0

ログインフォームを送信しようとするたびに、送信に25秒以上かかりますが、それでも送信を停止することはありません。どこかに欠けているものがあるのだろうかと思っています。何かがどこかに戻ってくるようなものなのだろうかと思っています。何か案は?

平らでない

public function form_is_valid()
{
    /* Set validation rules for post data */
    $this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean|min_length[6]|max_length[12]|regex_match[/[a-z0-9]/]');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|min_length[6]|max_length[12]|regex_match[/[a-z0-9]/]');
    $this->form_validation->set_rules('remember', 'Remember Me', 'trim|xss_clean|integer');

    /* Form validation passed */
    return $this->form_validation->run();
}

public function is_user_locked($user_data)
{
    if ($user_data->lock_date !== '0000-00-00 00:00:00')
    {
        /* User is locked out */

        if (strtotime(gmdate('Y-m-d H:i:s', time())) < strtotime($user_data->lock_date))
        {
            /* User is still locked out */
            return TRUE;
        }
        else
        {
            /* User is no longer locked out */
            return FALSE;
        }

    }
}

public function check_user_status($user_data)
{
    /* Match user status */
    switch ($user_data->user_status_id) 
    {
        case 1:
            $this->output('Sorry you must verify your account before logging in!', 'Account Unverified', 'Error');
            break;
        case 3:
            $this->output('Your account has been suspended!', 'Account Suspended', 'Error');
            break;
        case 4:
            $this->output('Your account has been suspended!', 'Account Banned', 'Error');
            break;
        case 5:
            $this->output('Your account has been deleted!', 'Account Deleted', 'Error');
            break;
        default:
            return;
    }
}

public function output($message, $title, $status = 'Success') 
{
    switch ($status)
    {
        case 'Error':
            array('status' => 'Error');
            break;
        case 'Notice':
            array('status' => 'Notice');
            break;
        case 'Success':
            array('status' => 'Success');
            break;
    }
    echo json_encode($status, $title, $message);
}

public function start_user_session()
{
    /* Start session with user id and clear previous failed login attempts */
    $this->session->set_userdata('uid', $user_data->user_id);
    $this->session->unset_userdata('failed_logins');
    $this->users_model->insert_session($user_data->user_id, gmdate('Y-m-d H:i:s', time()));
    return;
}

public function submit($post_username = NULL, $post_password = NULL) 
{   
    if (!$this->form_is_valid())
    {   
        echo 'test';
        die();
        $this->output('The form did not validate successfully!', 'Form Not Validated', 'Error');
    }   

    /* Post values from login form */
    $post_username = $this->input->post('username');
    $post_password = $this->input->post('password');

    /* Test to see value of posted login form */
    //echo '<pre>';
    //var_dump($post_username);
    //var_dump($post_password);
    //echo '</pre>';
    //die();

    /* Get user data from post username value */
    $user_data = $this->users_model->get_by('username', $post_username);

    /* Test to see value of $user_data */
    //echo '<pre>';
    //var_dump($user_data);
    //echo '</pre>';
    //die();

    if (count($user_data) == 0)
    {
        /* User was not found in database */
        $this->output('The user was not found in the database!', 'User Not Found', 'Error');
    }

    /* User was found in database */

    if ($this->is_user_locked($user_data->lock_date))
    {
        /* User is locked from logging in from too many failed attempts */
        $this->output('This user account is currently locked!', 'Account Locked', 'Error');    
    }
    else
    {
         /* User can be unlocked and form be resubmitted */
         $this->users_model->unlock_user($user_data->user_id);
         $this->submit($post_username, $post_password);
         return FALSE;
    }

    /* User is unlocked from logging in */

    if ($user_data->user_status_id != 2)
    {
        /* User has a status that is not allowed to proceed */
        $this->user_status_message($user_data->user_status_id);
    }                   

    /* User is registered and validated */                      

    $regenerated_post_password = $this->genfunc->reGenPassHash($post_password, $user_data->password_hash);

    $failed_logins = $this->session->userdata('failed_logins');

    if ($regenerated_post_password !== $user_data->password)
    {
        /* Password from login from does not match user stored password */

        if ($failed_logins == 0)
        {
            /* First time user has not entered username and password successfully */
            $this->session->set_userdata('failed_logins', 1);
            $this->users_model->increase_login_attempt($this->input->ip_address(), $post_username, gmdate('Y-m-d H:i:s', time()));
            $this->output('Incorrect username and password credentials!', 'Incorrect Login Credentials', 'Error');
        }

        /* User has atleast one failed login attempt for the current session */

        if ($failed_logins !== 4)
        {      
            /* User has a few more chances to get password right */
            $failed_logins++;
            $this->session->set_userdata('failed_logins', $failed_logins);
            $this->users_model->increase_login_attempt($this->input->ip_address(), $post_username, gmdate('Y-m-d H:i:s', time()));
            $this->output('Incorrect username and password credentials!', 'Incorrect Login Credentials', 'Error');
        }

        $this->users_model->lock_out_user($user_data->user_id, gmdate('Y-m-d H:i:s', time()+(60*15)));
        //$this->functions_model->send_email('maximum_failed_login_attempts_exceeded', $user_data->email_address, $user_data)
        $this->output('Your account is currently locked, we apologize for the inconvienence. You must wait 15 minutes before you can log in again! An email was sent to the owner of this account! Forgotten your username or password? <a href="forgotusername">Forgot Username</a> or <a href="forgotpassword">Forgot Password</a>', 'Account Locked', 'Error');            

    } 

    /* Password from login form matches user stored password and user may login */

    $this->output('Successful login! Sending you to the dashboard!', 'Login Sucessful', 'Success');
}

更新:これは完全に機能する元の送信機能でしたが、投稿の理由は、それを平らにしようとしていた方法に問題があったためです。

平坦化

public function submit($post_username = NULL, $post_password = NULL)
{
    /* Set variable defaults */
    $output_status = 'Notice';
    $output_title = 'Not Processed';
    $output_message = 'The request was unprocessed!';

    /* Number of error flags */
    $flags = 0;

    /* Set validation rules for post data */
    $this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean|min_length[6]|max_length[12]|regex_match[/[a-z0-9]/]');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean|min_length[6]|max_length[12]|regex_match[/[a-z0-9]/]');
    $this->form_validation->set_rules('remember', 'Remember Me', 'trim|xss_clean|integer');

    if ($this->form_validation->run() == TRUE)
    {
        /* Form validation passed */

        /* Post values from login form */
        $post_username = $this->input->post('username');
        $post_password = $this->input->post('password');

        /* Test to see value of posted login form */
        //echo '<pre>';
        //var_dump($post_username);
        //var_dump($post_password);
        //echo '</pre>';
        //die();

        /* Get user data from post username value */
        $user_data = $this->users_model->get_by('username', $post_username);

        /* Test to see value of $user_data */
        //echo '<pre>';
        //var_dump($user_data);
        //echo '</pre>';
        //die();

        if (count($user_data) > 0)
        {
            /* User was found in database */

            if ($user_data->lock_date !== '0000-00-00 00:00:00')
            {
                /* User is locked out */

                if (strtotime(gmdate('Y-m-d H:i:s', time())) < strtotime($user_data->lock_date))
                {
                    /* User is still locked out */
                    $output_status = 'Error';
                    $output_title = 'Account Locked';
                    $output_message = 'This user account is currently locked!';
                    $flags++;
                }
                else
                {
                    /* User can be unlocked and form be resubmitted */
                    $this->users_model->unlock_user($user_data->user_id);
                    $this->submit($post_username, $post_password);
                    return FALSE;
                }

            }

            if ($flags == 0)
            {
                /* User is not locked out and no error messages reported */

                /* Match user status */
                switch ($user_data->user_status_id) 
                {
                    case 1:
                        $output_status = 'Error';
                        $output_title = 'Account Unverified';
                        $output_message = 'Sorry you must verify your account before logging in!';
                        $flags++;
                        break;
                    case 3:
                        $output_status = 'Error';
                        $output_title = 'Account Suspended';
                        $output_message = 'Your account has been suspended!';
                        $flags++;
                        break;
                    case 4:
                        $output_status = 'Error';
                        $output_title = 'Account Banned';
                        $output_message = 'Your account has been banned!';
                        $flags++;
                        break;
                    case 5:
                        $output_status = 'Error';
                        $output_title = 'Account Deleted';
                        $output_message = 'Your account has been deleted!';
                        $flags++;
                        break;
                }

                if ($flags == 0)
                {
                    /* User is registered and validated and no error messages reported */                   
                    $regenerated_post_password = $this->genfunc->reGenPassHash($post_password, $user_data->password_hash);

                    $failed_logins = $this->session->userdata('failed_logins');

                    if ($regenerated_post_password == $user_data->password)
                    {
                        /* Password from login form matches user stored password */

                        /* Start session with user id and clear previous failed login attempts */
                        $this->session->set_userdata('uid', $user_data->user_id);
                        $this->session->unset_userdata('failed_logins');
                        $this->users_model->insert_session($user_data->user_id, gmdate('Y-m-d H:i:s', time()));
                        $output_status = 'Success';
                        $output_title = 'Login Success';
                        $output_message = 'Successful login! Sending you to the dashboard';
                    }
                    else
                    {
                        /* Password from login from does not match user stored password */
                        if ($failed_logins > 0)
                        {
                            /* User has atleast one failed login attempt for the current session */
                            if ($failed_logins == 4)
                            {      
                                $this->users_model->lock_out_user($user_data->user_id, gmdate('Y-m-d H:i:s', time()+(60*15)));
                                //$this->functions_model->send_email('maximum_failed_login_attempts_exceeded', $user_data->email_address, $user_data)
                                $output_status = 'Error';
                                $output_title = 'Account Locked';
                                $output_message = 'Your account is currently locked, we apologize for the inconvienence. You must wait 15 minutes before you can log in again! An email was sent to the owner of this account! Forgotten your username or password? <a href="forgotusername">Forgot Username</a> or <a href="forgotpassword">Forgot Password</a>';
                            }
                            else
                            {
                                /* User has a few more chances to get password right */
                                $failed_logins++;
                                $this->session->set_userdata('failed_logins', $failed_logins);
                                $output_status = 'Error';
                                $output_title = 'Incorrect Login Credentials';
                                $output_message = 'Incorrect username and password credentials!';
                            }
                        }
                        else
                        {
                            /* First time user has not entered username and password successfully */
                            $this->session->set_userdata('failed_logins', 1);
                            $output_status = 'Error';
                            $output_title = 'Incorrect Login Credentials';
                            $output_message = 'Incorrect username and password credentials!';
                        }

                        $this->users_model->increase_login_attempt($this->input->ip_address(), $post_username, gmdate('Y-m-d H:i:s', time()));
                    }
                }
            }
        }
        else
        {
            /* User was not found in database */
            $output_status = 'Error';
            $output_title = 'User Not Found';
            $output_message = 'The user was not found in the database!';
        }
    }
    else
    {

        /* Form validation failed */
        $output_status = 'Error';
        $output_title = 'Form Not Validated';
        $output_message = 'The form did not validate successfully!';
    }

    $output_array = array('output_status' => $output_status, 'output_title' => $output_title, 'output_message' => $output_message);

    echo json_encode($output_array);
}
4

1 に答える 1

1

まず、form_validationライブラリをロードしていません。私はあなたがそれを自動ロードしていると思います。コードはデバッグするのがかなり面倒です。4 回の試行で正しいユーザー名とパスワードを入力すると、正しい結果が得られるはずです。私はあなたのデータベースについての知識がないので、あなたのモデルで何か間違ったことをしていないことを願っています. あなたのis_userdata_locked機能では、日付が'0000-00-00 00:00:00

public function is_user_locked($user_data)
{
if ($user_data->lock_date !== '0000-00-00 00:00:00')
{
    /* User is locked out */

    if (strtotime(gmdate('Y-m-d H:i:s', time())) < strtotime($user_data->lock_date))
    {
        /* User is still locked out */
        return TRUE;
    }
    else
    {
        /* User is no longer locked out */
        return FALSE;
    }
    return true; /*maybe false, considering your logic*/

}
}

あなたは、出力が表示されていないと言いました。output functionを使用していますが、json_encode3 つの引数を指定しています。3 つの引数は必要ありません。配列にする必要があります。そこを使う理由が見当たりませんswitch

public function output($message, $title, $status = 'Success') 
{
        $stat = array('status' => $status,
                'message' => $message,
                'title' => $title
            );

    echo json_encode($stat);
}

あなたのsubmit function, when user is not found, you are still going to next segment for checkingis_user_locked()` で。ユーザーが見つからない場合は、フォームを再作成する必要があります。die() を追加しました-

if (count($user_data) == 0)
{
    /* User was not found in database */
    $this->output('The user was not found in the database!', 'User Not Found', 'Error');
    die(); /*Add die to stop executing the rest of the code.*/
}

submit function次は、ユーザーのロックを解除した後に呼び出すブロックです。form_validation は投稿データでのみ機能するため、引数を指定して関数を呼び出している場合、投稿データは取得されません。フォームの検証は常に false で実行され、無限ループになります。これが主な問題です。再提出しなければならない理由がわかりません。ユーザーのロックを解除してから、ユーザーを認証します。

if ($this->is_user_locked($user_data->lock_date))
{
    /* User is locked from logging in from too many failed attempts */
    $this->output('This user account is currently locked!', 'Account Locked', 'Error');
    die(); /*No need to execute rest of the script as user is locked*/
}
else
{
     /* User can be unlocked and form be resubmitted */
     $this->users_model->unlock_user($user_data->user_id);
}

あなたのif elseコードブロックはかなり乱雑です。ロジックを再考することをお勧めします。あなたはおそらくこれらすべてのif else状態で失われています。その場合は、簡単なフローチャートを試すことができます。あなたの問題を緩和するのに役立ちます。

最後に、エラー報告がオンになっているかどうかを確認してください。少なくとも json_encode エラーが発生するはずです。

アップデート:

これはあなたを助けるはずの疑似送信機能です

function submit(){
        if (invalid form){ /*form_is_valid function*/
             output invalid_form_error;
             return;
        }

        if( user not exist ){
             output invalid_user_error;
             return;
        }

        if( inappropriate user_status){ /*check_user_status() function*/
             output user_status_error;
             return;

        }

        if(is_user_locked){ /*is_user_locked() function. My opinion if lock time is over, unlock user here*/
             output user_is_locked_error;
             return;
        }

        if( password not match){
            set/increase session variable failed attempt;
            if failed attempt is more than 4 lock user
            output incorrect_password_error/lock_login_error;
            return
        }

        set session variables; /* start_user_session() function */
        output success_message;
        return;
    }

これは ajax ベースのアプリケーションであるため、submit 関数から適切なメッセージが返されるように注意する必要があります。そうすれば、他の条件は必要なくなり、生活が楽になります。すべての機能は問題ないようですが、ロジックをクリアする必要があります。

于 2013-05-27T06:37:40.153 に答える