1. 首頁
  2. 問答
  3. Yii2中的錯誤請求(#400)嘗試登錄時

Yii2中的錯誤請求(#400)嘗試登錄時

2015-06-23 32 views
4

我收到錯誤的請求(#400)錯誤,我嘗試登錄到系統中。我在本地主機上工作。Yii2中的錯誤請求(#400)嘗試登錄時

主要佈局:

<html lang="<?= Yii::$app->language ?>"> 
    <head> 
     <meta charset="<?= Yii::$app->charset; ?>"> 
     <meta name="viewport" 
       content="width=device-width, initial-scale=1, maximum-scale=1"/> 
     <?= Html::csrfMetaTags(); ?> 
     <title><?= Html::encode($this->title); ?></title> 
     <?php $this->head(); ?> 
    </head> 
    <body></body> 
</html>

視圖(login.php):

<?php 

use yii\helpers\Html; 
use yii\bootstrap\ActiveForm; 

$this->title = 'Login'; 
$this->params['breadcrumbs'][] = $this->title; ?> 

<div class="container w-xxl w-auto-xs"> 
    <a href class="navbar-brand block m-t">OpenXcell Pvt. Ltd.</a> 
    <div class="m-b-lg"> 
     <div class="wrapper text-center"> 
      <strong>Sign in to get in touch</strong> 
     </div> 
     <form action="/advanced/admin/site/login" 
       method="post" 
       name="form" 
       class="form-validation"> 
      <div class="list-group list-group-sm"> 
       <div class="list-group-item"> 
        <input type="text" placeholder="Email" required 
          class="form-control no-border" name="username"> 
       </div> 
       <div class="list-group-item"> 
        <input type="password" placeholder="Password" required 
          class="form-control no-border" name="password"> 
       </div> 
      </div> 
      <button type="submit" class="btn btn-lg btn-primary btn-block"> 
       Log in 
      </button> 
     </form> 
    </div> 
</div>

站點控制器:

<?php namespace backend\controllers; 

use Yii; 
use yii\filters\AccessControl; 
use yii\web\Controller; 
use app\models\LoginForm; 
use yii\filters\VerbFilter; 

class SiteController extends Controller { 
    public function behaviors() { 
     return [ 
      'access' => [ 
       'class' => AccessControl::className(), 
       'rules' => [ 
        [ 
         'actions' => ['login', 'error'], 
         'allow' => true 
        ], 
        [ 
         'actions' => ['logout', 'index'], 
         'allow' => true, 
         'roles' => ['@'] 
        ] 
       ] 
      ], 
      'verbs' => [ 
       'class' => VerbFilter::className(), 
       'actions' => ['logout' => ['post']] 
      ] 
     ]; 
    } 

    public function actions() { 
     return ['error' => ['class' => 'yii\web\ErrorAction']]; 
    } 

    public function actionIndex() { 
     return $this->render('index'); 
    } 

    public function actionLogin() { 
     $model = new LoginForm(); 
     if ($model->load(Yii::$app->request->post()) && $model->login()) { 
      return $this->goBack(); 
     } else { 
      return $this->render('login', ['model' => $model]); 
     } 
    } 

    public function actionLogout() { 
     Yii::$app->user->logout(); 
     return $this->goHome(); 
    } 
}

型號:

<?php namespace app\models; 

use Yii; 
use yii\base\Model; 

class LoginForm extends Model { 
    public $username; 
    public $password; 
    public $rememberMe = true; 
    private $_user = false; 

    public function rules() { 
     return [ 
      [['username', 'password'], 'required'], 
      ['rememberMe', 'boolean'], 
      ['password', 'validatePassword'] 
     ]; 
    } 

    public function validatePassword($attribute, $params) { 
     if (!$this->hasErrors()) { 
      $user = $this->getUser(); 
      if (!$user || !$user->validatePassword($this->password)) { 
       $this->addError($attribute, 'Incorrect username or password.'); 
      } 
     } 
    } 

    public function login() { 
     $duration = $this->rememberMe ? 3600 * 24 * 30 : 0; 
     if ($this->validate()) { 
      return Yii::$app->user->login($this->getUser(), $duration); 
     } else { 
      return false; 
     } 
    } 

    public function getUser() { 
     if ($this->_user === false) { 
      $this->_user = User::findByUsername($this->username); 
     } 
     return $this->_user; 
    } 
}

爲什麼我得到這個錯誤?我的代碼有什麼問題?

來源

2015-06-23 Pathik Vejani

回答

4

Add CSRF token。如果你不希望使用ActiveForm,則顯式添加此令牌(在的ActiveForm的情況下使用,令牌將被自動添加):

<form action="" method="post"> 
    <input type ="hidden" 
      name ="<?php echo Yii::$app->request->csrfParam; ?>" 
      value="<?php echo Yii::$app->request->csrfToken; ?>"> 
</form>

要禁用CSRF驗證整個控制器:

class DemoController extends Controller { 
    public $enableCsrfValidation = false; 
}

要爲某個動作禁用CSRF驗證:

class DemoController extends Controller { 
    public function beforeAction($action) { 
     if (in_array($action->id, ['example'])) { 
      $this->enableCsrfValidation = false; 
     } 
     return parent::beforeAction($action); 
    } 
}

另外,閱讀約security-passwords

來源

2015-06-23 11:35:14 Oleksandr

3

在您添加令牌的情況:

<input type="hidden" 
     name="_csrf" 
     value="<?php echo Yii::$app->request->getCsrfToken() ?>">

而你仍然有這個問題,你需要的HTML標記之前添加:

<?php $this->beginPage() ?>

在html標籤後,你的佈局文件:

<?php $this->endPage() ?>

我終於在與這個問題鬥爭了近一天後終於明白了這一點。

下面是一個簡單的佈局文件:

<?php $this->beginPage() ?> 
<!DOCTYPE html> 
<html lang="<?= Yii::$app->language ?>"> 
    <head> 
     <meta charset="<?= Yii::$app->charset ?>"> 
     <meta name="viewport" content="width=device-width, initial-scale=1"> 
     <?= Html::csrfMetaTags() ?> 
     <title><?= Html::encode($this->title) ?></title> 
     <?php $this->head() ?> 
    </head> 
    <body> 
     <?php $this->beginBody() ?> 
     <?= $content ?> 
     <?php $this->endBody() ?> 
    </body> 
</html> 
<?php $this->endPage() ?>

來源

2016-02-23 20:02:22

-1

只需添加這將解決該問題:

class DemoController extends Controller { 

    public $enableCsrfValidation = false; 

}

希望這對你的作品!

來源

2018-01-04 11:29:33

相關問題

 相關問題