Mah*_*kia 7 php authentication user-management yii
我正在使用Yii作为应用程序,我正在编写一个非常简单的用户管理,如注册,删除和更新用户......为了更新现有用户,我需要先检查旧密码,然后再将其更改为新插入的密码.所以这里是我在表单中的字段:
username:----
old_password:---
new_password:---
我的用户表看起来像这样:
id, username, password
如何在使用new_password更新之前验证old_password?我知道通常的PHP编码,但我想知道是否有任何Yii技巧自动执行此操作...
提前致谢
emi*_*mix 10
你不应该用垃圾污染你的模型.请始终牢记这些基本的MVC原则:
始终创建可重复使用的代码,使您的代码"干"(不要重复自己)
顺便说一句,用户名字段的目的是什么?由于表单仅对已登录用户可用,因此可以使用Yii :: app() - > user访问用户名.
<?php
// models/ChangePasswordForm.php
class ChangePasswordForm extends CFormModel
{
/**
* @var string
*/
public $currentPassword;
/**
* @var string
*/
public $newPassword;
/**
* @var string
*/
public $newPasswordRepeat;
/**
* Validation rules for this form.
*
* @return array
*/
public function rules()
{
return array(
array('currentPassword, newPassword, newPasswordRepeat', 'required'),
array('currentPassword', 'validateCurrentPassword', 'message'=>'This is not your password.'),
array('newPassword', 'compare', 'compareAttribute'=>'validateNewPassword'),
array('newPassword', 'match', 'pattern'=>'/^[a-z0-9_\-]{5,}/i', 'message'=>'Your password does not meet our password complexity policy.'),
);
}
/**
* I don't know your hashing policy, so I assume it's simple MD5 hashing method.
*
* @return string Hashed password
*/
protected function createPasswordHash($password)
{
return md5($password);
}
/**
* I don't know how you access user's password as well.
*
* @return string
*/
protected function getUserPassword()
{
return Yii::app()->user->password;
}
/**
* Saves the new password.
*/
public function saveNewPassword()
{
$user = UserModel::findByPk(Yii::app()->user->username);
$user->password = $this->createPasswordHash($this->newPassword);
$user->update();
}
/**
* Validates current password.
*
* @return bool Is password valid
*/
public function validateCurrentPassword()
{
return $this->createPasswordHash($this->currentPassword) == $this->getUserPassword();
}
}
示例控制器动作:
public function actionChangePassword()
{
$model=new ChangePasswordForm();
if (isset($_POST['ChangePasswordForm'])) {
$model->setAttributes($_POST['ChangePasswordForm']);
if ($model->validate()) {
$model->save();
// you can redirect here
}
}
$this->render('changePasswordTemplate', array('model'=>$model));
}
示例模板代码:
<?php echo CHtml::errorSummary($model); ?>
<div class="row">
<?php echo CHtml::activeLabel($model,'currentPassword'); ?>
<?php echo CHtml::activePasswordField($model,'currentPassword') ?>
</div>
<div class="row">
<?php echo CHtml::activeLabel($model,'newPassword'); ?>
<?php echo CHtml::activePasswordField($model,'newPassword') ?>
</div>
<div class="row">
<?php echo CHtml::activeLabel($model,'newPasswordRepeat'); ?>
<?php echo CHtml::activePasswordField($model,'newPasswordRepeat') ?>
</div>
<div class="row submit">
<?php echo CHtml::submitButton('Change password'); ?>
</div>
<?php echo CHtml::endForm(); ?>
</div><!-- form -->
模板应该足够容易创建.这段代码经过一些小的调整,可以复制并粘贴到另一个Yii项目中.
它简单地创建一个action具有更新传递逻辑的。
在这种情况下,将目标定为formnew 并按照您想要的方式进行。actionactionChangePassvalidate
一个粗略的例子可以这样写
public function actionChangePass($id)
{
$user = loadModel($id)
if(md5($_POST['User']['old_password']) === $user->password)
{
$user->setScenario('changePassword');
$user->attributes = $_POST['User'];
$user->password = md5($_POST['User']['new_password']);
if($user->save())
Yii::app()->user->setFlash('passChanged', 'Your password has been changed <strong>successfully</strong>.');
}
else
{
Yii::app()->user->setFlash('passChangeError', 'Your password was not changed because it did not matched the <strong>old password</strong>.');
}
}
还要确保您的 user 中有 $old_password User Model。您还可以在模型规则中进行一些验证,以使需要新密码
也可以有一些不同的方法,但我这样做
还可以创建您的自定义验证scenario changePassword
| 归档时间: |
|
| 查看次数: |
11861 次 |
| 最近记录: |