我是Yii PHP Framework的新手,正在尝试登录表单。我知道当你安装testdrive应用程序时,Yii上已经有了登录功能。我只是编辑它以通过数据库登录,但它不起作用。我在代码中没有任何错误,但当我登录时,它总是说密码或用户名不正确。这是我的密码。
对于UserIdentity.php
class UserIdentity extends CUserIdentity
{
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
private $_id;
public function authenticate()
{
$record=User::model()->findByAttributes(array('username'=>$this->username));
if($record===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($record->password!==crypt($this->password,$record->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$record->id;
$this->setState('title', $record->title);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
}
以下是SiteController.php
public function actionLogin()
{
$model=new LoginForm;
// if it is ajax validation request
if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if(isset($_POST['LoginForm']))
{
$model->attributes=$_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if($model->validate() && $model->login())
$this->redirect(Yii::app()->user->returnUrl);
}
// display the login form
$this->render('login',array('model'=>$model));
}
你能帮我吗?谢谢
如果您的密码保存在db-text中,请不要使用crypt-
class UserIdentity extends CUserIdentity
{
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
private $_id;
public function authenticate()
{
$record=User::model()->findByAttributes(array('username'=>$this->username));
if($record===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($record->password!==$this->password) // changed
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$record->id;
$this->setState('title', $record->title);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
}
在您的编码中,行
else if($record->password!==crypt($this->password,$record->password))
正在将密码与字符串哈希进行比较(crypt()
使字符串哈希/加密(。
如果您将密码保存在数据库中而不进行加密,则可以直接比较用户输入的密码和您在数据库中保存的密码,无需应用crypt()
($this->password!==$record->password)
//$this->password - user input
//$record->password - save password from db
现在将代码更改为
public function authenticate()
{
$record = User::model()->findByAttributes(array('username' => $this->username));
if ($record === null)
$this->errorCode = self::ERROR_USERNAME_INVALID;
else if (trim($this->password)!== $record->password)
$this->errorCode = self::ERROR_PASSWORD_INVALID;
else
{
$this->_id = $record->id;
$this->setState('title', $record->title);
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}