Correct password is not accepted in Yii login

2019-01-29 08:11发布

Hi i'm quite new to yii framework, currently trying to establish a login through database authentication. but while im trying to log in i get this error saying

Please fix the following input errors: Password is incorrect.

but when i check the database table im typing the correct password.

can anybody help me out if this

Heres the Controller


class SiteController extends Controller


public function actions()
    return array(


public function actionIndex()


public function actionError()
            echo $error['message'];
            $this->render('error', $error);

public function actionContact()
    $model=new ContactForm;
            $headers="From: $name <{$model->email}>\r\n".
                "Reply-To: {$model->email}\r\n".
                "MIME-Version: 1.0\r\n".
                "Content-Type: text/plain; charset=UTF-8";

            Yii::app()->user->setFlash('contact','Thank you for contacting us. We will respond to you as soon as possible.');

public function actionLogin()
        $form=new LoginForm;
            if($form->validate()  && $form->login()) $this->redirect(Yii::app()->user->returnUrl);


public function actionLogout()


herers the model


class LoginForm extends CFormModel

    public $email;
    public $password;

    private $_identity;

public function rules()
        return array(
        array('email, password', 'required'),
        array('email', 'email'),
        array('password', 'authenticate'),
public function attributeLabels()
            return array('email'=>'Email Address');
public function authenticate($attribute,$params)
            if(!$this->hasErrors())  // we only want to authenticate when no input errors
                $identity=new UserIdentity($this->email,$this->password);
                    case UserIdentity::ERROR_NONE:
                    case UserIdentity::ERROR_USERNAME_INVALID:
                $this->addError('email','Email address is incorrect.');
        default: // UserIdentity::ERROR_PASSWORD_INVALID
                $this->addError('password','Password is incorrect.');
public function login()
        $this->_identity=new UserIdentity($this->username,$this->password);
        $duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
        return true;
        return false;


here the view

/* @var $this SiteController */
/* @var $model LoginForm */
/* @var $form CActiveForm  */

$this->pageTitle=Yii::app()->name . ' - Login';

<p>Please fill out the following form with your login credentials:</p>

<div class="form">
<?php $myWidget=$this->beginWidget('CActiveForm', array(
)); ?>

    <p class="note">Fields with <span class="required">*</span> are required.</p>
    <?php echo CHtml::beginForm(); ?>

    <?php echo CHtml::errorSummary($form); ?>

    <?php echo CHtml::activeLabel($form,'email'); ?>
    <?php echo CHtml::activeTextField($form,'email') ?>

    <?php echo CHtml::activeLabel($form,'password'); ?>
    <?php echo CHtml::activePasswordField($form,'password') ?>

    <?php echo CHtml::submitButton('Login'); ?>

    <?php echo CHtml::endForm(); ?>

endWidget(); ?>

2楼-- · 2019-01-29 08:41

You have to write your authentication logic inside UserIdentity class not in LoginForm model.

  1. LoginForm model ex:-

     public function authenticate($attribute, $params) {
        if (!$this->hasErrors()) {
           $this->_identity = new UserIdentity($this->email, $this->password);
           if (!$this->_identity->authenticate())
            $this->addError('password', 'Incorrect username or password.');
    public function login() {
      if ($this->_identity === null) {
          $this->_identity = new UserIdentity($this->email, $this->password);
     if ($this->_identity->errorCode === UserIdentity::ERROR_NONE) {
         $duration = $this->rememberMe ? 3600 * 24 * 30 : 0; // 30 days
         Yii::app()->user->login($this->_identity, $duration);
         return true;
     } else
        return false;
  2. For database authentication you must have to add your authetication logic inside authenticate function using components\UserIdentity.php

    public function authenticate() {
    Yii::app()->getModule('auth')->getModule('user'); #import your module.
    $record = User::model()
            ->findByAttributes(array('email' => CHtml::encode($this->email))); #database call
    if ($record === null)
        $this->errorCode = self::ERROR_USERNAME_INVALID;
    #else if ($record->password !== crypt($this->password, $record->password))
    else if ($record->password !== $this->password)
        $this->errorCode = self::ERROR_PASSWORD_INVALID;
    else {
        $this->_uid = $record->user_id;
        $this->setState('title', $record->user_name);
        $this->setState('uid', $this->_uid);
        $this->errorCode = self::ERROR_NONE;
    return !$this->errorCode;


  3. If you have role based login then you have to add WebUser class in config/main.php.

    components' => array(
            'user' => array(
                // enable cookie-based authentication
                'class' => 'WebUser',
                'allowAutoLogin' => true,
  4. For role based assess check you have to write components\WebUser.php Class -

     class WebUser extends CWebUser {
    public function checkAccess($operation, $params = array()) {
        if (empty($this->id)) {
            // Not identified => no rights
            return false;
        $role = $this->getState("roles");
        if ($role === '3') {            
            return true; // super admin role has access to everything
        }else if ($role === '1') {            
            return true; // admin(manager) role has access to everything
        // allow access if the operation request is the current user's role
        return ($operation === $role);

For more information check Authentication and Authorization

登录 后发表回答