我想通过数据库进行用户身份验证。我用一些字段创建了 db User 并插入了一些记录。username=admin, password=admin; username=demo, password=demo. 现在我已经应用 giiUser从我的表中制作了一个模型“”,将模型保存在模型和组件文件夹中。在UserIdentity.php我进行模型检索时,转储显示检索到的对象为NULL!有趣的是,我在我的自定义控制器中进行了相同的检索,而且效果很好!
public function authenticate()
{
/* $users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
); */
$users = User::model()->findByAttributes(array('username'=>$this->username));
var_dump($users);
// $username=strtolower($this->username);
// $users=User::model()->find('LOWER(username)=?',array($username));
if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
elseif($users[$this->username]->password !== $this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode;
}
怎么了,我需要在 main.php 属性“用户”配置中提及这个用户模型/组件吗?如何?此外,User 类显然扩展了 CActiveRecord,而不是 CWebUser。正常吗?
class User extends CActiveRecord
{
public static function model($className=__CLASS__)
{
return parent::model($className);
}
/**
* @return string the associated database table name
*/
public function tableName()
{
return 'user';
}
/**
* @return array validation rules for model attributes.
*/
public function rules()
{
// NOTE: you should only define rules for those attributes that
// will receive user inputs.
return array(
array('username, password, created', 'required'),
array('role, ban', 'numerical', 'integerOnly'=>true),
array('username, password', 'length', 'max'=>255),
// The following rule is used by search().
// Please remove those attributes that should not be searched.
array('id, username, password, created, role, ban', 'safe', 'on'=>'search'),
);
}
public function relations()
{
// NOTE: you may need to adjust the relation name and the related
// class name for the relations automatically generated below.
return array(
);
}
public function attributeLabels()
{
return array(
'id' => 'ID',
'username' => 'Name',
'password' => 'Password',
'created' => 'Created',
'role' => 'Role',
'ban' => 'Ban',
);
}
public function search()
{
// Warning: Please modify the following code to remove attributes that
// should not be searched.
$criteria=new CDbCriteria;
$criteria->compare('id',$this->id);
$criteria->compare('username',$this->username,true);
$criteria->compare('password',$this->password,true);
$criteria->compare('created',$this->created,true);
$criteria->compare('role',$this->role);
$criteria->compare('ban',$this->ban);
return new CActiveDataProvider($this, array(
'criteria'=>$criteria,
));
}
问题是,当我尝试使用这种 db plugging(确保没有转储行)登录时,我总是得到Incorrect username or password。
登录表单.php:
private $_identity;
public function rules()
{
return array(
// username and password are required
array('username, password', 'required'),
// rememberMe needs to be a boolean
array('rememberMe', 'boolean'),
// password needs to be authenticated
array('password', 'authenticate'),
);
}
public function attributeLabels()
{
return array(
'rememberMe'=>'Remember me next time',
);
}
public function authenticate($attribute,$params)
{
if(!$this->hasErrors())
{
$this->_identity=new UserIdentity($this->username,$this->password);
if(!$this->_identity->authenticate())
$this->addError('password','Incorrect username or password.');
}
}
public function login()
{
if($this->_identity===null)
{
$this->_identity=new UserIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
{
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else
return false;
}
}
这是另一个控制器中用于从模型中转储“管理员”记录的代码User:
$username = 'admin';
$users = User::model()->findByAttributes(array('username'=>$username));
foreach ($users->attributes as $key=>$value){
echo $key . ' => '. $value. '</br>';
}
Yii::app()->end();
结果非常好:
id => 1
username => admin
password => admin
created => 2013-08-16 00:00:00
role => 1
ban => 0