CakePHP身份验证
[英]CakePHP authentication
问题描述
I'm programming my own CakePHP authentication, is started out using an old script i used on another project. 
我正在编写自己的CakePHP身份验证,它是使用在另一个项目上使用的旧脚本开始的。
This error keeps occuring: 此错误不断发生:
Parse error: syntax error, unexpected T_VARIABLE, expecting T_FUNCTION in /data/sites/web/ismartbe/subsites/cms.ismart.be/app/Controller/UsersController.php on line 10
Can anyone explain my why i keep ketting the error? 谁能解释我为什么一直坚持这个错误? the error must be in this block: 错误必须在以下代码段中:
Parse error: syntax error, unexpected T_VARIABLE, expecting T_FUNCTION in /data/sites/web/ismartbe/subsites/cms.ismart.be/app/Controller/UsersController.php on line 10
On the other hand i would like you're advise, do i need to create a component to get some logic out of my controller or does my controller look fine like it is now? 另一方面,我想向您建议,我是否需要创建一个组件来从控制器中获取一些逻辑,还是我的控制器看起来像现在这样?
Here is my code: 这是我的代码:
class UsersController extends AppController { 类UsersController扩展了AppController {
public function beforeFilter() {
parent::beforeFilter();
}
$this->loadModel('Attempt');
$this->loadModel('Session');
$this->loadModel('Configuration',1);
/**
* Settings to use when Auth needs to do a flash message with SessionComponent::setFlash().
* Available keys are:
*
* - `element` - The element to use, defaults to 'default'.
* - `key` - The key to use, defaults to 'auth'
* - `params` - The array of additional params to use, defaults to array()
*
* @var array
*/
public $flash = array(
'element' => 'default',
'key' => 'authentication',
'params' => array()
);
public function flash($message) {
if ($message === false) {
return;
}
$this->Session->setFlash($message, $this->flash['element'], $this->flash['params'], $this->flash['key']);
}
public function showusers() {
}
public function register()
{
if ($this->request->isPost()) {
if(!$this->Session->check('auth.session'))
{
$username = $this->request->data['User']['username'];
$email = $this->request->data['User']['email'];
$this->request->data['User']['salt'] = $this->Authentication->__CreateSalt($username,$email);
$this->request->data['User']['password'] = crypt($this->request->data['User']['plain_password'],$this->request->data['User']['salt']);
if ($this->User->save($this->request->data)) {
// Set a session flash message and redirect.
$this->Session->setFlash('De registratie is succesvol verlopen. Activeer uw account door de link te volgen die in de activatiemail staat.');
return $this->redirect(
array('controller' => 'users', 'action' => 'login')
);
}
}
else { $this->Session->setFlash('Je bent reeds aangemeld. Als jij niet '.$this->Session->check('auth.username').' bent gelieve dan af te melden.'); }
}
else {
}
}
function login()
{
if ($this->request->isPost()) {
if(!$this->Session->check('auth.session'))
{
$attcount = $this->__getAttempt($_SERVER['REMOTE_ADDR']);
if($attcount >= $this->Configuration->['max_attempts'])
{
flash('Je hebt het maximaal aantal pogingen (5) overschreden, wacht 15 minuten en probeer het opnieuw.');
return false;
}
else
{
$username = $this->request->data['User']['username'];
$password = $this->request->data['User']['password'];
$user_data = $this->User->findbyUsername($username);
$password = crypt($password,$user_data['User']['salt']);
$count = count($user_data['User']);
if($count == 0)
{
// Username and / or password are incorrect
$this->__addAttempt($_SERVER['REMOTE_ADDR']);
$attcount = $attcount + 1;
$remaincount = $this->Configuration->['max_attempts'] - $attcount;
}
elseif (($count == 1) && ($password == $user_data['User']['password']))
{
// Username and password are correct
if($user_data['User']['active'] == "0")
{
// Account is not activated
flash('Je gebruikersaccount is nog niet geactiveerd. Gebruik de activatiemail om het account te valideren');
return false;
}
else
{
// Account is activated
$this->__newSession($username, $user_data['User']['id']);
flash('U bent succesvol aangemeld, welkom!');
return true;
}
}
}
}
else
{
// User is already logged in
flash('U bent reeds aangemeld.');
return false;
}
}
}
private function __newSession($username,$user_id)
{
$hash = md5(microtime());
// Delete all previous sessions :
$this->Session->deleteAll(array('Session.user_id' => $user_id), false);
$ip = $_SERVER['REMOTE_ADDR'];
$expiredate = date("Y-m-d H:i:s", strtotime($this->Configuration->['session_duration']));
$expiretime = strtotime($expiredate);
$this->Session->set(array(
'ip' => $ip,
'user_id' => $user_id,
'expiredate' => $expiretime,
'hash' => $hash,
'hash' => $username
));
$this->Session->save();
$this->Session->write('auth.session', $hash);
}
//create custom salt
public function __CreateSalt($parameter1,$parameter2) {
$parameter1 = md5($parameter1);
$parameter2 = md5($parameter2);
$unique = uniqid();
$salt = $parameter1.$unique.$parameter2;
return $salt;
}
/*
* Adds a new attempt to database based on user's IP
* @param string $ip
*/
private function __addAttempt($ip)
{
$attempts = $this->Attempt->findByIp($ip);
$count = $attempts['Attempt']['count'];
if($count == 0)
{
// No record of this IP in attempts table already exists, create new
$attempt_expiredate = date("Y-m-d H:i:s", strtotime("+15 minutes"));
$attempt_count = 1;
$this->Attempt->set(array(
'ip' => $ip,
'count' => $attempt_count
));
$this->Attempt->save();
}
else
{
// IP Already exists in attempts table, add 1 to current count
$attempt_expiredate = date("Y-m-d H:i:s", strtotime($this->Configuration->['security_duration']));
$attempt_count = $count + 1;
$this->Attempt->read(null, $attempts['Attempt']['id']);
$this->Attempt->set(array(
'ip' => $ip,
'count' => $attempt_count,
'expiredate' => $attempt_expiredate
));
$this->Attempt->save();
}
}
/*
* Provides amount of attempts already in database based on user's IP
* @param string $ip
* @return int $attempt_count
*/
private function __getAttempt($ip)
{
$attempts = $this->Attempt->findByIp($ip);
$attempt_count = $attempts['Attempt']['count'];
return $attempt_count;
}
/*
* Function used to remove expired attempt logs from database (Recommended as Cron Job)
*/
private function __expireAttempt()
{
/*
$query = $this->mysqli->prepare("SELECT ip, expiredate FROM attempts");
$query->bind_result($ip, $expiredate);
$query->execute();
$query->store_result();
$count = $query->num_rows;
$curr_time = strtotime(date("Y-m-d H:i:s"));
if($count != 0)
{
while($query->fetch())
{
$attempt_expiredate = strtotime($expiredate);
if($attempt_expiredate <= $curr_time)
{
$query2 = $this->mysqli->prepare("DELETE FROM attempts WHERE ip = ?");
$query2->bind_param("s", $ip);
$query2->execute();
$query2->close();
}
}
}*/
}
} }
1 个解决方案
解决方案1
0 已采纳 2013-12-30 11:50:08
To give you a fish: In PHP you cannot place function calls outside methods. 给您一条鱼:在PHP中,您不能将函数调用置于方法之外。 So possible fix is (if you want to load the models like this in every controller's action): 因此,可能的解决方法是(如果要在每个控制器的操作中像这样加载模型):
public function beforeFilter() {
parent::beforeFilter();
$this->loadModel('Attempt');
$this->loadModel('Session');
$this->loadModel('Configuration',1);
}
Another and better idea for models where you don't want to preload also the specific row, is to load your models using the cake Controller::$uses property. 对于不想同时预加载特定行的模型,另一个更好的主意是使用cake Controller::$uses属性加载模型。
class UsersController extends AppController {
public $uses = array(
'Attempt',
'Session'
);
}
Better to learn fishing: Visit PHP manual and read more about classes . 更好地学习钓鱼:访问PHP手册并阅读有关类的更多信息。 And cakebook about the controller properties. 以及有关控制器属性的蛋糕 。 Hope it helps 希望能帮助到你
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.