CakePHP v2.6 和 BotDetect 验证码

Question

我在 CakePHP 2.6 应用程序中使用 BotDetect Captcha，并已按照此页面上的说明实现它：

How To Add BotDetect Protection To CakePHP 2.6 Applications

验证码在我需要的控制器/视图上运行良好。

但是，它似乎以某种方式干扰了同一控制器使用的标准登录过程。

这是加载 BotDetect 组件的控制器的标题：

public $components = array('RequestHandler','Epd','BotDetect.Captcha' => array(
                'CaptchaId' => 'EpdCaptcha',
                'UserInputId' => 'CaptchaCode'));

这是我的登录功能：

public function login() {
    $this->layout='login';
    if ($this->request->is('post')) {
    if ($this->Auth->login()) {
        $this->redirect($this->Auth->redirectUrl());
    }
    else
    {
        $this->Session->setFlash(__('Invalid username or password, try again'));
    }
}

这是我的 AppController.php：

class AppController extends Controller {

    public $components = array(
        'Auth' => array(
            'loginRedirect' => array(
                'controller' => 'users',
                'action' => 'selectorg'
            ),
            'logoutRedirect' => array(
                'controller' => 'users',
                'action' => 'login'
            ),
            'authenticate' => array(
                'Form' => array(
                )
            )
        ),
        'Session'
    );}

现在，当我登录应用程序时，auth 组件没有授权登录，它只是弹回登录屏幕。但是当我删除 BotDetect 组件时，登录工作完美。我试过改变加载组件的顺序，看看是否有什么不同......但无济于事。

有什么建议吗？

Answer 1

这是一个在 cakephp 2.6 中集成 BotDetect Captcha 组件的示例，它对我来说工作正常。

控制器：UsersController.php：

<?php
App::uses('AppController', 'Controller');

class UsersController extends AppController {

    public $components = array(
        'RequestHandler',
        'BotDetect.Captcha' => array(
            'CaptchaId' => 'EpdCaptcha',
            'UserInputId' => 'CaptchaCode'
        )
    );

    public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('logout');
        $this->Security->validatePost = false;
    }

    public function selectorg() {
        echo 'selectorg';
        $this->autoRender = false;
    }

    public function login() {

        $this->set('captchaHtml', $this->Captcha->Html());

        if ($this->request->is('post')) {

            $isHuman = $this->Captcha->Validate($this->request->data['User']['CaptchaCode']);

            unset($this->request->data['User']['CaptchaCode']);

            if ($isHuman && $this->Auth->login()) {
                return $this->redirect($this->Auth->redirectUrl());
            } else {
                if (!$isHuman) {
                    $this->Session->setFlash(__('CAPTCHA validation failed, try again.'));
                } else {
                    $this->Session->setFlash(__('Invalid username or password, try again'));
                }
            }
        }

    }

    public function logout() {
        return $this->redirect($this->Auth->logout());
    }

}

控制器：AppController.php：

class AppController extends Controller {

    public $components = array(
        'Security',
        'Session',
        'Auth' => array(
            'loginRedirect' => array(
                'controller' => 'users',
                'action' => 'selectorg'
            ),
            'logoutRedirect' => array(
                'controller' => 'users',
                'action' => 'login'
            ),
            'authenticate' => array('Form' => array('passwordHasher' => 'Blowfish'))
        )
    );

}

查看：login.ctp

<?php
    echo $this->Html->css(CaptchaUrls::LayoutStylesheetUrl(), array('inline' => false));

    echo $this->Form->create('User');

    echo $this->Form->input('username');
    echo $this->Form->input('password');

    echo $this->Html->div('captcha', $captchaHtml, false);

    // Captcha code user input textbox
    echo $this->Form->input('CaptchaCode', array(
            'label' => 'Retype the characters from the picture:',
            'maxlength' => '10',
            'style' => 'width: 300px;'
        )
    );

    echo $this->Form->end('Submit');
?>

型号：User.php

<?php
App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');

class User extends AppModel {
    public $name = 'User';

    public $validate = array(
        'username' => array(
            'required' => array(
                'rule' => array('notEmpty'),
                'message' => 'Please enter your username'
            ),
            'unique' => array(
                'rule' => 'isUnique',
                'message' => 'Username already exists'
            )
        ),
        'password' => array(
            'required' => array(
                'rule' => array('notEmpty'),
                'message' => 'Please enter your password'
            )
        )
    );

    public function beforeSave($options = array()) {
        if (isset($this->data[$this->alias]['password'])) {
            $passwordHasher = new BlowfishPasswordHasher();
            $this->data[$this->alias]['password'] = $passwordHasher->hash(
                $this->data[$this->alias]['password']
            );
        }
        return true;
    }
}