Php zend框架登录表单
我有一个登录表单,通过数据库检查用户电子邮件和密码,如果匹配,它允许用户登录。问题是它会检查与数据库中的任何密码匹配的电子邮件,或者检查与数据库中的任何电子邮件匹配的密码。我希望它检查这个特定的用户电子邮件以匹配他的密码,而不是匹配数据库中存在的任何密码 这是我的控制器,我认为我做错了:Php zend框架登录表单,php,database,zend-framework,login,validation,Php,Database,Zend Framework,Login,Validation,我有一个登录表单,通过数据库检查用户电子邮件和密码,如果匹配,它允许用户登录。问题是它会检查与数据库中的任何密码匹配的电子邮件,或者检查与数据库中的任何电子邮件匹配的密码。我希望它检查这个特定的用户电子邮件以匹配他的密码,而不是匹配数据库中存在的任何密码 这是我的控制器,我认为我做错了: $loginForm = new Application_Form_UserLogin(); if ($this->getRequest()->isPost('loginForm')) {
$loginForm = new Application_Form_UserLogin();
if ($this->getRequest()->isPost('loginForm'))
{
$email_adrress = $this->getRequest()->getParam('email_address');
$password = $this->getRequest()->getParam('password');
/************ Login Form ************/
if ($loginForm->isValid($this->getRequest()->getParams()))
{
$user = $this->_helper->model('Users')->createRow($loginForm->getValues());
$user = $this->_helper->model('Users')->fetchRowByFields(array('email' => $email_adrress, 'hash' => $password));
if($user)
{
Zend_Session::rememberMe(86400 * 14);
Zend_Auth::getInstance()->getStorage()->write($user);
$this->getHelper('redirector')->gotoRoute(array(), 'invite');
return;
}
else {
}
}
}$this->view->loginForm = $loginForm;
我的表格:
class Application_Form_UserLogin extends Zend_Form
{
public $email, $password, $submit;
public function init()
{
$this->setName('loginForm');
$EmailExists = new Zend_Validate_Db_RecordExists(
array(
'table' => 'users',
'field' => 'email'
)
);
//$EmailExists->setMessage('Invalid email address, please try again. *');
$PasswordExists = new Zend_Validate_Db_RecordExists(
array(
'table' => 'users',
'field' => 'hash'
)
);
$PasswordExists->setMessage('Invalid password, please try again. *');
$this->email = $this->createElement('text', 'email_address')
->setLabel('Email')
->addValidator($EmailExists)
->addValidator('EmailAddress')
->setRequired(true);
$this->password = $this->createElement('text', 'password')
->setLabel('Password')
->addValidator($PasswordExists)
->setRequired(true);
$this->submitButton = $this->createElement('button', 'btn_login')
->setLabel('Login')
->setAttrib('type', 'submit');
$this->addElements(array($this->email, $this->password, $this->submit));
$elementDecorators = array(
'ViewHelper'
);
$this->setElementDecorators($elementDecorators);
}
}我不熟悉你的做法。fetchRowByFields方法是您自己编写的吗?如果是这样的话,在没有看到代码的情况下很难帮助您 您是否考虑过使用Zend Framework提供的机制对数据库执行身份验证 Zend Framework官方手册包含一个关于如何实现身份验证的简短教程:
您可以使用Zend_Auth类的适配器来执行您想要的操作。我不会将此登录处理作为验证程序添加到其中一个元素上。相反,我将创建一个
Zend_Auth
身份验证适配器,使用您的用户模型、电子邮件和密码作为构造函数参数。然后,在控制器中,调用Zend\u Auth::authenticate($adapter)
比如:
class Application_Model_AuthAdapter implements Zend_Auth_Adapter_Interface
{
protected $userModel;
protected $email;
protected $pass;
public function __construct($userModel, $email, $pass)
{
$this->userModel = $userModel;
$this->email = $email;
$this->pass = $pass;
}
public function authenticate()
{
$user = $this->userModel->getByEmailAndPassword($this->email, $this->pass);
if ($user){
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $user);
} else {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
}
}
}
然后在控制器中:
public function loginAction()
{
$form = new Application_Form_UserLogin();
if ($this->_request->isPost()) {
if ($form->isValid($this->_request->getPost())) {
$data = $form->getValues();
$email = $data['email'];
$pass = $data['pass'];
$userModel = $this->_helper->model('Users');
$authAdapter = new Application_Model_AuthAdapter($userModel, $email, $pass);
$result = Zend_Auth::getInstance()->authenticate($adapter);
if ($result->isValid()){
// $user= $result->getIdentity(). Use it how you like.
// Redirect someplace
} else {
$this->view->error = 'Invalid login';
}
}
}
$this->view->form = $form;
}
有关更多详细信息,请参阅。是的,可能是您的true-fetchrowbyfields,它正在查找整个数据库,而不是特定的数据库。哦,谢谢,我会尝试一下。我正在使用Zend_Validate_Db_RecordExists验证登录。。。