doutao5419 2011-03-11 01:08
浏览 29

Zend Framework:登录密码哈希,电子邮件验证器?

I have searched and can not find the right answer, so I'm hoping I can be pointed in the right direction.

I'm working on a login, we are storing the email as well as password in a table. Password is MD5'ed in the table, email is not.

Under the Login form:

class Application_Form_Login extends Zend_Form
{

public function init()
{
   $this->setName('signupForm');
    $this->setMethod('post');
    $this->setAction('/User/Login');

    $id = new Zend_Form_Element_Hidden('id');
    $id->addFilter('Int');

    $emailAddress = new Zend_Form_Element_Text('emailAddress');
    $emailAddress->setLabel('Email Address')
            ->setRequired(true)
            ->addFilter('StripTags')
            ->addFilter('StringTrim')
            ->addValidator('NotEmpty')
            ->addValidator('EmailAddress');

    $password = new Zend_Form_Element_Password('password');
    $password->setLabel('Password:')
            ->addValidator('StringLength', false, array(6,24))
            ->setLabel('Password')
            ->setRequired(true);

    $submit = new Zend_Form_Element_Submit('Login');
    $submit->setAttrib('id', 'submitbutton');

    $this->addElements(array($id, $emailAddress,$password,$submit));
}


}

I need to check the DB based on two elements (email and password), I also need to process the password with MD5 before comparing it to the DB. How should I go about this in ZF.

I'm not sure if I should construct my own validation check, or use something built within ZF that I have not learned about.

  • 写回答

1条回答 默认 最新

  • dongzhisang5342 2011-03-11 01:28
    关注

    Zend provides the Zend_Auth class for performing user authentication. Here's how I wrote my controller:

    public function indexAction () {
    $this->view->vars['form'] = new Form_User_Login();
    if ($this->request->isPost()) {
        $login = $this->request->getPost('userLogin','');
        $password = $this->request->getPost('userPassword','');
        if ($this->view->vars['form']->isValid(array('userLogin' => $login,'userPassword' => $password))) {
            $authAdapter = new Zend_Auth_Adapter_DbTable(
                Zend_Db_Table::getDefaultAdapter(),
                'user',
                'login',
                'password'
            );
            $authAdapter->setIdentity($login)->setCredential(md5($password));
            $auth = Zend_Auth::getInstance();
            $result = $auth->authenticate($authAdapter);
            if ($result->isValid()) {
                $auth->getStorage()->write($authAdapter->getResultRowObject(null,'password'));
                $this->flash->addMessage(array('success' => $this->view->translate('Hello, %1$s',$auth->getIdentity()->login)));
                $userModel = new Model_User();
                $userModel->update(array('last_access' => new Zend_Db_Expr('CURRENT_TIMESTAMP')),"login = '$login'");
                $this->_redirect();
            } else {
                switch ($result->getCode()) {
                    case Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND:
                        $this->view->vars['messages'][] = array('error' => $this->view->translate('User name not found.'));
                        break;
                    case Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID:
                        $this->view->vars['messages'][] = array('error' => $this->view->translate('Invalid password.'));
                        break;
                    default:
                        $this->view->vars['messages'][] = array('error' => $this->view->translate('Failed to log in.'));
                        break;
                }
            }
        }
    }
}
    评论

报告相同问题?

悬赏问题

  • ¥15 keil的map文件中Image component sizes各项意思
  • ¥30 BC260Y用MQTT向阿里云发布主题消息一直错误
  • ¥20 求个正点原子stm32f407开发版的贪吃蛇游戏
  • ¥15 划分vlan后,链路不通了?
  • ¥20 求各位懂行的人,注册表能不能看到usb使用得具体信息,干了什么,传输了什么数据
  • ¥15 Vue3 大型图片数据拖动排序
  • ¥15 Centos / PETGEM
  • ¥15 划分vlan后不通了
  • ¥20 用雷电模拟器安装百达屋apk一直闪退
  • ¥15 算能科技20240506咨询(拒绝大模型回答)