本文實(shí)例講述了Yii中實(shí)現(xiàn)處理前后臺(tái)登錄的新方法。分享給大家供大家參考,具體如下:因?yàn)樽罱谧鲆粋€(gè)項(xiàng)目涉及到前后臺(tái)登錄問題,我是把后臺(tái)作為一個(gè)模塊(Module)來(lái)處理的。我看很多人放兩個(gè)入口文件index.php和admin.php,然后分別指向前臺(tái)和后臺(tái)。這種方法固然很好,可以將前后臺(tái)完全分離,但我總覺得這種方式有點(diǎn)牽強(qiáng),這和兩個(gè)應(yīng)用啥區(qū)別?還不如做兩個(gè)App用一個(gè)framework更好。而且Yii官方后臺(tái)使用方法也是使用Module的方式。但是Moudle的方式有一個(gè)很頭疼的問題,就是在使用Cwebuser登錄時(shí)會(huì)出現(xiàn)前后臺(tái)一起登錄一起退出的問題,這顯然是不合理的。我糾結(jié)了很久才找到下文即將介紹的方法,當(dāng)然,很多也是參考別人的,自己稍作了改動(dòng)。我一開始的做法是在后臺(tái)登錄時(shí)設(shè)置一個(gè)isadmin的session,然后再前臺(tái)登錄時(shí)注銷這個(gè)session,這樣做只能辨別是前臺(tái)登錄還是后臺(tái)登錄,但做不到前后臺(tái)一起登錄,也即前臺(tái)登錄了后臺(tái)就退出了,后臺(tái)登錄了前臺(tái)就退出了。出現(xiàn)這種原因的根本原因是我們使用了同一個(gè)Cwebuser實(shí)例,不能同時(shí)設(shè)置前后臺(tái)session,要解決這個(gè)問題就要將前后臺(tái)使用不同的Cwebuser實(shí)例登錄。下面是我的做法,首先看protected- config- main.php里對(duì)前臺(tái)user(Cwebuser)的配置:'user'= array( 'html' target='_blank'>class'= 'WebUser',//這個(gè)WebUser是繼承CwebUser,稍后給出它的代碼 'stateKeyPrefix'= 'member',//這個(gè)是設(shè)置前臺(tái)session的前綴 'allowAutoLogin'= true,//這里設(shè)置允許cookie保存登錄信息,一邊下次自動(dòng)登錄在你用Gii生成一個(gè)admin(即后臺(tái)模塊名稱)模塊時(shí),會(huì)在module- admin下生成一個(gè)AdminModule.php文件,該類繼承了CWebModule類,下面給出這個(gè)文件的代碼,關(guān)鍵之處就在該文件,望大家仔細(xì)研究:class AdminModule extends CWebModule public function init() // this method is called when the module is being created // you may place code here to customize the module or the application parent::init();//這步是調(diào)用main.php里的配置文件 // import the module-level models and componen $this- setImport(array( 'admin.models.*', 'admin.components.*', //這里重寫父類里的組件 //如有需要還可以參考API添加相應(yīng)組件 Yii::app()- setComponents(array( 'errorHandler'= array( 'class'= 'CErrorHandler', 'errorAction'= 'admin/default/error', 'admin'= array( 'class'= 'AdminWebUser',//后臺(tái)登錄類實(shí)例 'stateKeyPrefix'= 'admin',//后臺(tái)session前綴 'loginUrl'= Yii::app()- createUrl('admin/default/login'), ), false); //下面這兩行我一直沒搞定啥意思,貌似CWebModule里也沒generatorPaths屬性和findGenerators()方法 //$this- generatorPaths[]='admin.generators'; //$this- controllerMap=$this- findGenerators(); public function beforeControllerAction($controller, $action) if(parent::beforeControllerAction($controller, $action)) $route=$controller- id.'/'.$action- if(!$this- allowIp(Yii::app()- request- userHostAddress) && $route!=='default/error') throw new CHttpException(403,"You are not allowed to access this page."); $publicPages=array( 'default/login', 'default/error', if(Yii::app()- admin- isGuest && !in_array($route,$publicPages)) Yii::app()- admin- loginRequired(); else return true; return false; protected function allowIp($ip) if(empty($this- ipFilters)) return true; foreach($this- ipFilters as $filter) if($filter==='*' || $filter===$ip || (($pos=strpos($filter,'*'))!==false && !strncmp($ip,$filter,$pos))) return true; return false; AdminModule 的init()方法就是給后臺(tái)配置另外的登錄實(shí)例,讓前后臺(tái)使用不同的CWebUser,并設(shè)置后臺(tái)session前綴,以便與前臺(tái)session區(qū)別開來(lái)(他們同事存在$_SESSION這個(gè)數(shù)組里,你可以打印出來(lái)看看)。這樣就已經(jīng)做到了前后臺(tái)登錄分離開了,但是此時(shí)你退出的話你就會(huì)發(fā)現(xiàn)前后臺(tái)一起退出了。于是我找到了logout()這個(gè)方法,發(fā)現(xiàn)他有一個(gè)參數(shù)$destroySession=true,原來(lái)如此,如果你只是logout()的話那就會(huì)將session全部注銷,加一個(gè)false參數(shù)的話就只會(huì)注銷當(dāng)前登錄實(shí)例的session了,這也就是為什么要設(shè)置前后臺(tái)session前綴的原因了,下面我們看看設(shè)置了false參數(shù)的logout方法是如何注銷session的:* Clears all user identity information from persistent storage. * This will remove the data stored via {@link setState}.public function clearStates() $keys=array_keys($_SESSION); $prefix=$this- getStateKeyPrefix(); $n=strlen($prefix); foreach($keys as $key) if(!strncmp($key,$prefix,$n)) unset($_SESSION[$key]);看到?jīng)],就是利用匹配前綴的去注銷的。到此,我們就可以做到前后臺(tái)登錄分離,退出分離了。這樣才更像一個(gè)應(yīng)用,是吧?嘿嘿…差點(diǎn)忘了說明一下:Yii::app()- user //前臺(tái)訪問用戶信息方法Yii::app()- admin //后臺(tái)訪問用戶信息方法不懂的仔細(xì)看一下剛才前后臺(tái)CWebUser的配置。附件1:WebUser.php代碼:class WebUser extends CWebUser public function __get($name) if ($this- hasState('__userInfo')) { $user=$this- getState('__userInfo',array()); if (isset($user[$name])) { return $user[$name]; return parent::__get($name); public function login($identity, $duration) { $this- setState('__userInfo', $identity- getUser()); parent::login($identity, $duration); public function login($identity, $duration) { $this- setState('__adminInfo', $identity- getUser()); parent::login($identity, $duration); * UserIdentity represents the data needed to identity a user. * It contains the authentication method that checks if the provided * data can identity the user.class UserIdentity extends CUserIdentity * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. public $user; public $_id; public $username; public function authenticate() $this- errorCode=self::ERROR_PASSWORD_INVALID; $user=User::model()- find('username=:username',array(':username'= $this- username)); if ($user) $encrypted_passwd=trim($user- password); $inputpassword = trim(md5($this- password)); if($inputpassword===$encrypted_passwd) $this- errorCode=self::ERROR_NONE; $this- setUser($user); $this- _id=$user- $this- username=$user- username; //if(isset(Yii::app()- user- thisisadmin)) // unset (Yii::app()- user- thisisadmin); else $this- errorCode=self::ERROR_PASSWORD_INVALID; else $this- errorCode=self::ERROR_USERNAME_INVALID; unset($user); return !$this- errorCode; public function getUser() return $this- user; public function getId() return $this- public function getUserName() return $this- username; public function setUser(CActiveRecord $user) $this- user=$user- attributes;附件4:后臺(tái)UserIdentity.php代碼 * UserIdentity represents the data needed to identity a user. * It contains the authentication method that checks if the provided * data can identity the user.class UserIdentity extends CUserIdentity * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. public $admin; public $_id; public $username; public function authenticate() $this- errorCode=self::ERROR_PASSWORD_INVALID; $user=Staff::model()- find('username=:username',array(':username'= $this- username)); if ($user) $encrypted_passwd=trim($user- password); $inputpassword = trim(md5($this- password)); if($inputpassword===$encrypted_passwd) $this- errorCode=self::ERROR_NONE; $this- setUser($user); $this- _id=$user- $this- username=$user- username; // Yii::app()- user- setState("thisisadmin", "true"); else $this- errorCode=self::ERROR_PASSWORD_INVALID; else $this- errorCode=self::ERROR_USERNAME_INVALID; unset($user); return !$this- errorCode; public function getUser() return $this- admin; public function getId() return $this- public function getUserName() return $this- username; public function setUser(CActiveRecord $user) $this- admin=$user- attributes;希望本文所述對(duì)大家基于Yii框架的PHP程序設(shè)計(jì)有所幫助。PHP教程
