-1

我正在尝试创建一个聊天框,但在登录并保存在数据库中后,我无法让 user_id 在会话中正确保存。

这是登录功能

public function login() {

    $this->form_validation->set_rules('email', 'Username', 'trim|required|xss_clean');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');

    if ($this->form_validation->run() == FALSE) {

        // return main page if submitted form is invalid.

        $this->load->view('abt_login');
    } else {

        $this->load->model('abt_db');
        $q = $this->abt_db->check_login(
                $this->input->post('email'), $this->input->post('password')
        );
        if ($q) {

            redirect('index.php/abovetheblues/abt_abovetheblues');
            $this->abt->set_session();
        } else {
            $this->show_login(true);
        }
    }
}

这是我的 Javascript 代码

$(document).ready(function(){

    $("a#submit").click(function(){

        var chat_message_content = $("input#chat").val();

        if(chat_message_content == ""){

            return false;
        }

        $.post(base_url + "index.php/abovetheblues/add_chat_messages", {
            chat_message_content : chat_message_content, 
            user_id : user_id
        }, 
        function(data){

            alert(data);
        },"json");


        return false;
    });
    return false;

});

这是我的控制器

function add_chat_messages() {
        // Grab the $chat_message_content, $user_id
        $user_id = $this->input->post($this->session->userdata("user_id"));
        $chat_message_content = $this->input->post('chat_message_content');

        $this->abt_db->add_chat_message($user_id, $chat_message_content);
    }

这是我的模型

function check_login($email, $password) {
    $this->load->database();
    // Query to retrieve the user's details
    // based on the received username and password

    $this->db->from('user');
    $this->db->where('email', $email);
    $this->db->where('password', $password);
    $q = $this->db->get()->result();

    // The results of the query are stored in $q.
    // If a value exists, then the user account exists and is validated

    if (is_array($q) && count($q) == 1) {
        // Set the users details into the $details property of this class
        $this->details = $q[0];
        // Call set_session to set the user's session 
        $this->set_session();
        return true;
    }
    return false;
}


   function set_session() {
        // session->set_userdata is a CodeIgniter function that
        // stores data in a cookie in the user's browser.  Some of the values are built in
        // to CodeIgniter, others are added (like the user_id).  
        $this->session->set_userdata(array(
            'user_id' => $this->details->user_id,
            'email' => $this->details->email,
            'username' => $this->details->username,
            'isLoggedIn' => true
                )
        );
    }


function add_chat_message($user_id, $chat_message_content) {

    $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
    $this->db->query($query_str, array($user_id, $chat_message_content));
}

还有我的查看页面

<script type="text/javascript">

    var user_id = "<?php echo $this->session->userdata("user_id"); ?>";
var base_url = "<?php echo base_url();?>";



</script>

<!--loads the header-->
<?php $this->load->view('abt-header'); ?>
<!--this is the login page-->

<div data-role="page" id="Abt-chat" data-add-back-btn="true">
    <div data-role="header" data-position="fixed">
        <h1>Peer Chat</h1>

    </div>
    <div data-role="content">

        <div data-role="fieldcontain">
            <div id="chat_viewport"></div>

            <p>
                <label>Input Chat: </label>
                <input name="chat" id="chat" type="text" value=""/>

            </p>

            <p>
                <?php echo anchor('#', 'Send Chat', array('title' => 'Send Chat', 'id' => 'submit')); ?>
            </p>  

        </div> 
        <?php echo form_close(); ?>

    </div>

</div>
4

2 回答 2

0

好吧,如果 user_id 已经在会话中定义了,那么就不需要每次都通过你的 javascript 发送它,或者在页面中定义为 javascript 变量。

在控制器中,您必须通过 javascript 提供变量名,但您正在调用会话数据,这将为您提供 id 而不是变量名

$user_id = $this->input->post($this->session->userdata("user_id")); // wrong

$user_id = $this->input->post("user_id"); // right

$user_id = $this->session->userdata("user_id"); // this way without pass through javascript
于 2013-08-13T20:45:15.373 回答
0

您的代码中有几个错误:

我从你的模型开始:

这里最重要的问题是:您不应该将用户的密码存储在数据库中,这是一种非常糟糕的做法,使用散列类型的 PHPcrypt函数BLOWFISH来加密密码,然后将加密版本保存在您的数据库中。您可能需要考虑几个可用的哈希库,例如PHPASS 。

仔细查看里面的评论:

function check_login($email, $password)
{
    $this->load->database();

    $this->db->from('user')
             ->where('email', $email)
             ->where('password', $password); // <-- Check the encryped password

    $q = $this->db->get();

    if ($q->num_rows() == 1) {
        // Set the users details into the $details property of this class
        $this->details = $q->first_row();
         // Call set_session to set the user's session 
        $this->set_session();
        return TRUE;
    }
    return FALSE;
}

function set_session()
{
    $this->session->set_userdata(array(
        'user_id'    => $this->details->user_id,
        'email'      => $this->details->email,
        'username'   => $this->details->username/*,
        // You don't need to store this in session
        // If user is logged-in, his/her user_id would be in session
        // you can easily check whether user is logged-in or not
        // by looking for user_id in session.
        'isLoggedIn' => true*/
    ));
}

function add_chat_message($user_id, $chat_message_content)
{
    // You are binding two parameter to SQL query,
    // But the following query has three question mark.
    // $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
    $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?)";
    $this->db->query($query_str, array($user_id, $chat_message_content));
}

回到你的login()函数,后面的行redirect()不会被执行:

redirect('index.php/abovetheblues/abt_abovetheblues');
// $this->abt->set_session(); <-- This is not necessary

在你的Controller/add_chat_messages方法中,使用$this->input->post($this->session->userdata("user_id")是错误的。

如果用户必须登录网站,则不需要通过用户的idPOST 请求。只需从会话中读取它:

function add_chat_messages()
{
    // The following statement is wrong!
    //$user_id = $this->input->post($this->session->userdata("user_id"));

    $user_id = $this->session->userdata("user_id");
    $chat_message_content = $this->input->post('chat_message_content');

    $this->abt_db->add_chat_message($user_id, $chat_message_content);
}

最后,在客户端,JavaScript 部分:

您不需要将用户 ID 发送到服务器,因为这些用户可以访问已经登录的聊天页面:

$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
    chat_message_content : chat_message_content/*, 
    user_id : user_id*/ // <-- This is not necessary
}, function(data) {
    alert(data);
},"json");

希望这是有道理的。

更新#1:

在使用之前session,请确保Session已加载库。

打开config/autoload.php文件并添加session到自动加载库:

$autoload['libraries'] = array('database', 'session');

更新#2:

将模型中的更改check_loginset_session功能更改为:

function check_login($email, $password)
{
    $this->load->database();

    $this->db->from('user')
             ->where('email', $email)
             ->where('password', $password);

    $q = $this->db->get();

    if ($q->num_rows() == 1) {
        // Return the users details
        return $q->first_row('array');
    }

    return FALSE;
}

function set_session($details)
{
    $this->session->set_userdata(array(
        'user_id'    => $details['user_id'],
        'email'      => $details['email'],
        'username'   => $details['username']
    ));
}

在你的控制器中:

if ($q) {
    $this->abt_db->set_session($q);
    redirect('index.php/abovetheblues/abt_abovetheblues');
} else {
    $this->show_login(true);
}

最后在您的 JS 文件中,删除json dataTypefrom$.post方法。

还有一件事,abovetheblues/add_chat_messages方法不向输出发送任何东西(不回显任何东西),所以返回data的是空的:

$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
    chat_message_content : chat_message_content/*, 
    user_id : user_id*/
}, function(data){
    // data would be empty
    alert(data);
});
于 2013-08-13T21:14:02.177 回答