1. 首頁
  2. 問答
  3. Zend框架的登錄表單

Zend框架的登錄表單

2013-01-08 92 views
0

我有一個日誌的形式,檢查通過數據庫的用戶電子郵件地址和密碼,如果匹配,它允許用戶登錄。問題是,它會檢查數據庫匹配任何密碼的電子郵件或與數據庫中任何電子郵件相匹配的密碼。我希望它檢查這個特定的用戶電子郵件以匹配他的密碼,不匹配數據庫中存在的任何密碼。Zend框架的登錄表單

這裏是我的控制器,我認爲我沒有錯:

$loginForm = new Application_Form_UserLogin(); 
if ($this->getRequest()->isPost('loginForm')) 
    { 
     $email_adrress = $this->getRequest()->getParam('email_address'); 
     $password = $this->getRequest()->getParam('password'); 

     /************ Login Form ************/ 
     if ($loginForm->isValid($this->getRequest()->getParams())) 
     { 
      $user = $this->_helper->model('Users')->createRow($loginForm->getValues()); 
      $user = $this->_helper->model('Users')->fetchRowByFields(array('email' => $email_adrress, 'hash' => $password)); 

      if($user) 
      { 
       Zend_Session::rememberMe(86400 * 14); 
       Zend_Auth::getInstance()->getStorage()->write($user); 
       $this->getHelper('redirector')->gotoRoute(array(), 'invite'); 
       return; 
      } 
      else { 
      }    
     } 
    }$this->view->loginForm = $loginForm;

我的形式:

class Application_Form_UserLogin extends Zend_Form 
{ 
public $email, $password, $submit; 

public function init() 
{  
    $this->setName('loginForm');   

    $EmailExists = new Zend_Validate_Db_RecordExists(
      array(
       'table' => 'users', 
       'field' => 'email' 
      ) 
     ); 

    //$EmailExists->setMessage('Invalid email address, please try again. *'); 

    $PasswordExists = new Zend_Validate_Db_RecordExists(
      array(
       'table' => 'users', 
       'field' => 'hash' 
      ) 
     ); 

    $PasswordExists->setMessage('Invalid password, please try again. *'); 

    $this->email = $this->createElement('text', 'email_address') 
        ->setLabel('Email') 
        ->addValidator($EmailExists) 
        ->addValidator('EmailAddress') 
        ->setRequired(true); 

    $this->password = $this->createElement('text', 'password') 
        ->setLabel('Password') 
        ->addValidator($PasswordExists) 
        ->setRequired(true); 


    $this->submitButton = $this->createElement('button', 'btn_login') 
          ->setLabel('Login') 
          ->setAttrib('type', 'submit'); 

    $this->addElements(array($this->email, $this->password, $this->submit)); 

    $elementDecorators = array(
     'ViewHelper' 
    ); 
    $this->setElementDecorators($elementDecorators); 
}

}

來源

2013-01-08 Yafa Su

回答

0

我不會添加此登錄處理爲對元件中的一個的驗證器。相反,我會創建一個Zend_Auth身份驗證適配器,並將您的用戶模型,電子郵件和密碼作爲構造函數參數。然後,在控制器中,撥打Zend_Auth::authenticate($adapter)

喜歡的東西:

class Application_Model_AuthAdapter implements Zend_Auth_Adapter_Interface 
{ 
    protected $userModel; 
    protected $email; 
    protected $pass; 

    public function __construct($userModel, $email, $pass) 
    { 
     $this->userModel = $userModel; 
     $this->email = $email; 
     $this->pass = $pass; 
    } 

    public function authenticate() 
    { 
     $user = $this->userModel->getByEmailAndPassword($this->email, $this->pass); 
     if ($user){ 
      return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $user); 
     } else { 
      return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null); 
     } 
    } 
}

然後在你的控制器:

public function loginAction() 
{ 
    $form = new Application_Form_UserLogin(); 
    if ($this->_request->isPost()) { 
     if ($form->isValid($this->_request->getPost())) { 
      $data = $form->getValues(); 
      $email = $data['email']; 
      $pass = $data['pass']; 
      $userModel = $this->_helper->model('Users'); 
      $authAdapter = new Application_Model_AuthAdapter($userModel, $email, $pass); 
      $result = Zend_Auth::getInstance()->authenticate($adapter); 
      if ($result->isValid()){ 
       // $user= $result->getIdentity(). Use it how you like. 
       // Redirect someplace 
      } else { 
       $this->view->error = 'Invalid login'; 
      } 
     } 
    } 
    $this->view->form = $form; 
}

詳情請參閱Zend_Auth reference

來源

2013-01-08 21:04:28

+0

哦,謝謝我會試試看。我正在使用Zend_Validate_Db_RecordExists來驗證登錄... –

0

我不熟悉你想的方式做到這一點。您自己編寫的fetchRowByFields方法是?如果是這樣,很難在沒有看到代碼的情況下幫助你。

你有沒有考慮使用Zend框架所提供的機制來對數據庫進行認證?

Zend框架的官方手冊中包含關於如何實現身份驗證的簡短的教程: http://framework.zend.com/manual/1.12/en/learning.multiuser.authentication.html

您使用的適配器Zend_Auth類,做你想做什麼。

來源

2013-01-08 20:32:35

+0

是啊,也許你真的 - fetchrowbyfields,它看起來對整個數據庫,而不是特定的。 –

相關問題

 相關問題