我参考了这篇文章来构建项目的前台和后台的目录结构。感谢Andy的这篇文章。按照所有的步骤,您将有单独的前台和后台面板,如:

  • http://localhost/index.php // 前台
  • http://localhost/backend.php // 后台管理

我使用了两个不同的数据模型来处理前台和后台的用户数据库

  1. 用户 User
  2. 管理用户 AdminUser

LoginForm 登录表单

路径: models/LoginForm.php

在这里,我给这个类添加了新的变量,即 userType(用户类型)

class LoginForm extends CFormModel

{

public $username;

public $password;

public $rememberMe;

public $userType; // 添加的新成员变量

private $_identity;

public function __construct($arg='Front') { // 默认设置为前台

    $this->userType = $arg;

}

//==== 其余代码如下 ====

public function authenticate($attribute,$params)

{

    if(!$this->hasErrors())

    {

        $this->_identity=new UserIdentity($this->username,$this->password);

        $this->_identity->userType = $this->userType; // 这将会把标识传递给 UserIdentify

        if(!$this->_identity->authenticate())

        $this->addError('password','Incorrect username or password.');

    }

}

UserIdentity:

路径: components/UserIdentity.php

向 LoginForm 一样,添加新的成员变量

<?php

class UserIdentity extends CUserIdentity

{

    public $userType = 'Front';

    public function authenticate()

    {

        if($this->userType=='Front') // 只是前台登录

        {

            // 检查登录信息是否存在于数据库中

            $record=User::model()->findByAttributes(array('username'=>$this->username));

            if($record===null)

            {

                $this->errorCode=self::ERROR_USERNAME_INVALID;

            }else if($record->password!==$this->password)            // 在这里比较数据中的密码与登录信息中的密码

            {

                $this->errorCode=self::ERROR_PASSWORD_INVALID;

            }else{

                $this->setState('userId',$record->userId);

                $this->setState('name', $record->firstName.' '.$record->lastName);

                $this->errorCode=self::ERROR_NONE;

            }

            return !$this->errorCode;

        }

        if($this->userType=='Back')// 这里是后台管理登录

        {

            // 检查登录信息是否存在于数据库中

            $record=AdminUser::model()->findByAttributes(array('email'=>$this->username));  // 这里我用数据库中的邮箱作为用户名

            if($record===null)

            {

                $this->errorCode=self::ERROR_USERNAME_INVALID;

            }else if($record->password!==base64_encode($this->password)) // 获取base64_encode加密的密码并于数据库中的密码比较

            {

                $this->errorCode=self::ERROR_PASSWORD_INVALID;

            }else

            {

                $this->setState('isAdmin',1);

                $this->setState('userId',$record->userId);

                $this->setState('name', $record->name);

                $this->errorCode=self::ERROR_NONE;

            }

                return !$this->errorCode;

        }

    }

}

Code in action:

Now all is set, we just need to use LoginForm object in controller files.

Path: Controllers/Front/SiteController.php

$model=new LoginForm('Front'); // Front side login form which will use 'User' module

Path: Controllers/Back/SiteController.php

$model=new LoginForm('Back'); // Admin side login form which will use 'AdminUser' module

You may also find some good articles on how to manage user access levels..etc. But as a beginner i tried this code, It may help you. Share your thoughts and comments.

默认的用gii创建的actionLogin()方法:

        $model=new LoginForm;

        // if it is ajax validation request

        if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')

        {

            echo CActiveForm::validate($model);

            Yii::app()->end();

        }

        // collect user input data

        if(isset($_POST['LoginForm']))

        {

            $model->attributes=$_POST['LoginForm'];

            // validate user input and redirect to the previous page if valid

            if($model->validate() && $model->login())

                $this->redirect(Yii::app()->user->returnUrl);

        }

        // display the login form

        $this->render('login',array('model'=>$model));

参考:http://www.yiiwiki.com/27/

UserIdentity是Yii管理用户登录状态的类,它提供了保存除登录状态和ID之外的其它信息的能力,比如我们想要保存整个User Model(通常不必要,但是这里只是举个例子),可以通过将一个User Model的实例放在UserIdentity的State集合中来实现:

    public function authenticate()

    {

        $userService=new UserService;

        $userRecord = $userService->login($this->username,$this->password);

        if($userRecord==NULL)

            $this->errorCode=self::ERROR_PASSWORD_INVALID;

        else

        {

            $this->errorCode=self::ERROR_NONE;

            $this->_id=$userRecord->user_id;

            $this->setState('userRecord',$userRecord);//将User Model的实例放到States集合中

        }            

        return !$this->errorCode;

    }

 有一个地方值得注意一下,即通过setState()方法将用户的role储存在session中,完成这个操作后,我们可以通过Yii::app()->user->role来获取用户的role。当然,也可以为ID做相同的处理,但是内嵌的验证已经包含了getId()方法,返回用户的标识符,默认返回username。可以通过override重写方法使其返回ID。(id和name方法CUserIdentity中已经写了,都返回$this->username,我们把id

重写下。

 最后重写getId():

public function getId()

{

    return $this->_id;

}

  这样用户的ID就可以通过Yii::app()->user->id获得了。

最开始我

ChromePhp::log(Yii::app()->user->id); 
ChromePhp::log(Yii::app()->user->name);
ChromePhp::log(Yii::app()->user->isGuest);

总是返回null,Guest,true是因为没有login

$duration=$this->rememberMe?3600:0;
Yii::app()->user->login($this->_identity,$duration);

登陆后就会输出相应id,用户名和是否是guest了。

  先在UserIdentity中创建私有变量$_id:

class UserIdentity extends CUserIdentity

{

    // Need to store the user's ID:

    private $_id;

  验证成功(else语句)时将用户ID复制给该变量:

$this->_id = $user->id;

当我们需要User的用户名的时候,可以从UserIdentity的State中取出User Model的实例(例子中的$userRecord)然后再取出用户名:

  //userRecord保存的是一个Model的User对象

    $userName = Yii::app()->user->userRecord->user_name;

保存在UserIdentity中的$userRecord实例什么时候被销毁呢?如果用户不退出它是一值可以访问的,这个可能一般不会怀疑。那如果用户退出呢,我们是否需要手动从UserIdentity中移除$userRecord? 就像这样:

 public function actionLogout()

    {

        Yii::app()->user->logout();

        unset(Yii::app()->user->userRecord);

        $this->redirect('login');

    }

事实上不需要,'unset'这一行代码什么都没做,因为userRecord在调用unset的时候已经不存在了。要验证这一点很简单,将'unset'这一行代码换成访问userRecord的代码,比如这样:

$userName = Yii::app()->user->userRecord->user_name

你会发现Yii报错了——“userRecord未定义",说明userRecord在调用UserIdentity的logout之后已经被销毁了,为什么呢?这个跟UserIdentity的State集合的实现有关:State集合实际上是一个http session的简单包装,放到State集合的东西实际上是放在session里的。源代码很清楚的说明了这一点:

    public function setState($key,$value,$defaultValue=null)

    {

        $key=$this->getStateKeyPrefix().$key;

        if($value===$defaultValue)

            unset($_SESSION[$key]);

        else

            $_SESSION[$key]=$value;

    }

当调用UserIdentity的logout时,或者销毁整个session或者调用clearStates方法。clearStates就是unset session中相应的变量,看看源代码:

    public function clearStates()

    {

        $keys=array_keys($_SESSION);

        $prefix=$this->getStateKeyPrefix();

        $n=strlen($prefix);

        foreach($keys as $key)

        {

            if(!strncmp($key,$prefix,$n))

                unset($_SESSION[$key]);

        }

    }

所以,退出的时候直接简单的调用UserIdentity的logout就行了,不需要再手动清理存放在State集合中的信息

转自:http://www.cnblogs.com/yiimaster/archive/2012/04/12/2444999.html

参考:http://www.cnblogs.com/hi-bazinga/archive/2012/05/17/2506368.html

Yii->user(当前用户)相关

常用的用法是

  1. class Controller extends CController
  2. {
  3. public $user = null;
  4. $this->user = Yii:app()->user;
  5. }

this->user->isGuest; 
this->user->id; 
this->user->name;

还有设置session 
this->user->setStatus('xx'); 
this->user->getStatus('xx');

查看一下手册后,发现user的属性和方法还真多。

详细如下: 
CWebUser represents the persistent state for a Web application user.

CWebUser is used as an application component whose ID is 'user'. Therefore, at any place one can access the user state via

Yii::app()->user.

CWebUser should be used together with an identity which implements the actual authentication algorithm.

A typical authentication process using CWebUser is as follows: 
1.The user provides information needed for authentication. 
2.An identity instance is created with the user-provided information. 
3.Call IUserIdentity::authenticate to check if the identity is valid. 
4.If valid, call CWebUser::login to login the user, and Redirect the user browser to returnUrl. 
5.If not valid, retrieve the error code or message from the identity instance and display it.

The property id and name are both identifiers for the user. The former is mainly used internally (e.g. primary key), while the

latter is for display purpose (e.g. username). The id property is a unique identifier for a user that is persistent during the

whole user session. It can be a username, or something else, depending on the implementation of the identity class.

Both id and name are persistent during the user session. Besides, an identity may have additional persistent data which can be

accessed by calling getState. Note, when cookie-based authentication is enabled, all these persistent data will be stored in

cookie. Therefore, do not store password or other sensitive data in the persistent storage. Instead, you should store them

directly in session on the server side if needed.

1,属性 
allowAutoLogin      boolean        whether to enable cookie-based login. CWebUser 
authTimeout         integer        timeout in seconds after which user is logged out if inactive. CWebUser 
autoRenewCookie     boolean        whether to automatically renew the identity cookie each time a page is requested. CWebUser 
autoUpdateFlash     boolean        whether to automatically update the validity of flash messages. CWebUser 
behaviors           array          the behaviors that should be attached to this component. CApplicationComponent 
flashes             array          Returns all flash messages. CWebUser 
guestName           string         the name for a guest user. CWebUser 
id                  mixed          the unique identifier for the user. CWebUser 
identityCookie      array          the property values (in name-value pairs) used to initialize the identity cookie. CWebUser 
isGuest             boolean        whether the current application user is a guest. CWebUser 
isInitialized       boolean        Checks if this application component bas been initialized. CApplicationComponent 
loginUrl            string|array   the URL for login. CWebUser 
name                string         Returns the unique identifier for the user (e.g. username). CWebUser 
returnUrl           string         Returns the URL that the user should be redirected to after successful login. CWebUser 
stateKeyPrefix      string         a prefix for the name of the session variables storing user session data. CWebUser

2,方法 
最基本的方法 
除了call, get, isset, set, unset方法之外,还有 
getIsInitialized() Checks if this application component bas been initialized. //一般不需要检查 
checkAccess() Performs access check for this user.   //检查用户可以访问的操作 
方法原型:public boolean checkAccess(string $operation, array $params=array ( ), boolean $allowCaching=true)

基本方法 
getId() Returns the unique identifier for the user. If null, it means the user is a guest. 
setId() Sets the unique identifier for the user. If null, it means the user is a guest. 
getName() Returns the unique identifier for the user (e.g. username). 
setName() Sets the unique identifier for the user (e.g. username). 
setReturnUrl() Sets the URL that the user should be redirected to after login. 
getReturnUrl() Returns the URL that the user should be redirected to after successful login. 
canGetProperty() Determines whether a property can be read. 
canSetProperty() Determines whether a property can be set.

登陆相关 
login() Logs in a user. CWebUser 
loginRequired() Redirects the user browser to the login page.//该方法非常好用 
logout() 
getIsGuest()

增加行为相关 
attachBehavior() Attaches a behavior to this component. CComponent 
attachBehaviors() Attaches a list of behaviors to the component. 
detachBehavior() Detaches a behavior from the component. CComponent 
detachBehaviors() Detaches all behaviors from the component. CComponent 
disableBehavior() Disables an attached behavior. CComponent 
disableBehaviors() Disables all behaviors attached to this component. CComponent 
enableBehavior() Enables an attached behavior. CComponent 
enableBehaviors() Enables all behaviors attached to this component.

session相关 
setState() Stores a variable in user session. // 是基于cookie-based authentication,所以不应存一些如密码等敏感信息 
getState() Returns the value of a variable that is stored in user session. 
hasState() Returns a value indicating whether there is a state of the specified name. 
clearStates() Clears all user identity information from persistent storage. 
setStateKeyPrefix() Sets a prefix for the name of the session variables storing user session data. 
getStateKeyPrefix() Returns a prefix for the name of the session variables storing user session data.

flash相关 
hasFlash() Determines whether the specified flash message exists 
getFlash() Returns a flash message. 
setFlash() Stores a flash message. 
getFlashes() Returns all flash messages.

事件相关 
raiseEvent() Raises an event. 
hasEvent() Determines whether an event is defined. 
hasEventHandler() Checks whether the named event has attached handlers. 
getEventHandlers() Returns the list of attached event handlers for an event. 
attachEventHandler() Attaches an event handler to an event. 
detachEventHandler() Detaches an existing event handler.

--------------------------

通过扩展 CWebUser 增加信息到 Yii::app()->user

通过扩展 CWebUser 增加信息到 Yii::app()->user

此教程解释了:如何通过增加一个扩展自 CWebUser 并从名为 User 的数据表中检索用户信息的组件,从 Yii::app()->user 检索更多参数。

也有另外一个方法来完成这个任务,它从 session 或 cookie 中检索变量: 
How to add more information to Yii::app()->user (based on session or cookie)。

步骤如下: 
1. 确保你已经有一个数据库 User 模型。 
2. 创建一个扩展自 CWebUser 的组件。 
3. 在 config.php 中指定应用使用的用户类。

1. User 模型应当如下: 
<?php

// this file must be stored in: 
// protected/models/User.php

class User extends CActiveRecord 

     
    public static function model($className=__CLASS__) 
    { 
        return parent::model($className); 
    }

public function tableName() 
    { 
        return 'User'; 
    } 

?>

2. 然后我们创建 WebUser 组件: 
<?php

// this file must be stored in: 
// protected/components/WebUser.php

class WebUser extends CWebUser {

// Store model to not repeat query. 
  private $_model;

// Return first name. 
  // access it by Yii::app()->user->first_name 
  function getFirst_Name(){ 
    $user = $this->loadUser(Yii::app()->user->id); 
    return $user->first_name; 
  }

// This is a function that checks the field 'role' 
  // in the User model to be equal to 1, that means it's admin 
  // access it by Yii::app()->user->isAdmin() 
  function isAdmin(){ 
    $user = $this->loadUser(Yii::app()->user->id); 
    return intval($user->role) == 1; 
  }

// Load user model. 
  protected function loadUser($id=null) 
    { 
        if($this->_model===null) 
        { 
            if($id!==null) 
                $this->_model=User::model()->findByPk($id); 
        } 
        return $this->_model; 
    } 

?>

3. 最后一步,配置应用 
<?php 
// you must edit protected/config/config.php 
// and find the application components part 
// you should have other components defined there 
// just add the user component or if you 
// already have it only add 'class' => 'WebUser',

// application components 
'components'=>array( 
    'user'=>array( 
        'class' => 'WebUser', 
        ), 
), 
?>

现在你可以使用如下命令: 
Yii::app()->user->first_name - 返回名字的属性 
Yii::app()->user->isAdmin() - 返回 admin 状态的函数 
现在你可以增加你想要的任何函数到 WebUser 组件。

转自:http://blog.sina.com.cn/s/blog_4291fcdb0100tavh.html

http://www.yiiframework.com/wiki/60/

更多:http://hudeyong926.iteye.com/blog/1338494

Yii创建前台和后台登录表单和通过扩展 CWebUser 增加信息到 Yii::app()->user的更多相关文章

  1. 【总结-前台发送后台接收表单】MVC提交表单的四种方式

    https://www.cnblogs.com/chenwolong/p/Form.html#commentform 后台控制器接收前台表单参数三种方法: 一.普通参数 HTML标签name 和参数名 ...

  2. yii YII小部件 创建登录表单表单 Login表单

    YII框架必须遵循其表单的创建方法 登录模型错做与数据库操作模型是一致的,不同的是不跟数据库交互 ,用的是小部件,在创建表单之前,要在用户控制模块完成以下代码 protected --models - ...

  3. 用JS动态创建登录表单,报了个小错误

    后来发现原来是: dvObj.style.border='#Red 1px sold'; 其中的Red多谢了一个‘#’, 但是奇怪的是在chrome和firefox都备有报错,但是在ie中报错了. 各 ...

  4. wordpress 自定义登录表单

    wordpress 有很多插件支持自定义登录表单,本文讨论无插件形式. 自定义登录表单又分为两种 自定义登录表单 在前端创建一个登录页面

  5. AngularJS学习之 登录表单 清爽验证(边学边更新)

    注册过程的确好多需要验证的,但是注册成功之后的登录就简单多了, 只要用户 输入 用户名和密码, ajax向后台提交登录请求, 根据返回的结果确定用户名或者密码是否正确即可登录. 所以这个登录表单的验证 ...

  6. Vue + ElementUI的电商管理系统实例01 登录表单

    效果图: 1.首先来根据Element网站实现布局: <template> <div class="login_container"> <div cl ...

  7. Html登录表单阻止自动填充

    设置属性 autocomplete="off" 阻止浏览器从cache获取数据填充登录表单. <input type="text" name=" ...

  8. 圆角卖萌式登录表单和width的百分比值

    1.圆角恶意卖萌登录表单 小组要做一个网站,大学生社区那种,然后要做登陆界面然后还要做好看的登录界面,然后在书上看到了一个很漂亮的登陆界面,说来和一般的登陆界面没什么不同只是登录表单的边角被柔化了,变 ...

  9. 9款大气实用的HTML5/CSS3注册登录表单

    1.HTML5/CSS3仿Facebook登录表单 利用CSS3制作的登录表单的确很漂亮,我们在html5tricks网站上也分享过几款了,比如CSS3密码强度验证表单可以显示密码的强度,这款纯CSS ...

随机推荐

  1. maven 项目调试本地代码

    我们新建的maven项目,一开始调试的时候是不进断点的 怎么解决呢 点击add 选择project  选择要添加的项目

  2. NDN与TCP/IP

    搬运自http://blog.csdn.net/programmer_at/article/details/49203241  当前TCP/IP协议存在哪些问题?如何改进? 当时没有回答好,然后提到了 ...

  3. [Angular 2] Using ngrx/store and Reducers for Angular 2 Application State

    ngrx/store is a library that simplifies common RxJS patterns for managing state and gives you an eas ...

  4. Android各种颜色dawable.xml中定义

    < drawable name="white">#FFFFFF< /drawable>< !--白 --> < drawable name ...

  5. Linux crontab命令

    --常用参数:crontab -l               //查看当前用户下的cron任务crontab -e               //编辑当前用户的定时任务crontab -u  jo ...

  6. Python迭代--笔记

    <python3 程序开发指南> 迭代子.迭代操作 迭代子是一个对象,该对象可提供_next_()方法,该方法依次返回每个相继的数据项,并在没有数据项时产生StopIteration()异 ...

  7. css内容生成器

    一,内容生成器:content 补充before和after伪类选择器: 1):将内容添加到某个选择器定义的单个或者多个元素的每一个实例之前或者之后 2)与before选择器配合使用(同理大家想下会不 ...

  8. (转)html5 Placeholder属性兼容IE6、7方法

    使低版本浏览器支持Placeholder有很多方法,都不是很完美,或多或少有点问题,且有些原生支持的浏览器在获得焦点时会清空Placeholder提示.发现zhihu的解决方法不错,特记录下 wind ...

  9. [php基础]Mysql日期函数:日期时间格式转换函数详解

    在PHP网站开发中,Mysql数据库设计中日期时间字段必不可少,由于Mysql日期函数输出的日期格式与PHP日期函数之间的日期格式兼容性不够,这就需要根据网站实际情况使用Mysql或PHP日期转换函数 ...

  10. 无法连接vCenter Server清单https://IP:10443

    VMware vCenter Server服务器安装系统的时候使用一个IP,安装完VMware vCenter后来更换了另外一个IP,当使用vSphere Web Client登陆VMware vCe ...