1
나는 2014 년 12 월 12 일 최신 버전 인 CodeIgniter를 사용하고 있습니다.액세스를 허용하지 않는 패스워드 기능
회사 로그인 포털의 경우 내 웹 사이트에 암호 기능을 쓰려고합니다. 포털은 아직 작성되지 않았으며 단지 기능 만합니다. "invalid password"를 제외한 오류를 표시하고 표시하지 않습니다. 나는 문제가 어디 있는지 전혀 모른다. 따라서 적용 가능한 모든 리소스를 포함합니다.
업데이트! 문제가있는 곳을 찾았으니 이제는 문제를 해결하는 방법을 알아야합니다. 내 모델에서는 MD5를 사용하여 암호를 암호화했습니다. 프로파일 러를 실행하고 암호화 된 암호가 생성되어 데이터베이스 또는 응용 프로그램에서 전송 된 것을 확인한 후이 작업을 수행했습니다. 확실하지 않습니다. 어쨌든 비밀 번호는 나를 통해, 그리고 필요하면 액세스를 거부하자. 암호화는 어떻게 유지합니까?
MODEL ---- ---- Company_user
<?php
class Company_user extends CI_Model {
function login($username, $password){
$this->db->select('company_user_id, username, password');
$this->db->from('company_user');
$this->db->where('username', $username);
$this->db->where('password', MD5($password));
$this->db->limit(1);
$query = $this->db->get();
if($query->num_rows() == 1) {
return $query->result();
} else {
return FALSE;
}
CONTROLLERS ---- ----
로그인
<?php if (! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
function __construct() {
parent::__construct();
}
public function index() {
$this->load->helper(array('form'));
$title = 'ImpactU Online';
$subtitle = 'Company Login Portal';
$subhead = 'Login Below';
$this->load->view('template/header', array(
'title' => $title,
'subtitle' => $subtitle,
'subhead' => $subhead,
));
$attributes = array(
'class' => 'pure-form pure-form-stacked alert alert-info',
);
$this->load->view('login_view', array(
'attributes' => $attributes,
));
$this->load->view('submit');
$this->load->view('template/footer');
}
}
Verfiylogin
<?php
if (!defined('BASEPATH'))
exit('No direct script access allowed');
class Verifylogin extends CI_Controller {
function __construct() {
parent::__construct();
$this->load->model('company_user', '', TRUE);
}
function index() {
//This method will have the credentials validation
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
if ($this->form_validation->run() == FALSE) {
//Field validation failed. User redirected to login page
$title = 'ImpactU Online';
$subtitle = 'Company Login';
$subhead = 'Login Below.';
$attributes = array(
'class' => 'pure-form pure-form-stacked alert alert-info',
);
$this->load->view('template/header', array(
'title' => $title,
'subtitle' => $subtitle,
'subhead' => $subhead,
));
$this->load->view('login_view', array(
'attributes' => $attributes,
));
$this->load->view('submit');
$this->load->view('template/footer');
} else {
//Go to private area
redirect('company_home', 'refresh');
}
}
function check_database($password) {
//Field validation succeeded. Validate against database
$username = $this->input->post('username');
//query the database
$result = $this->company_user->login($username, $password);
if ($result) {
$sess_array = array();
foreach ($result as $row) {
$sess_array = array(
'id' => $row->id,
'username' => $row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
} else {
$this->form_validation->set_message('check_database', 'Invalid username or password');
return false;
}
}
}
Company_home
<?php if (! defined('BASEPATH')) exit('No direct script access allowed');
session_start(); //we need to call PHP's session object to access it through CI
class Company_home extends CI_Controller {
function __construct()
{
parent::__construct();
}
function index()
{
if($this->session->userdata('logged_in'))
{
$session_data = $this->session->userdata('logged_in');
$title = 'ImpactU Online';
$subtitle = 'Welcome To the Company Portal';
$subhead = 'Please Select an Option';
$this->load->view('template/header', array(
'title' => $title,
'subtitle' => $subtitle,
'subhead' => $subhead,
));
$data['username'] = $session_data['username'];
$this->load->view('company_home_view', $data);
$this->load->view('template/footer');
}
else
{
//If no session, redirect to login page
redirect('login', 'refresh');
}
}
function logout()
{
$this->session->unset_userdata('logged_in');
session_destroy();
redirect('company_home', 'refresh');
}
}
---- ---- VIEWS
템플릿/헤더
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/>
<title><?php echo html_escape($title); ?></title>
<link rel="shortcut icon" href="<?php echo base_url("assets/images/favicon.ico"); ?>" type="image/x-icon">
<link rel="icon" href="<?php echo base_url("assets/images/favicon.ico"); ?>" type="image/x-icon">
<link
href="<?php
echo base_url('assets/css/impactU.css');
?>" rel="stylesheet" type="text/css"
/>
<link
href="<?php
echo base_url('assets/font-awesome-4.2.0/css/font-awesome.min.css');
?>" rel="stylesheet" type="text/css"
/>
<link
href="<?php
echo base_url('assets/bootstrap/css/bootstrap.min.css');
?>" rel="stylesheet" type="text/css"
/>
<link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0/pure-min.css">
<link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.5.0/grids-responsive-min.css">
<link
href="<?php
echo base_url('assets/css/side-menu.css');
?>" rel="stylesheet" type="text/css"
/>
<script>
(function (i, s, o, g, r, a, m) {
i['GoogleAnalyticsObject'] = r;
i[r] = i[r] || function() {
(i[r].q = i[r].q || []).push(arguments)
}, i[r].l = 1 * new Date();
a = s.createElement(o),
m = s.getElementsByTagName(o)[0];
a.async = 1;
a.src = g;
m.parentNode.insertBefore(a, m)
})(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga');
ga('create', 'UA-57039794-1', 'auto');
ga('send', 'pageview');
</script>
</head>
<body>
<div id="layout">
<!-- Menu toggle -->
<a href="#menu" id="menuLink" class="menu-link">
<!-- Hamburger icon -->
<span></span>
</a>
<div id="menu">
<div class="pure-menu pure-menu-open">
<a class="pure-menu-heading" href="<?php echo site_url(); ?>">ImpactU</a>
<ul>
<li><a href="<?php echo site_url(); ?>">
<i class="fa fa-home"></i>
Home
</a>
</li>
<li><a href="<?php echo base_url('index.php/blog'); ?>">
<i class="fa fa-rss"></i>
Blog
</a>
</li>
<li><a href="<?php echo base_url('index.php/store'); ?>">
<i class="fa fa-money"></i>
Store
</a>
</li>
<li><a href="<?php echo base_url('index.php/contact'); ?>">
<i class="fa fa-envelope"></i>
Contact
</a>
</li>
<li><a href="<?php echo base_url('index.php/about'); ?>">
<i class="fa fa-exclamation-circle"></i>
About
</a>
</li>
<li class="menu-item-divided"><a href="<?php echo base_url('index.php/login'); ?>">
<i class="fa fa-lock"></i>
Company Login
</a>
</li>
<li class="menu-item-divided"><a href="<?php echo base_url('index.php/paypal'); ?>">
<i class="fa fa-paypal"></i>
Paypal Demo
</a>
</li>
</ul>
</div>
</div>
<div id="main">
<div class="header">
<h1><?php echo html_escape($title); ?></h1>
<h2><?php echo html_escape($subtitle); ?></h2>
</div>
<div class="content">
<h2 class="content-subhead"><?php echo html_escape($subhead); ?></h2>
템플릿/꼬리말
<hr/>
<div class="footer">
<p><i class="fa fa-copyright"></i> 2014 Tyler Lazenby</p>
</div>
</div>
</div>
</div>
<script src="<?php $this->load->helper('url');
echo base_url('assets/js/ui.js'); ?>">
</script>
</body>
</html>
login_view
<?php echo validation_errors(); ?>
<?php echo form_open('c=verifylogin', $attributes); ?>
<div class="pure-g">
<div class="pure-u-1 pure-u-md-1-3">
<label for="username">Username</label>
<input id="username" type="text" name="username" placeholder="username" value="<?php echo set_value('username'); ?>" required/>
</div>
<div class="pure-u-1 pure-u-md-1-3">
<label for = "password">Password</label>
<input id="password" type="password" name="password" required/>
</div>
</div>
<h2 class="content-subhead">Welcome <?php echo $username; ?>!</h2>
<a href="home/logout">Logout</a>
<legend>Click submit when done</legend>
<div>
<button type="submit" class="pure-button pure-button-primary">
<i class="fa fa-thumbs-o-up"></i>
Submit
</button>
</form>
</div>
company_home_view에게 제출
.
나는 이미 잡을 수있는 하나의 오류를 발견했으나 해결책이 아닙니다. "id"는 Verifylogin 컨트롤러의 55 행에있는 "computer_user_id"여야합니다. –