首页 文章

Codeigniter登录无效

提问于
浏览
0

我重新使用我一年前制作的旧CodeIgniter项目的登录系统,我有点生疏,但我已经找了一段时间,我无法弄清楚为什么用户名和密码不会工作 . 我使用的寄存器代码使用MD5加密,我设置了加密密钥 .

登录视图代码:

<?php echo form_open('Login_controller/Login'); ?>
            <label for="Username">Username:</label>
            <input type="text" id="Username" name="Username" autofocus  placeholder="Your username"/>
            <label for="Password">Password:</label>
            <input type="password" id="Password" name="Password" placeholder="Your password" />

            <input type="submit" name="Login" value="Login" > 
            <?php echo validation_errors(); ?> 
            <p>Not an existing user? <a href="<?php echo site_url("Register_controller")?>">REGISTER</a><p> 
        </form>

登录控制器代码:

function Login()
{
    $this->load->library('form_validation'); 
    $this->form_validation->set_rules('Username', 'Username', 'trim|required');
    $this->form_validation->set_rules('Password', 'Password', 'trim|required|callback_CheckDatabase');

    if($this->form_validation->run() == FALSE)
    {
        $this->load->view('Login_view'); //Reloads the login view with validation errors if the login attempt is unsuccessful.//
    }

    else
    { 
        redirect('Home_controller'); //Redirect to the homepage on successful login attempt.//
    }
}


function CheckDatabase($password) //This function is only run when password validation is correct.//
{
    $username = $this->input->post('Username'); //Sets the username as a $username.//
    $result = $this->User_model->Login($username, $password);

    if($result)
    {
        $sess_array = array();
        foreach($result as $row)
        {
            $sess_array = array( //Makes an array of the data to be stored in the session.//
            'id' => $row->UserID
            );

            $this->session->set_userdata('logged_in', $sess_array); //Sets $sess_array as the session.//
        }

        return TRUE;
   }

    else //Ran if the username or password aren't matched in the CIUsers database. Returns error message.//
    {
        $this->form_validation->set_message('CheckDatabase', 'Invalid login details.');
        return false;
    }
}

用户型号代码:

function Login($username, $password)
  {
    $this -> db -> select('UserID, Username, Password');
    $this -> db -> from('CIUsers');
    $this -> db -> where('Username', $username);
    $this -> db -> where('Password', md5($password));
    $this -> db -> limit(1);

    $query = $this -> db -> get();

    if($query -> num_rows() == 1)
    {
      return $query->result();
    }

    else
    {
      return false;
    }
 }

它返回我的“无效登录详细信息”消息,没有错误 .

php codeigniter

2 回答

  • 0

    我用过print

    $this->db->last_query();

    并意识到我将数据库中的密码长度限制为20而没有意识到加密使其长于20,将其更改为50修复了问题 .

    回复于
  • 0

    首先,md5对于登录是不安全的,你应该尝试使用密码哈希技术 .

    试试这样

    public function login() {
 // create the data object
 $data = new stdClass();
 // load form helper and validation library
 $this->load->helper('form');
 $this->load->library('form_validation');
 // set validation rules
 $this->form_validation->set_rules('username', 'Username', 'required|alpha_numeric');
 $this->form_validation->set_rules('password', 'Password', 'required');
 if ($this->form_validation->run() == false) {
 // validation not ok, send validation errors to the view
 $this->load->view('header');
 $this->load->view('user/login/login');
 $this->load->view('footer');
 } else {
 // set variables from the form
 $username = $this->input->post('username');
 $password = $this->input->post('password');
 if ($this->user_model->resolve_user_login($username, $password)) {
 $user_id = $this->user_model->get_user_id_from_username($username);
 $user    = $this->user_model->get_user($user_id);
 echo "logged in success";
 } else {
 // login failed
 $data->error = 'Wrong username or password.';
 // send error to the view
 $this->load->view('login', $data);
 }
 }

    并在你的模型中这样

    public function resolve_user_login($username, $password) {
 $this->db->select('password');
 $this->db->from('users');
 $this->db->where('username', $username);
 $hash = $this->db->get()->row('password');
 return $this->verify_password_hash($password, $hash);
 }
 public function get_user_id_from_username($username) {
 $this->db->select('id');
 $this->db->from('users');
 $this->db->where('username', $username);
 return $this->db->get()->row('id');
 }
 public function get_user($user_id) {
$this->db->from('users');
 $this->db->where('id', $user_id);
 return $this->db->get()->row();
}
 private function hash_password($password) {
 return password_hash($password, PASSWORD_BCRYPT);
 }
 private function verify_password_hash($password, $hash) {
 return password_verify($password, $hash);
 }

    如需完整教程,请阅读http://w3code.in/2015/09/create-login-and-registration-with-codeigniter/

    回复于

相关问题