-1

我尝试通过在 controller.php 中使用会话 ID 来验证验证码

下面是我尝试保存验证码会话的代码(通过修改controller.php)-但它不起作用-我在此代码中做错了什么请建议

它在提交时显示服务器错误,我提到了原始代码(验证码之前)和修改后的代码(验证码之后)

原始代码(Controller.php 中的验证码会话之前)

 function register_save()
{
    global $mainframe;

    // Check for request forgeries
    JRequest::checkToken() or jexit( 'Invalid Token' );

    // Get required system objects
    $user       = clone(JFactory::getUser());
    $pathway    =& $mainframe->getPathway();
    $config     =& JFactory::getConfig();
    $authorize  =& JFactory::getACL();
    $document   =& JFactory::getDocument();

    // If user registration is not allowed, show 403 not authorized.
    $usersConfig = &JComponentHelper::getParams( 'com_users' );
    if ($usersConfig->get('allowUserRegistration') == '0') {
        JError::raiseError( 403, JText::_( 'Access Forbidden' ));
        return;
    }

    // Initialize new usertype setting
    $newUsertype = $usersConfig->get( 'new_usertype' );
    if (!$newUsertype) {
        $newUsertype = 'Registered';
    }

    // Bind the post array to the user object
    if (!$user->bind( JRequest::get('post'), 'usertype' )) {
        JError::raiseError( 500, $user->getError());
    }

    // Set some initial user values
    $user->set('id', 0);
    $user->set('usertype', $newUsertype);
    $user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' ));

    $date =& JFactory::getDate();
    $user->set('registerDate', $date->toMySQL());

    // If user activation is turned on, we need to set the activation information
    $useractivation = $usersConfig->get( 'useractivation' );
    if ($useractivation == '1')
    {
        jimport('joomla.user.helper');
        $user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) );
        $user->set('block', '1');
    }

    // If there was an error with registration, set the message and display form
    if ( !$user->save() )
    {
        JError::raiseWarning('', JText::_( $user->getError()));
        $this->register();
        return false;
    }

    // Send registration confirmation mail
    $password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
    $password = preg_replace('/[\x00-\x1F\x7F]/', '', $password); //Disallow control chars in the email
    UserController::_sendMail($user, $password);

    // Everything went fine, set relevant message depending upon user activation state and display message
    if ( $useractivation == 1 ) {
        $message  = JText::_( 'REG_COMPLETE_ACTIVATE' );
    } else {
        $message = JText::_( 'REG_COMPLETE' );
    }

    $this->setRedirect('https://www.2checkout.com/checkout/spurchase?sid=1689498&product_id=2&quantity=1', $message);
}

最终修订代码(根据现在在 controller.php 中建议的修改)

   function register_save()
  {
    global $mainframe;

    // Check for request forgeries
    JRequest::checkToken() or jexit( 'Invalid Token' );

    session_start();
        $post = JRequest::get( 'post' );
        if(($_SESSION['security_code'] == $post['security_code']) && (!empty($_SESSION['security_code'])) ) 
        {
        $newUsertype = $usersConfig->get( 'new_usertype' );
        if (!$newUsertype) 
            {
            $newUsertype = 'Registered'; 
            }
        unset($_SESSION['security_code']);
        } 


        if($_SESSION['security_code'] != $post['security_code'] || $post['security_code']=="")
        {
            JError::raiseWarning('', JText::_( $user->getError()));
            $this->register();
            return false;
        }

    // Get required system objects
    $user       = clone(JFactory::getUser());
    $pathway    =& $mainframe->getPathway();
    $config     =& JFactory::getConfig();
    $authorize  =& JFactory::getACL();
    $document   =& JFactory::getDocument();

    // If user registration is not allowed, show 403 not authorized.
    $usersConfig = &JComponentHelper::getParams( 'com_users' );
    if ($usersConfig->get('allowUserRegistration') == '0') {
        JError::raiseError( 403, JText::_( 'Access Forbidden' ));
        return;
    }

    // Initialize new usertype setting
    $newUsertype = $usersConfig->get( 'new_usertype' );
    if (!$newUsertype) {
        $newUsertype = 'Registered';
    }

    // Set some initial user values
    $user->set('id', 0);
    $user->set('usertype', $newUsertype);
    $user->set('gid', $authorize->get_group_id( '', $newUsertype, 'ARO' ));

    $date =& JFactory::getDate();
    $user->set('registerDate', $date->toMySQL());

    // If user activation is turned on, we need to set the activation information
    $useractivation = $usersConfig->get( 'useractivation' );
    if ($useractivation == '1')
    {
        jimport('joomla.user.helper');
        $user->set('activation', JUtility::getHash( JUserHelper::genRandomPassword()) );
        $user->set('block', '1');
    }

    // If there was an error with registration, set the message and display form
    if ( !$user->save() )
    {
        JError::raiseWarning('', JText::_( $user->getError()));
        $this->register();
        return false;
    }

    // Send registration confirmation mail
    $password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
    $password = preg_replace('/[\x00-\x1F\x7F]/', '', $password); //Disallow control chars in the email
    UserController::_sendMail($user, $password);

    // Everything went fine, set relevant message depending upon user activation state and display message
    if ( $useractivation == 1 ) {
        $message  = JText::_( 'REG_COMPLETE_ACTIVATE' );
    } else {
        $message = JText::_( 'REG_COMPLETE' );
    }

    $this->setRedirect('https://www.2checkout.com/checkout/spurchase?sid=1689498&product_id=2&quantity=1', $message);
}
4

1 回答 1

1

以下行使用$post代替$_POST

if($_SESSION['security_code'] != $post['security_code'] || $post['security_code']=="")

如果满足条件,随后的代码会引发错误(假设它是您收到的错误)。尝试更新使用$_POST,它应该修复它:

if($_SESSION['security_code'] != $_POST['security_code'] || $_POST['security_code']=="")

代码块中有几个地方会引发错误 - 这只是可能触发的众多地方之一。如果您发布特定错误,则可能更容易诊断(如果这实际上不能解决问题)。

于 2012-09-09T20:27:02.283 回答