我正在创建一个登录表单,我从文档和其他资源编写了所有内容。当我尝试登录时,我收到Unable to access an error message corresponding to your field name Username.(xss_clean)和Unable to access an error message corresponding to your field name Password.(xss_clean)的错误
我从phpMyAdmin检查了我的数据库,数据库已经存在。我检查了数据库的连接,它也连接了。我检查了表管理员它也在那里并在模型中编码。
你能帮帮我吗,我在这里做错了什么?
调节器
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class LoginCheck extends CI_Controller {
public function __construct(){
parent::__construct();
$this->load->library('form_validation');
$this->load->database();
$this->load->helper('form');
$this->load->helper('url');
$this->load->model('admin');
}
function index() {
//This method will have the credentials validation
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|callback_check_database');
$this->form_validation->set_error_delimiters('<br /><div class="form-error">', '</span>');
if($this->form_validation->run() == FALSE) {
//Field validation failed. User redirected to login page
$this->load->view('index');
}
else {
//Go to private area
echo "Private area";
//redirect('listing', 'refresh');
}
}
function check_database($password) {
//Field validation succeeded. Validate against database
$username = $this->input->post('username');
//query the database
$result = $this->admin->login($username, $password);
//print_r($result);
if($result) {
$sess_array = array();
foreach($result as $row) {
$sess_array = array(
'id' => $row->id,
'username' => $row->username
);
$this->session->set_userdata('logged_in', $sess_array);
}
return TRUE;
}
else {
$this->form_validation->set_message('check_database', 'Invalid username or password');
return false;
}
}
}
?>
视图
<?php
$attributes = array('class' => 'login100-form validate-form flex-sb flex-w');
echo form_open('index.php/logincheck', $attributes);
?>
<span class="login100-form-title p-b-51">
<img src="<?php echo site_url('login_assets/img/logo.png')?>">
</span>
<div class="wrap-input100 validate-input m-b-16" data-validate = "Username is required">
<?php echo form_error('username'); ?>
<input class="input100" type="text" name="username" value="<?php echo set_value('username'); ?>" placeholder="Username">
<span class="focus-input100"></span>
</div>
<div class="wrap-input100 validate-input m-b-16" data-validate = "Password is required">
<?php echo form_error('password'); ?>
<input class="input100" type="password" name="password" value="<?php echo set_value('password'); ?>" placeholder="Password">
<span class="focus-input100"></span>
</div>
<div class="container-login100-form-btn m-t-17">
<?php
$attributes = array('class' => 'login100-form-btn');
echo form_submit('submit', 'Login', $attributes);
?>
</div>
<?php echo form_close(); ?>
您的原始验证规则似乎有一个小错误。在CI中,最终的验证规则不应该是管道|。在这种情况下,管道只应用作分隔符。
尝试更改验证规则以删除尾随管道:
$this->form_validation->set_rules('username', 'Username', 'rule1|rule2|rule3');
$this->form_validation->set_rules('password', 'Password', 'rule1|rule2');
另请注意,您的表单指向LoginCheck类,但它没有指向任何特定的函数/方法。即使它可能默认为index(),表单应该指向特定的类/方法,所以你应该使用
echo form_open('index.php/logincheck/index', $attributes);
最后,您更新的规则包括xss_clean,它已从CI的表单验证库中删除,并且需要加载安全助手。您可以通过在构造中加载安全助手来解决错误,但不要忘记XSS过滤应该在输出上完成,而不是输入(这就是为什么它从表单验证lib中删除)
你可以读一下这最后一部分HERE