I have a class called User with static function loginRequired(), which returns false if the user is logged in and true if the user is logged out. It also appends an error to an error class that I created that tells the person using the site that they must be logged in to view the content.
我有一个名为User with class function loginRequired()的类,如果用户登录则返回false,如果用户注销则返回true。它还向我创建的错误类附加了一个错误,该错误类告诉使用该站点的人他们必须登录才能查看内容。
The idea is that for the top of each function that would require the user to be logged in, we write this code:
我们的想法是,对于需要用户登录的每个函数的顶部,我们编写以下代码:
if(User::loginRequired()) return;
Which will output the error and immediately return from the function. I would rather do this, however:
哪个会输出错误并立即从函数返回。不过我宁愿这样做:
User::loginRequired();
And return from the calling function inside of the loginRequired function... but because loginRequired() is in a separate class in a separate file, this won't work. Is it possible to return from the function that calls loginRequired(), within loginRequired()?
并且从loginRequired函数内部的调用函数返回...但是因为loginRequired()在单独的文件中的单独的类中,所以这不起作用。是否可以从loginRequired()中调用loginRequired()的函数返回?
Thanks.
4 个解决方案
#1
The way I've seen a number of open source apps handle this is by having a require_login() function which performs a redirect should the user not be logged in.
我看到许多开源应用程序处理这个问题的方法是使用require_login()函数,如果用户没有登录,它会执行重定向。
#2
I'm not sure you can do exactly what you want, however, you might want to look at using exceptions. This would allow you to throw an exception in the User::loginRequired function and catch it at some higher level. You could also look at using the exit() PHP function.
我不确定你能做到你想要的,但是,你可能想看看使用异常。这将允许您在User :: loginRequired函数中抛出异常并在更高级别捕获它。您还可以查看使用exit()PHP函数。
#3
Is the content WITHIN the actual page dynamic? What I mean is, do I need to authenticate just to see anything other than the login page, or do I see some things when I'm logged in and other things when I'm not, etc? Because if the entire directory/section of the server is behind a log-in screen you could just add something to the .htaccess file of the directory that redirects anyone not logged in, etc.
内容是否在实际页面中动态?我的意思是,我是否需要进行身份验证只是为了查看登录页面以外的任何内容,或者当我登录时看到一些东西以及其他什么时候我不是等等?因为如果服务器的整个目录/部分位于登录屏幕后面,您可以在目录的.htaccess文件中添加一些内容,重定向未登录的任何人,等等。
On the other hand, you could have that file holding the login status included into whatever page/script that the user is viewing, with the included file returning just the login status instead of its entire contents. This is covered under includes under Example 5, "include() and the return() statement". If you did this, you could use a ternary condition like:
另一方面,您可以将包含登录状态的文件包含在用户正在查看的任何页面/脚本中,并且包含的文件仅返回登录状态而不是其整个内容。这包含在例5,“include()和return()语句”下的包含下。如果你这样做,你可以使用三元条件,如:
$logged_in = (include('userlogin.php') == TRUE) ? TRUE : FALSE;
And then in each protected function have something like:
然后在每个受保护的函数中都有类似的东西:
global $logged_in;
You are still stuck with an IF clause wrapping the entire function, but at least you have the login status. If you wanted to get rid of the IF inside of the function, you could always make calling the function conditional. Like:
你仍然坚持使用包装整个函数的IF子句,但至少你有登录状态。如果你想摆脱函数内部的IF,你总是可以调用函数条件。喜欢:
$content = ($logged_in == TRUE) ? some_function() : redirect_User();
Then again, I just started learning this stuff 2 months ago and still don't understand classes and objects, so I could be way off base.
然后,我刚刚开始学习这个东西2个月前仍然不理解类和对象,所以我可能会离开基地。
#4
OT: I would consider changing the method's name to isLoggedIn() if your described purpose is the only one. A method called loginRequired() would be better off protecting confidential content.
OT:如果您描述的目的是唯一的,我会考虑将方法的名称更改为isLoggedIn()。名为loginRequired()的方法最好保护机密内容。
#1
The way I've seen a number of open source apps handle this is by having a require_login() function which performs a redirect should the user not be logged in.
我看到许多开源应用程序处理这个问题的方法是使用require_login()函数,如果用户没有登录,它会执行重定向。
#2
I'm not sure you can do exactly what you want, however, you might want to look at using exceptions. This would allow you to throw an exception in the User::loginRequired function and catch it at some higher level. You could also look at using the exit() PHP function.
我不确定你能做到你想要的,但是,你可能想看看使用异常。这将允许您在User :: loginRequired函数中抛出异常并在更高级别捕获它。您还可以查看使用exit()PHP函数。
#3
Is the content WITHIN the actual page dynamic? What I mean is, do I need to authenticate just to see anything other than the login page, or do I see some things when I'm logged in and other things when I'm not, etc? Because if the entire directory/section of the server is behind a log-in screen you could just add something to the .htaccess file of the directory that redirects anyone not logged in, etc.
内容是否在实际页面中动态?我的意思是,我是否需要进行身份验证只是为了查看登录页面以外的任何内容,或者当我登录时看到一些东西以及其他什么时候我不是等等?因为如果服务器的整个目录/部分位于登录屏幕后面,您可以在目录的.htaccess文件中添加一些内容,重定向未登录的任何人,等等。
On the other hand, you could have that file holding the login status included into whatever page/script that the user is viewing, with the included file returning just the login status instead of its entire contents. This is covered under includes under Example 5, "include() and the return() statement". If you did this, you could use a ternary condition like:
另一方面,您可以将包含登录状态的文件包含在用户正在查看的任何页面/脚本中,并且包含的文件仅返回登录状态而不是其整个内容。这包含在例5,“include()和return()语句”下的包含下。如果你这样做,你可以使用三元条件,如:
$logged_in = (include('userlogin.php') == TRUE) ? TRUE : FALSE;
And then in each protected function have something like:
然后在每个受保护的函数中都有类似的东西:
global $logged_in;
You are still stuck with an IF clause wrapping the entire function, but at least you have the login status. If you wanted to get rid of the IF inside of the function, you could always make calling the function conditional. Like:
你仍然坚持使用包装整个函数的IF子句,但至少你有登录状态。如果你想摆脱函数内部的IF,你总是可以调用函数条件。喜欢:
$content = ($logged_in == TRUE) ? some_function() : redirect_User();
Then again, I just started learning this stuff 2 months ago and still don't understand classes and objects, so I could be way off base.
然后,我刚刚开始学习这个东西2个月前仍然不理解类和对象,所以我可能会离开基地。
#4
OT: I would consider changing the method's name to isLoggedIn() if your described purpose is the only one. A method called loginRequired() would be better off protecting confidential content.
OT:如果您描述的目的是唯一的,我会考虑将方法的名称更改为isLoggedIn()。名为loginRequired()的方法最好保护机密内容。