Yii CAPTCHA url is broken - yii

I want to create an AJAX-registration form on my Yii-project. So on every page I have a login-button, which shows a popup if the user isn't authorized. In that popup he can see registration form with email field, password field, and CAPTCHA (default Yii captcha).
So, my model for user's registration is User. There is a validation rule:
array('code', 'captcha', 'allowEmpty'=>!Yii::app()->user->isGuest),
My controller, where all user's actions are, is User (url: site.url/user/) and I added there captcha action:
'captcha'=>array(
'class'=>'CCaptchaAction',
'backColor'=>0xFFFFFF,
'foreColor'=>0x000000,
),
In my next code:
$this->widget('CCaptcha', array(
'clickableImage' => true,
'showRefreshButton' => false,
))
And here is a problem:( Being inside a popup, which can be shown on every page (index page, for example, which belongs Main controller) captcha wants to load an image from that controller (from /main/captcha, not /user/captcha).
Adding captcha in every controller is bad idea, so I added
'captchaAction' => '/user/captcha',
But after that captcha wants to load from an url
http://site.loc/user/captcha/v/4fe99aca1bbed
User-friendly url's crashed captcha and I can't avoid it (as I think, not being a yii-expert, it's because of common path-config).
Is there an easy solution to solve this? Should I repair URL's or re-configure CAPTCHA?

So, while I was waiting for help, I solved the problem by myself :)
In my project i separated my controllers into the next hierarchy:
/frontend
/backend
All controllers for common users are (of course) in Frontend section, including UserController and MainController.
Yes, I wrote some configs to hide /frontend/ in URL's like this:
'<c:\w+>/<a:\w+>' => 'frontend/<c>/<a>',
And i was sure, that string in my CAPTCHA config ('captchaAction' => '/user/captcha') knows where to go (and it was almost so!), but NO!
I should write FULL PATH to my controller and action like below:
'captchaAction' => '/frontend/main/captcha',
As I said in question, I placed my CAPTCHA action in UserController, but now you can see it is located in MainController (i deleted it from UserController)
And I got an error:
CCaptchaValidator.action "captcha" is invalid. Unable to find such an action in the current controller.
So, to solve this, I just had to use a property captchaAction of CCaptchaValidator in my User MODEL! Code:
array('code', 'captcha', 'captchaAction'=>'/frontend/main/captcha', 'allowEmpty'=>!Yii::app()->user->isGuest)
So, now my AJAX Captcha validation works correctly where I want.
Good luck with Yii's default CAPTCHA, dear community!

Related

Accessing a url directly without login

I am considering doing this -
Any url (excecpt those I disallow specifically) can be accessed directly without signing-in, however if you click on any of the links on the page, it will redirect you to the sign-up page
I am thinking of several ways of doing it, but neither is flexible enough to work with devise
Create a new link_to_not_registered helper which I will use on every link_to and it will check if the user is logged in or not
create a before_filter to check if the user is logged in. This is a bit problematic, as I don't know how to create a filter only when linking and not when directly accessing a page
Have an external flag to test if the user is logged in and change the page accordingly.
neither way helps me redirect the user after sign-in/sign up (new helper links to sign up, before filter becomes too complex, flags are too simple)
Is there a way to create a functionality of direct access to show actions while clicking on links requires login?
I think the best approach is a before_filter. You can check previous page by request.referrer, so if it's a page inside your app, you redirect user to signin path
def to_signin
redirect_to singin_path if request.referrer["http://myapp.com"]
end

Yii captcha never passes the validation even if, right letters are in place

This is on my model rules:
array('verifyCode', 'captcha', 'allowEmpty'=>!CCaptcha::checkRequirements()),
This is on my _form:
$this->widget('CCaptcha', array('buttonOptions' => array('class' => 'captcha-anchor')));
On my accessRules:
array('allow','actions'=>array('create','index','view','member', 'captcha'),
'users'=>array('*'),
),
I keep getting,
"The verification code is incorrect"
no matter what I do.
I'm using AjaxValidation with CActiveForm, and wish to keep using it.
Any clue how to fix this?
Please don't post any link, if you happen to know the answer, please describe it, so we can discuss if in need.
Please note that the captcha image is displaying and reloading. No issues there.
Thanks.
I have same problem and it return false every time because :
1- I define Get POST in some base controller and i send a ajax request to home controller which extended from base , because i can not call base controller directly so i change ajax request to current controller not home controller for all pages.
2- I hard coded JQuery in my layout so Yii load two JQuery in the Page so it send 2 request , first verified and second fails, i disabled JQuery auto load helping by this link.

A special application state issue

I am developing a facebook like social networking website using Yii framework. As a logged in user can see profile of any user they got while searching or by other means. in facebook it happens like
facebook.com/marthajoseph/photos
Here the user is viewing the profile of "marthajoseph". Same thing I want to achieve in yii.
Currently I did something like this
myapplication.com/index.php?r=u/default/index?uid=110
Here "u" is a model for users.
Here I am viewing profile of the user with user id "110". The issue is each time I switch the user's photos, profile, posts etc I have to append this uid query string with the url which leads to instability.
How can I achieve the facebook like thing?
I would suggest rewriting the URL completely using the Yii URL Management as mentioned by ernie above
First of all, use path format for the URL. This is done by firstly un-commenting the urlManager lines in protected/config/main.php (around line 34 by default). What this does is let you use "pretty URLs", for example, instead of the URL looking something like this:
www.example.com/index.php?r=user/profile?uid=110
You can have it something like this:
www.example.com/user/110
So, for example, if we wanted to route any URL which has the structure profile/<a users id> to our User Controllers view action (actionView), we could do something like:
'urlManager'=>array(
'urlFormat' => 'path',
'showScriptName' => false,
'rules' => array(
'user/profile/<id:.+>' => 'user/view',
...
So on the left side of the array we have "what the URL will look like", and on the right we have "where it is pointing". You can then access the id value in your view or in your controller using a $_GET, for example:
echo "You are viewing user id ".$_GET['id'];
You could use this value to query for photos or profile content or whatever associated with that user. In terms of having the users name in the URL (how facebook does it, eg: facebook.com/myusername), you would most likely let the user enter their vanity URL somewhere along the line and store that in the database. You could then change your rule to something like:
'user/profile/<user_vanity_url:.+>' => 'user/view',
And then access that value the same as above using a $_GET. One piece of advice if you go this route is to keep in mind that you should be preventing users from making being able to view content they are not allowed to view, for example, viewing the photos of someone who is not their friend. I would assume you have some sort of table storing these relations?
In regards to having to append the id or whatever value you are passing through the URL, you can simply append it in the view or wherever your HTML is being created, so for example if you want to display a link to the users photos from their profile page you could do something like:
One other thing regarding the URL rules in your urlManager, rules are interpreted from top to bottom, and the first matched rule will be used.
Hopefully this helps you on the right path. Check out the following posts if you are still stuck:
http://yiitutorials.net/easy/easy-url-rewriting-with-yii
Yii basic url rewrite

Yii-User and Yii-eauth integration

I am trying to put together an application using yii-user and yii-eauth extensions but I am coming up short. When I create a new webapp and install eauth I can get it to work fine so I know that I am not doing anything wrong on that end. I think the problem lies with my urls. This is a demo of what it is supposed to be like: http://nodge.ru/yii-eauth/demo/login. When someone clicks on say google it should bring you to the google sign in page but on my application I am getting a 404 error that states "The system is unable to find the requested action "login"." The url for this is user/user/login/service/google_oauth whereas the url should read user/login/service/google_oauth. Upon typing this into the browser manually I am redirected to the right page.
So I took a look into the EAuthWidget.php class to see if I could find out where it was getting that extra "user" from but I could not figure it out. I think it may have something to do with the fact that I have this in the user module which is in the /modules/user directory in my webapp. I also tried to use the URLManager to point to the right address but with no luck.
Does anyone have any similar experiences setting this up? Or any suggestions?
You just need to change the widget initialization code in your view(namely change the action property of the widget), somewhat like this:
<h2>Do you already have an account on one of these sites? Click the logo to log in with it here:</h2>
<?php
$this->widget('ext.eauth.EAuthWidget', array('action' => 'login'));
?>
Just to add, keep in mind that this action depends on which view you are including this widget, if the view is protected/views/site/login.php (which is yii's default site login view) then action should be able to go to the yii-user module's login action, so it'll be : 'action'=>'/user/login' , however if you are including this widget in yii-user's protected/modules/user/views/user/login.php then the action will be 'login' as already mentioned.

Redirect After Registration in Drupal

Any one know how to go back to the "last page" after a user is presented the login screen and chooses to create a new account?
Basically the sequence is this:
User tries to get to protected content
Redirected to login page
If he logs in he is redirected to original page
If he chooses "create new account" and fills it out, he is redirected to the home page
How do we get him automatically redirected to the original page (not a static page).
There are several ways to go about this. The most straight-forward is to have a login link somewhere in the navigation that appends the destination to the url. The code for this is something like:
<?php
if (user_is_anonymous()) {
$link = l(t('Login'), 'user/login', array('query' => drupal_get_destination()));
}
?>
You can also set a custom access denied page at admin/settings/error-reporting that could either go to a callback that outputs the above code, or to a simple php node that outputs that code.
Additionally, the user login block provided with Drupal core uses the same method to redirect a successful login back to the originating page.
Edit: Note that the above methods will rarely work for registration, because there are more steps involved there. Specifically, when a user needs to verify an email address, passing the originating destination along via the email would involve modifying the core user registration process.
It will potentially still work on a site configured to not verify email addresses. The idea then would be to provide 2 links: 1 for login and the other for registration, both passing along destination information.
LoginToboggan may also be worth pursuing, although it doesn't yet offer the exact registration feature you're looking for.
straight php would be to include a header of this form:
<?php header("Location: " . $_SERVER['HTTP_REFERER']); ?>
for more information refer to the php manual
EDIT:
you can also include a hidden field in your form and set it to
$url = $_SERVER['PHP_SELF']; // or HTTP_REFERER depending on the setup
include the header code snipped to your registration form.