2013-02-13 74 views
1

我正在使用帶有codeigniter的Ion認證庫,並創建了登錄,註冊,記住我並忘記了密碼功能(到目前爲止)。Codeigniter:離子認證重置密碼

對於忘記密碼功能,用戶輸入他們的電子郵件地址,然後他們會發送一封電子郵件並附帶鏈接重置密碼。

一個頁面,他們將打開輸入新密碼和確認密碼,當我點擊提交我在我的PHP日誌中出現此錯誤:

PHP Fatal error: Call to undefined method Auth::_valid_csrf_nonce() in /Applications/MAMP/htdocs/Auth/application/controllers/auth.php on line 273 

下載此庫,所以不知道什麼時候我沒有改變任何東西我哪裏錯了?

感謝

這裏是我的代碼,以支持這一點:

驗證控制器:

function _get_csrf_nonce() 
    { 
     $this->load->helper('string'); 
     $key = random_string('alnum', 8); 
     $value = random_string('alnum', 20); 
     $this->session->set_flashdata('csrfkey', $key); 
     $this->session->set_flashdata('csrfvalue', $value); 

     return array($key => $value); 
    } 

    //reset password - final step for forgotten password 
    public function reset_password($code = NULL) 
    { 
     if (!$code) 
     { 
      show_404(); 
     } 

     $user = $this->ion_auth->forgotten_password_check($code); 

     if ($user) 
     { 
      //if the code is valid then display the password reset form 

      $this->form_validation->set_rules('new', 'New Password', 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[new_confirm]'); 
      $this->form_validation->set_rules('new_confirm', 'Confirm New Password', 'required'); 

      if ($this->form_validation->run() == false) 
      { 
       //display the form 

       //set the flash data error message if there is one 
       $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message'); 

       $this->data['min_password_length'] = $this->config->item('min_password_length', 'ion_auth'); 
       $this->data['new_password'] = array(
        'name' => 'new', 
        'id' => 'new', 
       'type' => 'password', 
        'pattern' => '^.{'.$this->data['min_password_length'].'}.*$' 
       ); 
       $this->data['new_password_confirm'] = array(
        'name' => 'new_confirm', 
        'id' => 'new_confirm', 
        'type' => 'password', 
        'pattern' => '^.{'.$this->data['min_password_length'].'}.*$' 
       ); 
       $this->data['user_id'] = array(
        'name' => 'user_id', 
        'id' => 'user_id', 
        'type' => 'hidden', 
        'value' => $user->id 
       ); 
       $this->data['csrf'] = $this->_get_csrf_nonce(); 
       $this->data['code'] = $code; 

       //render 
       $this->_render_page('reset_password', $this->data); 
      } 
      else 
      { 
       // do we have a valid request? 
       if ($this->_valid_csrf_nonce() === FALSE || $user->id != $this->input->post('user_id')) 
       { 

        //something fishy might be up 
        $this->ion_auth->clear_forgotten_password_code($code); 

        show_error('This form post did not pass our security checks.'); 

       }else{ 
        // finally change the password 
        $identity = $user->{$this->config->item('identity', 'ion_auth')}; 

        $change = $this->ion_auth->reset_password($identity, $this->input->post('new')); 

        if ($change) 
        { 
         //if the password was successfully changed 
         $this->session->set_flashdata('message', $this->ion_auth->messages()); 
         $this->logout(); 
        }else{ 
         $this->session->set_flashdata('message', $this->ion_auth->errors()); 
         redirect('reset_password/' . $code, 'refresh'); 
        } 
       } 
      } 
     } 
     else 
     { 
      //if the code is invalid then send them back to the forgot password page 
      $this->session->set_flashdata('message', $this->ion_auth->errors()); 
      redirect("forgot_password", 'refresh'); 
     } 
    } 

忘記密碼模式功能:

/** 
    * Forgotten Password Complete 
    * 
    * @return string 
    * @author Mathew 
    **/ 
    public function forgotten_password_complete($code, $salt=FALSE) 
    { 
     $this->trigger_events('pre_forgotten_password_complete'); 

     if (empty($code)) 
     { 
      $this->trigger_events(array('post_forgotten_password_complete', 'post_forgotten_password_complete_unsuccessful')); 
      return FALSE; 
     } 

     $profile = $this->where('forgotten_password_code', $code)->users()->row(); //pass the code to profile 

     if ($profile) { 

      if ($this->config->item('forgot_password_expiration', 'ion_auth') > 0) { 
       //Make sure it isn't expired 
       $expiration = $this->config->item('forgot_password_expiration', 'ion_auth'); 
       if (time() - $profile->forgotten_password_time > $expiration) { 
        //it has expired 
        $this->set_error('forgot_password_expired'); 
        $this->trigger_events(array('post_forgotten_password_complete', 'post_forgotten_password_complete_unsuccessful')); 
        return FALSE; 
       } 
      } 

      $password = $this->salt(); 

      $data = array(
       'password'    => $this->hash_password($password, $salt), 
       'forgotten_password_code' => NULL, 
       'active'     => 1, 
      ); 

      $this->db->update($this->tables['users'], $data, array('forgotten_password_code' => $code)); 

      $this->trigger_events(array('post_forgotten_password_complete', 'post_forgotten_password_complete_successful')); 
      return $password; 
     } 

     $this->trigger_events(array('post_forgotten_password_complete', 'post_forgotten_password_complete_unsuccessful')); 
     return FALSE; 
    } 

重置密碼查看:

<div id="infoMessage"><?php echo $message;?></div> 

<?php echo form_open('auth/reset_password/' . $code);?> 

    <p> 
     New Password (at least <?php echo $min_password_length;?> characters long): <br /> 
     <?php echo form_input($new_password);?> 
    </p> 

    <p> 
     Confirm New Password: <br /> 
     <?php echo form_input($new_password_confirm);?> 
    </p> 

    <?php echo form_input($user_id);?> 
    <?php echo form_hidden($csrf); ?> 

    <p><?php echo form_submit('submit', 'Change');?></p> 

<?php echo form_close();?> 

回答

0

你有auth文件中有這個方法嗎?

function _valid_csrf_nonce() 
{ 
    if ($this->input->post($this->session->flashdata('csrfkey')) !== FALSE && $this->input->post($this->session->flashdata('csrfkey')) == $this->session->flashdata('csrfvalue')) { 
     return TRUE; 
    } else { 
     return FALSE; 
    } 
} 

如果不是,則添加它。