CakePHP v2.6 和 BotDetect 验证码
CakePHP v2.6 and BotDetect Captcha
我在 CakePHP 2.6 应用程序中使用 BotDetect Captcha,并按照此页面上的说明实施了它:
How To Add BotDetect Protection To CakePHP 2.6 Applications
验证码在我需要它的 controller/view 上运行良好。
但是,它似乎以某种方式干扰了同一控制器使用的标准登录过程。
这是我的 header 加载 BotDetect 组件的控制器:
public $components = array('RequestHandler','Epd','BotDetect.Captcha' => array(
'CaptchaId' => 'EpdCaptcha',
'UserInputId' => 'CaptchaCode'));
这是我的登录函数:
public function login() {
$this->layout='login';
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirectUrl());
}
else
{
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
这是我的 AppController.php:
class AppController extends Controller {
public $components = array(
'Auth' => array(
'loginRedirect' => array(
'controller' => 'users',
'action' => 'selectorg'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authenticate' => array(
'Form' => array(
)
)
),
'Session'
);}
现在,当我登录应用程序时,身份验证组件未授权登录,它只是弹回登录屏幕。但是当我删除 BotDetect 组件时,登录工作正常。我已经尝试更改加载组件的顺序以查看是否有任何不同......但无济于事。
有什么建议吗?
这是一个在 cakephp 2.6 中集成 BotDetect Captcha 组件的示例,它对我来说工作正常。
控制器:UsersController.php:
<?php
App::uses('AppController', 'Controller');
class UsersController extends AppController {
public $components = array(
'RequestHandler',
'BotDetect.Captcha' => array(
'CaptchaId' => 'EpdCaptcha',
'UserInputId' => 'CaptchaCode'
)
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('logout');
$this->Security->validatePost = false;
}
public function selectorg() {
echo 'selectorg';
$this->autoRender = false;
}
public function login() {
$this->set('captchaHtml', $this->Captcha->Html());
if ($this->request->is('post')) {
$isHuman = $this->Captcha->Validate($this->request->data['User']['CaptchaCode']);
unset($this->request->data['User']['CaptchaCode']);
if ($isHuman && $this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
} else {
if (!$isHuman) {
$this->Session->setFlash(__('CAPTCHA validation failed, try again.'));
} else {
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
}
}
public function logout() {
return $this->redirect($this->Auth->logout());
}
}
控制器:AppController.php:
class AppController extends Controller {
public $components = array(
'Security',
'Session',
'Auth' => array(
'loginRedirect' => array(
'controller' => 'users',
'action' => 'selectorg'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authenticate' => array('Form' => array('passwordHasher' => 'Blowfish'))
)
);
}
查看:login.ctp
<?php
echo $this->Html->css(CaptchaUrls::LayoutStylesheetUrl(), array('inline' => false));
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Html->div('captcha', $captchaHtml, false);
// Captcha code user input textbox
echo $this->Form->input('CaptchaCode', array(
'label' => 'Retype the characters from the picture:',
'maxlength' => '10',
'style' => 'width: 300px;'
)
);
echo $this->Form->end('Submit');
?>
型号:User.php
<?php
App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
class User extends AppModel {
public $name = 'User';
public $validate = array(
'username' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Please enter your username'
),
'unique' => array(
'rule' => 'isUnique',
'message' => 'Username already exists'
)
),
'password' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Please enter your password'
)
)
);
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['password'] = $passwordHasher->hash(
$this->data[$this->alias]['password']
);
}
return true;
}
}
我在 CakePHP 2.6 应用程序中使用 BotDetect Captcha,并按照此页面上的说明实施了它:
How To Add BotDetect Protection To CakePHP 2.6 Applications
验证码在我需要它的 controller/view 上运行良好。
但是,它似乎以某种方式干扰了同一控制器使用的标准登录过程。
这是我的 header 加载 BotDetect 组件的控制器:
public $components = array('RequestHandler','Epd','BotDetect.Captcha' => array(
'CaptchaId' => 'EpdCaptcha',
'UserInputId' => 'CaptchaCode'));
这是我的登录函数:
public function login() {
$this->layout='login';
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirectUrl());
}
else
{
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
这是我的 AppController.php:
class AppController extends Controller {
public $components = array(
'Auth' => array(
'loginRedirect' => array(
'controller' => 'users',
'action' => 'selectorg'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authenticate' => array(
'Form' => array(
)
)
),
'Session'
);}
现在,当我登录应用程序时,身份验证组件未授权登录,它只是弹回登录屏幕。但是当我删除 BotDetect 组件时,登录工作正常。我已经尝试更改加载组件的顺序以查看是否有任何不同......但无济于事。
有什么建议吗?
这是一个在 cakephp 2.6 中集成 BotDetect Captcha 组件的示例,它对我来说工作正常。
控制器:UsersController.php:
<?php
App::uses('AppController', 'Controller');
class UsersController extends AppController {
public $components = array(
'RequestHandler',
'BotDetect.Captcha' => array(
'CaptchaId' => 'EpdCaptcha',
'UserInputId' => 'CaptchaCode'
)
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('logout');
$this->Security->validatePost = false;
}
public function selectorg() {
echo 'selectorg';
$this->autoRender = false;
}
public function login() {
$this->set('captchaHtml', $this->Captcha->Html());
if ($this->request->is('post')) {
$isHuman = $this->Captcha->Validate($this->request->data['User']['CaptchaCode']);
unset($this->request->data['User']['CaptchaCode']);
if ($isHuman && $this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
} else {
if (!$isHuman) {
$this->Session->setFlash(__('CAPTCHA validation failed, try again.'));
} else {
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
}
}
public function logout() {
return $this->redirect($this->Auth->logout());
}
}
控制器:AppController.php:
class AppController extends Controller {
public $components = array(
'Security',
'Session',
'Auth' => array(
'loginRedirect' => array(
'controller' => 'users',
'action' => 'selectorg'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authenticate' => array('Form' => array('passwordHasher' => 'Blowfish'))
)
);
}
查看:login.ctp
<?php
echo $this->Html->css(CaptchaUrls::LayoutStylesheetUrl(), array('inline' => false));
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Html->div('captcha', $captchaHtml, false);
// Captcha code user input textbox
echo $this->Form->input('CaptchaCode', array(
'label' => 'Retype the characters from the picture:',
'maxlength' => '10',
'style' => 'width: 300px;'
)
);
echo $this->Form->end('Submit');
?>
型号:User.php
<?php
App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
class User extends AppModel {
public $name = 'User';
public $validate = array(
'username' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Please enter your username'
),
'unique' => array(
'rule' => 'isUnique',
'message' => 'Username already exists'
)
),
'password' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Please enter your password'
)
)
);
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['password'] = $passwordHasher->hash(
$this->data[$this->alias]['password']
);
}
return true;
}
}