CakePHPã?§ã??確èª?ç??é?¢ã??確èª?ã?¡ã??ã??ã??ã??ã?®ã?¦ã??ã?¶ã??ç??é??ã??ã?¤ã??ã??
CakePHPã?¯ã??ã??ã?¿ã??ã??ã??å?¨ã??ã?®å?¦ç??ã??ã?¨ã??ã??ã??æ??ã?¡ã??ã?ªã?®ã?§ã??ã??ã??ä¸?度確èª?ç??é?¢ã??æ??ã??ã??ã??確èª?ã?¡ã??ã??ã??æ??ã??ã??ã??ã??ã??ã?¨ã??ã??ã??ã??ã??ã??ã??ã??é?£ã??ã??ã?ªã??ã??ã??ã??
ã??ã??ã?§ã??ã??ã??ã?§ã?¯ã?©ã?¡ã??ã??å®?ç??ã??ã??ã??ã??ã??ã??ã??ä??ã?£ã?¦ã?¿ã??ã??ã??ã??ä??ä¸?ã??ã??ã??覧ä¸?ã??ã??ã?? http://h2o-space.com/dev/user_add/
ã??ã??ã??ã?¡ã??ã??ã?¢ã??ã?¬ã??ã?¨ã??ã??ã?¯ã??ã??ã??è¨?å®?ã??ã??ã?¨ç¢ºèª?ç??é?¢ã??ç§?å??ã??ã??ã??ã??æ?¸ã??ã?ªã??ã??ã??ã?¨ã??å?ºæ??ã??ã??ã?? ç¶?ã??ã?¦ã??確èª?ã?¡ã??ã??ã??é??ä¿¡ã??ã?¦é??ã??ã??ã??URLã??ã?¯ã?ªã??ã?¯ã??ã??ã?¨æ?£å??ç??é??ã??ã?§ã??ã??ã?¨ã??ã??ä??ç??ã?¿ã?§ã??ã??
é??ç?ªã??ä??ã?£ã?¦ã??ã??ã??ã??ã??ã??ã??
ã??ã??ã?¿ã??ã??ã??ã?®æ§?ç¯?ã?¨CakePHPã?®æº?å??
ã??ã??ã?¯ã??ã??ã??ã?¿ã??ã??ã??ã??æº?å??ã??ã??ã??ã??次ã?®ã??ã??ã??ã??ã??ä??æ??ã??ã??ã??ã??ã??ã??
CREATE TABLE `ua_users` ( `id` int(11) NOT NULL auto_increment, `status` tinyint(4) default NULL, `username` varchar(255) default NULL, `password` varchar(255) default NULL, `keycode` varchar(20) default NULL, `created` datetime default NULL, `modified` datetime default NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CakePHPã?® Authã??ã??ã??ã??ã??ã??ã??ã??ä?¿ã??ã??ã??ã??ã??usernameã??ã?¨ã??passwordã??ã?¨ã??ã??ã??ã?£ã??ã??ã??å??ã??ä??ã?£ã?¦ã??ã??ã??ã??ã??ä??ã??é??è¦?ã?ªã?®ã?¯ã??statusã??ã?¨ã??keycodeã??ã?§ã??ã??ã??ã??ã??ã?¯ã??ã?®å??解説ã??ã??ã??ã??
次ã??ã??CakePHPã??ã??ã?¦ã??ã??ã??ã??ã??ã?¦ã??/app/config/core.phpã?®ã??Security.saltã??ã?®è¨?å®?ã?¨ã??database.phpã??ã??è¨?å®?ã??ã?¦è¡?ã??ã??ã??ã??ã??ã?®ã??ã??ã??ã?¯ã??ã??ã??ã??ã?ªã??ã?¤ã??ã?§è§£èª¬ã??ã??ã??ã?®ã?§ã??ã??ã?®ã??ã??ã??ã??å??è??ã??ã??
ã??ã??ã??ã??ã??ã??ã??ã?®è¿?å??
ç¶?ã??ã?¦ã??ã??ã??ã??ã??ã??ã??ã??è¿?å??ã??ã??ã??ã??ã??ã??ã?§ã?¯ã??é??å??ã?¡ã??ã??ã?®é??ä¿¡ã??Qdmailã??ä?¿ã??ã??ã?¦ã??ã??ã??ã??ã??ã??ã??
ã??ã?¦ã??ã??ã??ã??ã??ã?¦ã??/app/controllers/componentsã??ã??ã??qdmail.phpã??ã??ã??ã??ã??ã??ã??ã??ã??
Userã??ã??ã??ã??ã??ã?©ã??ã?¢ã??ã??ã?®è¿?å??
ç¶?ã??ã?¦ã??Bakeã?ªã?©ã??ä?¿ã?£ã?¦Userã?®ã??ã??ã??ã??ã??ã?©ã??ã??ã?¢ã??ã??ã??è¿?å??ã??ã?¦è¡?ã??ã??ã??ã??
/app/models/user.php
class User extends AppModel {
var $name = 'User';
var $validate = array(
'username' => array(
'rule' => 'email',
'required' => true,
'message' => '* ã?¡ã??ã??ã?¢ã??ã?¬ã??ã??è¨?å??ã??ã?¦ã??ã??ã??ã??'
),
'password_s' => array(
'rule' => array('minLength', 6),
'required' => true,
'message' => '* ã??ã??ã?¯ã??ã??ã?¯ 6æ??å??ä??ä¸?ã?§è¨?å??ã??ã?¦ã??ã??ã??ã??'
)
);
}
/app/controlls/user_controller.php
class UsersController extends AppController {
var $name = 'Users';
var $components = array('Session', 'Auth', 'Qdmail');
function beforeFilter() {
$this->Auth->allow('*');
}
}
ã?¢ã??ã??ã?§ã?¯ã??ã??usernameã??ã?¨ã??password_sã??ã??ã??ã??ã??ã?? validateã??è¨?å®?ã??ã??ã??ã??ã??ã??ã??ã??ã??ã?©ã??ã?§ã?¯ã??ã??Sessionã??ã??Authã??ã?¨å??ç¨?ç??ã?¿è??ã??ã??ã??Qdmailã??ã??ã??ã??ã??ã??ã??ã??ã??èª?ã?¿è??ã??ã?§ã??beforeFilterã?§ã??Authã??ã?®ã??allowã??ã?§å?¨é?¨ã?®ã?¢ã?¯ã??ã?§ã??ã??許å?¯ã??ã??ã??ã??ã?? ã??ã??ã??ã?ªã??ã?¨ã??ã??ã?°ã?¤ã??ç??é?¢ã??é£?ã?°ã??ã??ã?¨ã??ã?¦ã??ã??ã??ã??ã??ã??
ç??é??ç??é?¢ã?®ä??æ??
ã??ã??ã?§ã?¯ã??ç??é??ç??é?¢ã??ä??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??æº?å??ã??ã??ã??ã??
/views/add.ctp
<h2>ã?¦ã??ã?¶ã??ç??é??</h2>
<?php echo $form->create('User', array('action'=>'add')); ?>
<dl>
<dt>ã?¡ã??ã??ã?¢ã??ã?¬ã??</dt>
<dd><?php echo $form->text('User.username') . $form->error('User.username'); ?></dd>
<dt>ã??ã??ã?¯ã??ã??</dt>
<dd><?php echo $form->password('User.password_s') . $form->error('User.password_s'); ?></dd>
</dl>
<?php echo $form->submit('ç??é??å??å®?ã??確èª?ã??ã??'); ?>
<?php echo $form->end(); ?>
ã??ã??ã?§ã?®ã??ã?¤ã??ã??ã?¯ã??ã??ã??ã?¯ã??ã??ã?®ã??ã?£ã??ã??ã??ã??ã??password_sã??ã?¨ã??ã??ã??ã?£ã??ã??ã??ã??ã?ªã?£ã?¦ã??ã?¦ã??ã??ã??ã?¿ã??ã??ã??ã?¨ä¸?è?´ã??ã?¦ã??ã??ã??ã??ã?? ã??ã??ã?¯ã??Authã??ã??ã??ã??ã??ã??ã??ã??ä?¿ã??å??å®?ã?§ã??Authã??ã??ã??ã??ã??ã??ã??ã?¯ã??passwordã??ã?¨ã??ã??ã??ã?£ã??ã??ã??å??ã??è¦?ã??ã?¨ã??ã??ã??ã??æ??å??å??ã??ã??ã?¦ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ä¸?å?¯é??æ??å??ã?ªã?®ã?§ã??ã?¨ã??æ??ã??ã??ã?¨ã??å?ºæ??ã??ã??ã??ã??
ã??ã??ã?§ã?¯ã??ã?¦ã??ã?¶ã??ç??é??æ??ã??ã??ã??ã?¯ã??ã??ã?®æ??å??æ?°ã??ã?§ã??ã?¯ã??å?ºæ??ã?ªã??ã?®ã?§ã??ã?£ã??ã??ã??å??ã??å¤?ã??ã?¦ã??ã??ã?®ã?§ã??ã??
ã??ã??ã??ã??ã??ã?©ã??ã?®ã??addã??ã?¢ã?¯ã??ã?§ã??ã?¯æ¬¡ã?®ã??ã??ã??ã?ªã??ã??ã??ã??
/app/controllers/users_controller.phpã??è¿?å??
function add($action = null) {
// submit
if (!empty($this->data)) {
$this->User->set($this->data);
if ($this->User->validates()) {
$this->data['User']['password_s'] = $this->Auth->password($this->data['User']['password_s']);
$this->Session->write('user', $this->data);
$this->set('data', $this->data);
$this->render('check');
}
}
// rewrite
if ($action == 'rewrite' && $this->Session->check('user')) {
$this->data = $this->Session->read('user');
// remove 'password_s'
$this->data['User']['password_s'] = '';
}
}
確èª?ç??é?¢ã??ç§?å??ã??ã??ã??ã??ã??ã??ç??é??ã??ã??ã??å??å®?ã??ã??ã??ã??ã?§ã??ã??è¨?é??ã??ã??ã??ã??ã??ã?®ã?¨ã??ã??password_sã?¯Authã??ã??ã??ã??ã??ã??ã??ã??ä?¿ã?£ã?¦æ??å??å??ã??ã?¦ã??ã??è¨?é??ã??ã?¦ã??ã??ã??ã??ã??
確èª?ç??é?¢ã??ä??ã??
ç¶?ã??ã?¦ç¢ºèª?ç??é?¢ã??ä??ã??ã??ã??ã??
/views/check.ctp
<h2>ç??é??å??å®?ã?®ç¢ºèª?</h2>
<?php echo $form->create('User', array('action'=>'check')); ?>
<dl>
<dt>ã?¡ã??ã??ã?¢ã??ã?¬ã??</dt>
<dd><?php echo h($data['User']['username']); ?></dd>
<dt>ã??ã??ã?¯ã??ã??</dt>
<dd>ã??表示ã??ã??ã??ã??ã??</dd>
</dl>
<?php echo $html->link('â?ªæ?¸ã??ç?´ã??', 'add/rewrite'); ?>
<?php echo $form->submit('確èª?ã?¡ã??ã??ã??é??ä¿¡ã??ã??'); ?>
<?php echo $form->end(); ?>
ã??ã?®æ??ç??ã?§ã??ã??ã?§ã??ã??ã??ã?¯ã??ã??ã?¯è¡¨ç¤ºã?§ã??ã?ªã??ã?ªã?£ã?¦ã??ã??ã??ã??ã??ã??ã??ã?§ã?¯è¡¨ç¤ºã??ã?¦ã??ã??ã??ã??ã??
ã??æ?¸ã??ç?´ã??ã??ã?¨ã??ã??ã?ªã??ã?¯ã?¯ã??addã??ã?¢ã?¯ã??ã?§ã??ã??ã??rewriteã??ã?¨ã??ã??ã??ã?©ã?¡ã??ã?¿ã??ä??å??ã??ã?¦ã?ªã??ã?¯ã??ã??ã??ã?? å??ç¨?ã?®ã??ã??ã?°ã?©ã??ã?§ã??addã?¢ã?¯ã??ã?§ã??ã?¯ã??$actionã??ã??ã?©ã?¡ã??ã?¿ã??ã??rewriteã??ã?§ã??ã?¤ã??ã??ã??ã??ã?§ã??ã??ã??ã??ã?¿ã??è¨?é??ã??ã??ã?¦ã??ã??ã??ã??ã??ã??ã??å?©å??ã??ã??ã?¨ã??ã??å?¦ç??ã??å??ã??ã?¦ã??ã??ã??ã??
ã??ã??ã??ã??ã??ã??ã?¯ã??ã??ã?¯å??ç??å?ºæ??ã?ªã??ã??ã??空ç??ã??ã??ã?¦æ??ã??ã?¦è¨?å??ã??ã?¦ã??ã??ã??ã??ã??ã??
ã??ã??ã??ã??ã??ã?©ã??ã??ã??ã??checkã??ã?¢ã?¯ã??ã?§ã??ã??ä??ã??ã??ã??ã??
/app/controllers/users_controller.phpã??è¿?å??
function check() {
if (!$this->Session->check('user')) {
$this->redirect('add');
}
$this->data = $this->Session->read('user');
// delete already data
$this->User->deleteAll(array('username'=>$this->data['User']['username']));
// create keycode
$this->data['User']['keycode'] = $this->Utility->getRandomString('10', 'num_char');
$this->data['User']['status'] = '0';
$this->data['User']['password'] = $this->data['User']['password_s'];
// pre add
if (!$this->User->save($this->data)) {
$this->redirect('add');
}
// send a comfirmation mail
$from = 'support@h2o-space.com';
$subject = 'ã?¦ã??ã?¶ã??ç??é??ã?®ç¢ºèª?';
$body = "次ã?®URLã??ã?¯ã?ªã??ã?¯ã??ã?¦ã??ã?¦ã??ã?¶ã??ç??é??ã??å®?äº?ã??ã?¦ã??ã??ã??ã??ã??n{url}";
$this->Qdmail->to($this->data['User']['username']);
$this->Qdmail->from($from);
$this->Qdmail->subject($subject);
$body = r('{url}', Router::url('/', true) . 'users/active/' . $this->data['User']['keycode'] , $body);
$this->Qdmail->text($body);
$this->Qdmail->send();
$this->set('email', $this->data['User']['username']);
$this->render('check_mail');
}
ã??ã??ã??æ??é?£é?¢ã??ã??ã??ã?¯ã??ã??ã??ã?§ã??ã??ã??ã?§ã??ã?¯ã??ã?¦ã??ã??ã?¡ã??ã?¨è¨?é??ã??ã??ã?¦ã??ã??ã??ã??ã??ã?¿ã??ã??ã??ã??ä?®ç??é??ã??ã??ã??ã??ã?? ã??ã?®ã?¨ã??ã??é?£ç¶?ã??ã?¦ä??度ã??ç??é??ã??ã??ã?¦ã??ã??å?´å??ã?®ã??ã??ã??ã??ã??ã?§ã??ç??é??ã??ã??ã?¦ã??ã??ã??ã??ã?¿ã??ä¸?æ?¦å??é?¤ã??ã??ã??ã??
ã??ã??ã?¦ã??確èª?ã?¡ã??ã??ã??è¨?è??ã??ã??ã??ã??ã??ã??ã??ã??ç??æ??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã?®ç??æ??ã?¯æ±?ç?¨æ?§ã??é??ã??ã?®ã?§ã??å??é??ã??ã??ã??ã??ã??ã??ã??ã??ä??æ??ã??ã??ã??ã??ã??Utilityã??ã??ã??ã??ã??ã??ã??ã?§ã??ã??次ã?®ã??ã?¡ã?¤ã??ã??ä??ã??ã??ã??ã??ã??ã??
/app/controllers/components/utility.php
class UtilityComponent extends Object {
/**
* get random string
* @param int $length
* @param string $complex (num, char, num_char, all)
*/
function getRandomString($length = 10, $complex = 'num') {
$num = '012345679';
$char = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$sign = '!#$%&()-=+*}{[]';
switch($complex) {
case 'num':
$str = $num;
break;
case 'char':
$str = $char;
break;
case 'num_char':
$str = $num . $char;
break;
case 'all':
$str = $num . $char . $sign;
break;
}
list($msec, $sec) = split(' ', microtime());
mt_srand($msec*100000);
$ret = '';
for($i=0; $i<$length; $i++) {
$x = mt_rand(0, strlen($str)-1);
$ret .= substr($str, $x, 1);
}
return $ret;
}
}
æ¡?æ?°ã??ã??種é¡?ã??æ??å®?ã??ã?¦ã?©ã??ã??ã??ã?ªæ??å??å??ã??å??å??ã??ã??ã??ã?¨ã??å?ºæ??ã??ã??ã?? ã??ã??ã??ã??ã??users_controller.phpã??ã??ã??ã??次ã?®ã??ã??ã??ã??ã?¦å??ç?§ã??ã??ã??ã??
/app/controllers/users_controller.phpã??å¤?æ?´
class UsersController extends AppController {
var $name = 'Users';
var $components = array('Session', 'Auth', 'Qdmail', 'Utility'); // â??ã??ã??
ã??$componentsã??ã?®æ??å??ã??ã??Utilityã??ã??è¿?å??ã??ã??ã??ã??ã??ã??ã??ã?§ã??ä?¿ã??ã??ã?¨ã??å?ºæ??ã??ã??ã??
ã??ã??ã??ã?¦ã??keycodeã??statusã??ã??ã??ã??ã??ã??ã??ã??ä¸?æ?¦ä?®ç??é??ã??ã??ã?¦ã??ã??ã??ã??ã??ã??ã?®ä¸?ã?§ã??Qdmailã??ä?¿ã?£ã?¦ç¢ºèª?ã?¡ã??ã??ã??é??ã??ã??ã??ã??
確èª?ã?¡ã??ã??ã?®ç¢ºèª?
æ??å??ã??確èª?ã?¡ã??ã??ã?®ç¢ºèª?ã?§ã??ã??ã??activeã??ã?¢ã?¯ã??ã?§ã??ã??ä??ã??ã??ã??ã??
/app/controllers/users_controller.phpã??è¿?å??
function active($keycode = null) {
if ($keycode == '') {
$this->redirect('index');
}
$data = $this->User->findAllByKeycode($keycode);
if ($data) {
$this->User->updateAll(
array('keycode'=>null, 'status'=>'1'),
array('id'=>$data[0]['User']['id'])
);
$this->render('finish');
} else {
$this->render('failed');
}
}
activeã??ã??ã??ã??ã??ã?©ã??ã??ã?¯ã??$keycodeã??ã??ã?©ã?¡ã??ã?¿ã??渡ã?£ã?¦ã??ã??ã?®ã?§ã??ã??ã??ã??ä?¿ã?£ã?¦ã??ã??ã?¿ã??ã??ã??ã??ã??ã??ã??ã?¿ã??å??ç?§ã??ã??ã??ã??
ç?ºè¦?ã?§ã??ã??ã??ã??statusã?? 1ã??ã??keycodeã??å??é?¤ã??ã?¦ã?¢ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã?¨ã?§ã??æ?£å??ç??é??ã??ã??ã??ã??ã??ã??å??ã?¯ã??å®?äº?ç??é?¢ã??表示ã??ã??ã?¦å®?äº?ã?? å?ºæ??ä¸?ã??ã??ã??ã??ã??ï??
å??ç??ç??ã?¨ã??ã?¦ã??ã??ã??ã??
ã??ã??ã?°ã?©ã??ã??ä??ã?£ã?¦è¨?äº?ã??æ?¸ã??ã?ªã??ã??æ??ã?£ã??ã?®ã?§ã??ã??ã??ä??ã?®ä??ç??ã?¿ã??ã?¨keycodeã??ã??ã??ã??ã??é??ã?ªã?£ã?¦ã??ã??ã?£ã??ã?¨ã??ã??ã??å??人ã??æ?£å??ç??é??ã??ã??ã?¦ã??ã??ã??ã??ã??ã??ã??ã?? 確èª?ã?¡ã??ã??ã?®ã??ã?©ã?¡ã??ã?¿ã??idã??å¢?ã??ã??ã??ã??ã??keycodeã??é??ã?ªã??ã?ªã??ã??ã??ã?ªã??ã??ã?¿ã??ã??ã??ã?ªã?©ã?®å??å¤?ã??å¿?è¦?ã?§ã??ã??ã??ã??ã??ã??æ??ã??ã?¦ã??ã??ã?¸ã?§ã??ã?¢ã??ã??ã??ã?¦ã?¨ã??ã??ã?ªã??ã??ã??ã??ã??
ä??ã??ã?®å??è??ã??ã??ã?¦ã?¿ã?¦ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã??ã?®ã??ã?¦ã??ã??ã??ã??ã?¯ã??ã?¡ã??ã??ã??ã?©ã??ã??ã?? ï??database.phpã?¨core.phpã?®Security.saltã?®è¨?å®?ã??ã??ã?ªã??ã?¨å??ä??ã??ã??ã??ã??ï??
- H2O Space. Blog 最新エントリ
セキュアな環境が働き方改革を促進
ついに到来した「大HCI時代」
多忙な「ひとり情シス」担当に朗報
IoT時代の新たなモノづくり
進研ゼミをAzureで再構築
マンガでわかるサイバー攻撃対策
セキュリティの考え方もチェンジ!
なぜIT部門は幸せになれない 後編
ビジネス視点で評価せよ!
真の生産性向上を成す働き方とは