我尝试使用controller.php 中的会话id验证captcha
以下是我尝试保存captcha会话的代码(通过修改controller.php),但它不起作用-我在这个代码中做错了什么?pl建议
它在提交时显示服务器错误,我提到了原始代码(在captcha之前)和修改后的代码(在captcha之后)
原始代码(在Controller.php中的Captcha会话之前)
function register_save()
{
global $mainframe;
// Check for request forgeries
JRequest::checkToken() or jexit( 'Invalid Token' );
// Get required system objects
$user = clone(JFactory::getUser());
$pathway =& $mainframe->getPathway();
$config =& JFactory::getConfig();
$authorize =& JFactory::getACL();
$document =& JFactory::getDocument();
// If user registration is not allowed, show 403 not authorized.
$usersConfig = &JComponentHelper::getParams( 'com_users' );
if ($usersConfig->get('allowUserRegistration') == '0') {
JError::raiseError( 403, JText::_( 'Access Forbidden' ));
return;
}
// Initialize new usertype setting
$newUsertype = $usersConfig->get( 'new_usertype' );
if (!$newUsertype) {
$newUsertype = 'Registered';
}
// Bind the post array to the user object
if (!$user->bind( JRequest::get('post'), 'usertype' )) {
JError::raiseError( 500, $user->getError());
}
// Set some initial user values
$user->set('id', 0);
$user->set('usertype', $newUsertype);
$user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' ));
$date =& JFactory::getDate();
$user->set('registerDate', $date->toMySQL());
// If user activation is turned on, we need to set the activation information
$useractivation = $usersConfig->get( 'useractivation' );
if ($useractivation == '1')
{
jimport('joomla.user.helper');
$user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) );
$user->set('block', '1');
}
// If there was an error with registration, set the message and display form
if ( !$user->save() )
{
JError::raiseWarning('', JText::_( $user->getError()));
$this->register();
return false;
}
// Send registration confirmation mail
$password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
$password = preg_replace('/['x00-'x1F'x7F]/', '', $password); //Disallow control chars in the email
UserController::_sendMail($user, $password);
// Everything went fine, set relevant message depending upon user activation state and display message
if ( $useractivation == 1 ) {
$message = JText::_( 'REG_COMPLETE_ACTIVATE' );
} else {
$message = JText::_( 'REG_COMPLETE' );
}
$this->setRedirect('https://www.2checkout.com/checkout/spurchase?sid=1689498&product_id=2&quantity=1', $message);
}
最终修订代码(根据controller.php中现在建议的修改)
function register_save()
{
global $mainframe;
// Check for request forgeries
JRequest::checkToken() or jexit( 'Invalid Token' );
session_start();
$post = JRequest::get( 'post' );
if(($_SESSION['security_code'] == $post['security_code']) && (!empty($_SESSION['security_code'])) )
{
$newUsertype = $usersConfig->get( 'new_usertype' );
if (!$newUsertype)
{
$newUsertype = 'Registered';
}
unset($_SESSION['security_code']);
}
if($_SESSION['security_code'] != $post['security_code'] || $post['security_code']=="")
{
JError::raiseWarning('', JText::_( $user->getError()));
$this->register();
return false;
}
// Get required system objects
$user = clone(JFactory::getUser());
$pathway =& $mainframe->getPathway();
$config =& JFactory::getConfig();
$authorize =& JFactory::getACL();
$document =& JFactory::getDocument();
// If user registration is not allowed, show 403 not authorized.
$usersConfig = &JComponentHelper::getParams( 'com_users' );
if ($usersConfig->get('allowUserRegistration') == '0') {
JError::raiseError( 403, JText::_( 'Access Forbidden' ));
return;
}
// Initialize new usertype setting
$newUsertype = $usersConfig->get( 'new_usertype' );
if (!$newUsertype) {
$newUsertype = 'Registered';
}
// Set some initial user values
$user->set('id', 0);
$user->set('usertype', $newUsertype);
$user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' ));
$date =& JFactory::getDate();
$user->set('registerDate', $date->toMySQL());
// If user activation is turned on, we need to set the activation information
$useractivation = $usersConfig->get( 'useractivation' );
if ($useractivation == '1')
{
jimport('joomla.user.helper');
$user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) );
$user->set('block', '1');
}
// If there was an error with registration, set the message and display form
if ( !$user->save() )
{
JError::raiseWarning('', JText::_( $user->getError()));
$this->register();
return false;
}
// Send registration confirmation mail
$password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
$password = preg_replace('/['x00-'x1F'x7F]/', '', $password); //Disallow control chars in the email
UserController::_sendMail($user, $password);
// Everything went fine, set relevant message depending upon user activation state and display message
if ( $useractivation == 1 ) {
$message = JText::_( 'REG_COMPLETE_ACTIVATE' );
} else {
$message = JText::_( 'REG_COMPLETE' );
}
$this->setRedirect('https://www.2checkout.com/checkout/spurchase?sid=1689498&product_id=2&quantity=1', $message);
}
以下行使用$post而不是$_POST:
if($_SESSION['security_code'] != $post['security_code'] || $post['security_code']=="")
如果满足条件,下面的代码会引发一个错误(假设是您收到的错误)。尝试更新以使用$_POST,它应该会修复它:
if($_SESSION['security_code'] != $_POST['security_code'] || $_POST['security_code']=="")
代码块中有几个地方会引发错误——这只是众多可能引发错误的地方之一。如果你发布了特定的错误,可能会更容易诊断(如果这并不能真正解决问题)。