel($id)->delete();
// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if(!isset($_GET['ajax']))
$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
}
/**
* Lists all models.
*/
public function actionIndex()
{
$dataProvider=new CActiveDataProvider('User');
$this->render('index',array(
'dataProvider'=>$dataProvider,
));
}
/**
* Manages all models.
*/
public function actionAdmin()
{
$model=new User('search');
$model->unsetAttributes(); // clear any default values
if(isset($_GET['User']))
$model->attributes=$_GET['User'];
$this->render('admin',array(
'model'=>$model,
));
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer $id the ID of the model to be loaded
* @return User the loaded model
* @throws CHttpException
*/
public function loadModel($id)
{
$model=User::model()->findByPk($id);
if($model===null)
throw new CHttpException(404,'The requested page does not exist.');
return $model;
}
/**
* Performs the AJAX validation.
* @param User $model the model to be validated
*/
protected function performAjaxValidation($model)
{
if(isset($_POST['ajax']) && $_POST['ajax']==='user-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
}
}
if(Yii::app()->user->name = 'admin')
应该是
if(Yii::app()->user->name == 'admin')
参见==正在比较,=正在设置:)
还有这个东西
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('create', 'new'),
'users'=>array('*'),
),
也许注释是错误的,但它现在允许创建和新操作:)