1
好吧,當我得到它阻止我的驗證(服務器端PHP)工作。在php註冊中使用獲取令牌
我已經註釋了獲取令牌和我的代碼運行良好,是否有這樣的原因?
代碼
<?php
require_once 'core/init.php';
if(Input::exists()) {
echo 'i have been run';
it works will i comment this line out //if(Token::check(Input::get('token'))) {
$validate = new Validate();
$validation = $validate->check($_POST, array(
'username' => array(
'required' => true,
'min' => 2,
'max' => 20,
'unique' => 'users'
),
'password' => array(
'required' => true,
'min' => 6
),
'password_again' => array(
'required' => true,
'matches' => 'password'
),
'name' => array(
'required' => true,
'min' => 2,
'max' => 50
)
));
if($validation->passed()) {
$user = new User();
$salt = Hash::salt(32);
try {
$user->create(array(
'username' => Input::get('username'),
'password' => Hash::make(Input::get('password'), $salt),
'salt' => $salt,
'name' => Input::get('name'),
'joined' => date('Y-m-d H:i:s'),
'group' => 1
));
Session::flash('home', 'You have been registered and now can log in!');
header('Location: index.php');
} catch(Exception $e) {
die($e->getMessage());
}
} else {
foreach($validation->errors() as $error) {
echo $error, '<br>';
}
}
}
//}
?>
Token.php
<?php
class Token {
public static function generate() {
return Session::put(Config::get('session/token_name'), md5(uniqid()));
}
public static function check($token) {
$tokenName = Config::get('session/token_name');
if(Session::exists($tokenName) && $token === Session::get($tokenName)) {
Session::delete($tokenName);
return true;
}
return false;
}
}
Hash.php
<?php
class Hash {
public static function make($string, $salt = '') {
return hash('sha256', $string . $salt);
}
public static function salt($length) {
return mcrypt_create_iv($length);
}
public static function unique() {
return self::make(uniqid());
}
}
那麼,什麼是'令牌/app/filters.php
你可以像這樣的路線上執行這個過濾器: :檢查(輸入::獲得('令牌')'?這是你自己的類還是它的某種平臺? – putvande
好點@putvande我現在修改我的問題與我的令牌 – Beep
是令牌:: che ck(Input :: get('token'))返回false?如果是的話,你可能想在那裏拋出一些調試,以確保Input :: get('token')和Session :: get($ tokenName)返回你期望他們返回的結果 – KorreyD