dongqiancui9194 2012-05-24 09:27
浏览 13
已采纳

CakePHP 2.0帐户验证

I'm trying to create a simply login page. I want validation on that page so that when a user clicks login the site checks that in the users database activated is set to 1, if not they can't login. I'm still very new to cakephp and am trying to pick up quickly so I'm sorry if this is a simple beginner question.

here is the validation in my User model 

public $checkActive = array(
    'activated'=>array(
            'rule'=>array('equalTo', '0'),
            'message'=>'The account must be activated, please check your email.'
        ));

here is the login function in my usersController

 public function login() {

    $this->set('title_for_layout', 'Individual Registration');
    $this->set('stylesheet_used', 'style');
    $this->set('image_used', 'eBOXLogo.jpg');


    if ($this->request->is('post')){
    if ($this->request->data['User']['password'] == 'qazwsx'){
    if ($this->Auth->login()){
     if (0 === $this->User->find('count',array('conditions'=>array('enabled'=>1,'login'=> $username)))) {
         $this->Session->setFlash('Sorry, your account is not validated yet.');
    }

        $this->Auth->user('id');
        $this->redirect($this->Auth->redirect('eboxs/home')); 
        }   
    } 
    else {

        $this->Session->setFlash('Username or password is incorrect');
    }
    }else{
    $this->Session->setFlash('Welcome, please login');
    }


}

here is my beforeLogin function in the usersController

 public function beforeLogin(){

    if(isset($this->data['User']['password'])){
        $this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
        }
        return true;
    }

app controller 

class AppController extends Controller {

    public $components = array(
        'DebugKit.Toolbar',
        'Session', 
        'Auth'=>array(
            'loginRedirect'=>array('controller'=>'users', 'action'=>'login'),
            'logoutRedirect'=>array('controller'=>'users', 'action'=>'login'),
            'authError'=>"You can't access this page",
            'authorize'=>array('Controller')
        )
    );

    public function isAuthorized($user){
        return true;
    }

    public function beforeFilter(){
    $this->Auth->allow('index','view');
    $this->set('logged_in', $this->Auth->loggedIn());
    $this->set('current_user',$this->Auth->user());

    }

I realize that there is no call in my controller to the validation but with my other validation such as username is unique, I haven't had to call it.

in short at the moment anyone can log into my page, I'm trying to make it so only those who have 1 in the activated field in the users table can login.

  • 写回答

2条回答 默认 最新

  • drb88830 2012-05-24 10:21
    关注

    One option would be to check account validation right after login like this : 

    <?php
if ($this->request->is('post')){
if ($this->request->data['User']['password'] == 'qazwsx'){
if ($this->Auth->login()) {

    // login ok, but check if activated
    $username = $this->request->data['User']['username'];
    if (0 === $this->User->find('count',array('conditions'=>array('activated'=>1,'username'=> $username)))) {
         $this->Session->setFlash('Sorry, your account is not validated yet.');
         $this->redirec($this->referer());
    }

    $this->Auth->user('id');
    $this->redirect($this->Auth->redirect('eboxs/home')); 
    }   
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 被蓝屏搞吐了,有偿求帮解答,Ai回复直接拉黑
  • ¥15 BP神经网络控制倒立摆
  • ¥20 要这个数学建模编程的代码 并且能完整允许出来结果 完整的过程和数据的结果
  • ¥15 html5+css和javascript有人可以帮吗?图片要怎么插入代码里面啊
  • ¥30 Unity接入微信SDK 无法开启摄像头
  • ¥20 有偿 写代码 要用特定的软件anaconda 里的jvpyter 用python3写
  • ¥20 cad图纸,chx-3六轴码垛机器人
  • ¥15 移动摄像头专网需要解vlan
  • ¥20 access多表提取相同字段数据并合并
  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角