我无法在会话中正确保存用户详细信息
I cant get user details to save properly in a session
我正在尝试创建一个聊天框,在登录并保存到数据库后,无法在会话中正确保存user_id。
这是登录功能
public function login() {
$this->form_validation->set_rules('email', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE) {
// return main page if submitted form is invalid.
$this->load->view('abt_login');
} else {
$this->load->model('abt_db');
$q = $this->abt_db->check_login(
$this->input->post('email'), $this->input->post('password')
);
if ($q) {
redirect('index.php/abovetheblues/abt_abovetheblues');
$this->abt->set_session();
} else {
$this->show_login(true);
}
}
}
这是我的Javascript代码
$(document).ready(function(){
$("a#submit").click(function(){
var chat_message_content = $("input#chat").val();
if(chat_message_content == ""){
return false;
}
$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
chat_message_content : chat_message_content,
user_id : user_id
},
function(data){
alert(data);
},"json");
return false;
});
return false;
});
这是我的控制器
function add_chat_messages() {
// Grab the $chat_message_content, $user_id
$user_id = $this->input->post($this->session->userdata("user_id"));
$chat_message_content = $this->input->post('chat_message_content');
$this->abt_db->add_chat_message($user_id, $chat_message_content);
}
这是我的型号
function check_login($email, $password) {
$this->load->database();
// Query to retrieve the user's details
// based on the received username and password
$this->db->from('user');
$this->db->where('email', $email);
$this->db->where('password', $password);
$q = $this->db->get()->result();
// The results of the query are stored in $q.
// If a value exists, then the user account exists and is validated
if (is_array($q) && count($q) == 1) {
// Set the users details into the $details property of this class
$this->details = $q[0];
// Call set_session to set the user's session
$this->set_session();
return true;
}
return false;
}
function set_session() {
// session->set_userdata is a CodeIgniter function that
// stores data in a cookie in the user's browser. Some of the values are built in
// to CodeIgniter, others are added (like the user_id).
$this->session->set_userdata(array(
'user_id' => $this->details->user_id,
'email' => $this->details->email,
'username' => $this->details->username,
'isLoggedIn' => true
)
);
}
function add_chat_message($user_id, $chat_message_content) {
$query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
$this->db->query($query_str, array($user_id, $chat_message_content));
}
我的浏览页面
<script type="text/javascript">
var user_id = "<?php echo $this->session->userdata("user_id"); ?>";
var base_url = "<?php echo base_url();?>";
</script>
<!--loads the header-->
<?php $this->load->view('abt-header'); ?>
<!--this is the login page-->
<div data-role="page" id="Abt-chat" data-add-back-btn="true">
<div data-role="header" data-position="fixed">
<h1>Peer Chat</h1>
</div>
<div data-role="content">
<div data-role="fieldcontain">
<div id="chat_viewport"></div>
<p>
<label>Input Chat: </label>
<input name="chat" id="chat" type="text" value=""/>
</p>
<p>
<?php echo anchor('#', 'Send Chat', array('title' => 'Send Chat', 'id' => 'submit')); ?>
</p>
</div>
<?php echo form_close(); ?>
</div>
</div>
如果user_id已经在会话中定义,则无需每次通过javascript发送它,也无需在页面中定义为javascript变量。
在控制器中,你必须给出通过javascript传递的变量名,但你调用的是会话数据,它会给你id,而不是变量名
$user_id = $this->input->post($this->session->userdata("user_id")); // wrong
$user_id = $this->input->post("user_id"); // right
$user_id = $this->session->userdata("user_id"); // this way without pass through javascript
您的代码中有几个错误:
我从您的模型开始:
这里最重要的问题是:您不应该将用户的密码存储在数据库中,这是一种非常糟糕的做法,请使用带有BLOWFISH哈希类型的PHP crypt函数来加密密码,然后将加密版本保存在数据库中。有几个哈希库可用,比如PHPASS,你可能想考虑一下。
仔细查看里面的评论:
function check_login($email, $password)
{
$this->load->database();
$this->db->from('user')
->where('email', $email)
->where('password', $password); // <-- Check the encryped password
$q = $this->db->get();
if ($q->num_rows() == 1) {
// Set the users details into the $details property of this class
$this->details = $q->first_row();
// Call set_session to set the user's session
$this->set_session();
return TRUE;
}
return FALSE;
}
function set_session()
{
$this->session->set_userdata(array(
'user_id' => $this->details->user_id,
'email' => $this->details->email,
'username' => $this->details->username/*,
// You don't need to store this in session
// If user is logged-in, his/her user_id would be in session
// you can easily check whether user is logged-in or not
// by looking for user_id in session.
'isLoggedIn' => true*/
));
}
function add_chat_message($user_id, $chat_message_content)
{
// You are binding two parameter to SQL query,
// But the following query has three question mark.
// $query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?,?)";
$query_str = "INSERT INTO chat_message(user_id, chat_message_content) VALUES (?,?)";
$this->db->query($query_str, array($user_id, $chat_message_content));
}
回到你的login()函数,行是在redirect()之后不会执行:
redirect('index.php/abovetheblues/abt_abovetheblues');
// $this->abt->set_session(); <-- This is not necessary
在Controller/add_chat_messages方法中,使用$this->input->post($this->session->userdata("user_id")是错误的。
如果用户必须登录网站,则无需通过POST请求传递用户的id。只需从会话中阅读:
function add_chat_messages()
{
// The following statement is wrong!
//$user_id = $this->input->post($this->session->userdata("user_id"));
$user_id = $this->session->userdata("user_id");
$chat_message_content = $this->input->post('chat_message_content');
$this->abt_db->add_chat_message($user_id, $chat_message_content);
}
最后,在客户端,JavaScript部分:
您不需要将用户的id发送到服务器,因为这些用户可以访问已经登录的聊天页面:
$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
chat_message_content : chat_message_content/*,
user_id : user_id*/ // <-- This is not necessary
}, function(data) {
alert(data);
},"json");
希望它有意义。
更新#1:
在使用session之前,请确保已加载Session库。
打开config/autoload.php文件并将session添加到自动加载库:
$autoload['libraries'] = array('database', 'session');
更新#2:
将型号中的check_login和set_session函数更改为:
function check_login($email, $password)
{
$this->load->database();
$this->db->from('user')
->where('email', $email)
->where('password', $password);
$q = $this->db->get();
if ($q->num_rows() == 1) {
// Return the users details
return $q->first_row('array');
}
return FALSE;
}
function set_session($details)
{
$this->session->set_userdata(array(
'user_id' => $details['user_id'],
'email' => $details['email'],
'username' => $details['username']
));
}
在控制器中:
if ($q) {
$this->abt_db->set_session($q);
redirect('index.php/abovetheblues/abt_abovetheblues');
} else {
$this->show_login(true);
}
最后,在JS文件中,从$.post方法中删除json dataType。
还有一点,abovetheblues/add_chat_messages方法不向输出发送任何内容(不回显任何内容),因此返回的data为空:
$.post(base_url + "index.php/abovetheblues/add_chat_messages", {
chat_message_content : chat_message_content/*,
user_id : user_id*/
}, function(data){
// data would be empty
alert(data);
});
相关文章:
- Amd,希望确保某个东西总是最后执行
- 如何将getJson的响应保存在全局变量中
- 按下按钮时保存cookie
- 如何使用 Angular JS 将数据保存在数据库中
- 子字符串/正则表达式以获取字符串中保存的 SRC 值
- HTML5在画布中加载较小的图像并保存实际大小的图像
- 是否可以在浏览器中使用纯JavaScript保存音频流
- 如何将多个画布保存为一个图像
- PHP:显示sqlite数据库中的html格式数据,使用tinymce保存
- 如何将乳胶配方奶粉图像保存到Asp.net中的文件夹中
- 保存数组javascript
- 保存串行端口列表与流星
- 将JavaScript变量保存到Rails模型
- 我如何才能确保计时器设置为每天4点半,所以我不会;不用在Javascript中提及某个日期
- Java脚本将URL转换为已保存的URL时出错
- 如何自动保存动态生成的HTML SVG元素
- Javascript/jQuery压缩一个图像正确的评论帖子,并使用Ajax Laravel 5.2保存到控制器中
- 将JQuery Handontable保存到服务器上的excel文件中
- NodeJS expressJS使用multer和passport将文件上传并保存到MongoDB
- 如何确保在 Mocha 中的 done() 之前执行对数据库的循环保存
