0

In yii i am creating login module. I want to give access to users only if username and passwords are correct and need to store this user's id into 'Success' table. But when only username is correct and password is wrong,i want to store that user's id into 'attempt' table in order to give only 3 chance to him for entering correct password. But when i am implementing this,when password is wrong entry doesnt get enterd into attempt table. i had created ActionLogin() method as-

public function actionLogin()
{
    $model=new LoginForm;
    $command = Yii::app()->db->createCommand();

    // if it is ajax validation request
    if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
    {
        echo CActiveForm::validate($model);
        Yii::app()->end();
    }

    // collect user input data
    if(isset($_POST['LoginForm']))
    {
         $model->attributes=$_POST['LoginForm'];
         // validate user input and redirect to the previous page if valid
         if ($model->validate()) 
         {
            if($model->login()) {
                      $command->insert('attempt', array(
                      'id'=>Yii::app()->user->getId(),
                       ));
                      $this->redirect(Yii::app()->user->returnUrl);
             }  
            if(!$model->login())
            {            
            $command->insert('attempt', array(
            'id'=>Yii::app()->user->getId(),
                   ));
             } 
            }
     }

    // display the login form
    $this->render('login',array('model'=>$model));
}

What changes i need to do in order to make entry of user's id into attempt table when password is wrong. Please help me.

4

1 回答 1

0

如评论中所述:

访问基于 Yii 的网站的用户没有分配用户 ID,只有登录用户分配了用户 ID(这是有道理的......)。

最好的方法是对登录尝试进行基于 IP 的检查。您可以通过以下代码检索用户的 IP:

Yii::app()->request->userHostAddress

这个答案也归功于@Stu 和@Nikos-Tsirakis

于 2012-11-21T16:22:42.023 回答