Php 阻止没有[激活具有“true”值]的用户登录
如何防止用户在没有邮件确认的情况下登录? 数据库设置正确。当用户通过单击收到的消息中的链接确认注册时,“确认”值从0(默认)更改为1。当然是布尔类型。我需要“else-if”语句才能工作,但我不知道怎么做。这是我的密码:Php 阻止没有[激活具有“true”值]的用户登录,php,validation,laravel,authentication,controller,Php,Validation,Laravel,Authentication,Controller,如何防止用户在没有邮件确认的情况下登录? 数据库设置正确。当用户通过单击收到的消息中的链接确认注册时,“确认”值从0(默认)更改为1。当然是布尔类型。我需要“else-if”语句才能工作,但我不知道怎么做。这是我的密码: public function postSignin(Request $request) { $this->validate($request, [ 'email' => 'required', 'password' =>
public function postSignin(Request $request)
{
$this->validate($request, [
'email' => 'required',
'password' => 'required'
]);
if (!Auth::attempt($request->only(['email', 'password']),
$request->has('remember')))
{
return redirect()->back()->with(notify()->flash("Ooops..", "error", [
'timer' => 5000,
'text' => 'Could not sign in with those details',
]));
}
else if ((Auth::attempt($request->only(['email', 'password'])))&&('confirmed'===0))
{
return redirect()->back()->with(notify()->flash("Ooops..", "error", [
'timer' => 5000,
'text' => 'Activate your account',
]));
}
else
{
return redirect()->route('home');
}
}
实际上,它显示激活您的帐户消息,但用户已登录!我想阻止登录。无论“已确认”值是真是假,它仍将验证为正常。我很困惑,不要只是很好地阅读你的代码。如果用户确认与否,第一行将始终登录。因此可以将Auth::logut()放在第一个和第二个if条件中(有点像黑客攻击)。将更新我的答案。哦,天哪,我知道了!!非常感谢!!))
public function postSignin(Request $request)
{
$this->validate($request, [
'email' => 'required',
'password' => 'required'
]);
// This line will always log the user **in** if the account is confirmed or not.
if (!Auth::attempt($request->only(['email', 'password']),
$request->has('remember')))
{
return redirect()->back()->with(notify()->flash("Ooops..", "error", [
'timer' => 5000,
'text' => 'Could not sign in with those details',
]));
}
else if (!Auth::attempt(["email"=>$request->input("email"),"password"=>$request->input('password'),"confirmation"=>1])
{
return redirect()->back()->with(notify()->flash("Ooops..", "error", [
'timer' => 5000,
'text' => 'Activate your account',
]));
}
else
{
return redirect()->route('home');
}
}