Hello, I have made Register and Login systems with Yii framework, but it is not working. There is no php or yii error, but it seems that registered users can’t sign in. Here is what I have coded:
siteController.php :
public function actionRegister()
{
$model=new RegisterForm;
// uncomment the following code to enable ajax-based validation
if(isset($_POST['ajax']) && $_POST['ajax']==='register-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
if(isset($_POST['RegisterForm']))
{
$model->attributes=$_POST['RegisterForm'];
if($model->validate())
{
$user = new User;
$user->username = $_POST['RegisterForm']['username'];
$this->password = $_POST['RegisterForm']['password'];
$this->salt = Security::GenerateSalt(128);
$user->password = hash('sha512', $password.$this->salt);
$user->question = $_POST['RegisterForm']['question'];
$user->answer = $_POST['RegisterForm']['answer'];
$user->salt = Security::Encrypt($this->salt);
$user->email = $_POST['RegisterForm']['email'];
$user->fullname = $_POST['RegisterForm']['fullname'];
$user->birth = $_POST['RegisterForm']['dd'].'/'.$_POST['RegisterForm']['mm'].'/'.$_POST['RegisterForm']['yy'];
$user->avatar = CUploadedFile::getInstance($model,'avatar');
$user->about = $_POST['RegisterForm']['about'];
$user->sighnup = date('d/m/y');
$user->login = date('d/m/y');
if($user->save())
{
if (!$user->avatar === null){
$model->avatar->saveAs('images/users/localFile.jpg');
}
}
else if (!$user->save())
{
echo CHtml::errorSummary($user);
}
$activation = new Activation;
$record = User::model()->findByAttributes(array('username'=>$_POST['RegisterForm']['username']));
$activation->user = $record->id;
$activation->code = Security::ActivationCode(32);
$activation->save();
return;
}
}
$this->render('register',array('model'=>$model));
}
UserIdentity class:
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$record=User::model()->findByAttributes(array('username'=>$this->username));
if($record===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($record->password!==hash('sha512', $this->password.Security::Decrypt($record->salt)))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
while ($record2 !== null){
$salt = Security::GenerateSalt(128);
if ($salt === null)
{
$this->errorCode=self::ERROR_INTERNALL_ERROR;
return !$this->errorCode;
}
$record2 = User::model()->findByAttributes(array('salt'=>$salt));
}
$record->salt = $salt;
$record->password = hash('sha512', $this->password.$salt);
$record->save;
$this->_id=$record->id;
$this->setState('user_id', $record->id);
$this->setState('user_username', $record->username);
$this->setState('user_privilages', $record->privilages);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
}
and finally Security.php component:
<?php
class Security extends CApplicationComponent
{
private static $key = 'Here is some random string';
public static function RandomString($length)
{
$len = $length / 133 * 100;
$len = floor($len);
//$random = base64_encode(file_get_contents('/dev/urandom', false, null, 0, $len));
$random = base64_encode(mcrypt_create_iv($len, MCRYPT_DEV_URANDOM));
$result = str_replace('=', '', $random);
return $result;
}
public static function GenerateSalt($length)
{
$result = self::RandomString($length);
if ($result === null)
{
return null;
}
return self::Encrypt($result);
}
public static function Encrypt($value){
$key = self::$key;
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
return base64_encode($crypttext);
}
public static function Decrypt($value){
$key = self::$key;
$crypttext = base64_decode($value);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $crypttext, MCRYPT_MODE_ECB, $iv);
return trim($decrypttext);
}
public static function ActivationCode($length)
{
$len = $length / 133 * 100;
$len = floor($len);
$random = base64_encode(file_get_contents('/dev/urandom', false, null, 0, $len));
return strtr($random, '+/', '-_');
}
}