How to get current Joomla user with external PHP script(如何使用外部 PHP 脚本获取当前的 Joomla 用户)
问题描述
我有几个用于 AJAX 查询的 PHP 脚本,但我希望它们能够在 Joomla 身份验证系统的保护伞下运行.以下安全吗?是否有多余的线条?
I have a couple PHP scripts used for AJAX queries, but I want them to be able to operate under the umbrella of Joomla's authentication system. Is the following safe? Are there any unnecessary lines?
<?php
define( '_JEXEC', 1 );
define('JPATH_BASE', dirname(__FILE__));
define( 'DS', DIRECTORY_SEPARATOR );
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
/* Create the Application */
$mainframe =& JFactory::getApplication('site');
/* Make sure we are logged in at all. */
if (JFactory::getUser()->id == 0)
die("Access denied: login required.");
?>
test.php:
<?php
include 'joomla-auth.php';
echo 'Logged in as "' . JFactory::getUser()->username . '"';
/* We then proceed to access things only the user
of that name has access to. */
?>
推荐答案
虽然我在代码中没有看到任何不安全的内容,但最好对标准 Joomla 组件进行 AJAX/JSON 调用.这里有一篇关于如何执行此操作的好文章:http://blog.syncleon.com/2009/05/ajax-ify-your-joomla-website.html 我还在我的书 http://www.packtpub.com/files/learning-joomla-1-5-extension-development-sample-chapter-8-using-javascript-effects.pdf(跳至第 168 页).
While I don't see anything in the code that's unsafe, it's best to make your AJAX/JSON calls to a standard Joomla component. There's a good article on how to do this here: http://blog.syncleon.com/2009/05/ajax-ify-your-joomla-website.html I've also written about JavaScript, Joomla, and asynchronous requests in my book http://www.packtpub.com/files/learning-joomla-1-5-extension-development-sample-chapter-8-using-javascript-effects.pdf (skip down to page 168).
本质上,您所做的是为 AJAX 调用的输出创建一个视图,然后创建一个 view.xml.php(或 view.json.php)文件而不是 view.html.php.当您将 &format=xml 添加到请求 URL 的末尾时,它将从 view.xml.php 而不是 view.html.php 中提取.
Essentially, what you do is create a view for the output of your AJAX call, then create a view.xml.php (or view.json.php) file instead of a view.html.php. When you add &format=xml to the end of your request URL, it will pull from view.xml.php instead of view.html.php.
这篇关于如何使用外部 PHP 脚本获取当前的 Joomla 用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:如何使用外部 PHP 脚本获取当前的 Joomla 用户
基础教程推荐
- XAMPP 服务器不加载 CSS 文件 2022-01-01
- 在 Woocommerce 中根据运输方式和付款方式添加费用 2021-01-01
- 如何在 PHP 中的请求之间持久化对象 2022-01-01
- 在 PHP 中强制下载文件 - 在 Joomla 框架内 2022-01-01
- mysqli_insert_id 是否有可能在高流量应用程序中返回 2021-01-01
- WooCommerce 中选定产品类别的自定义产品价格后缀 2021-01-01
- 通过 PHP SoapClient 请求发送原始 XML 2021-01-01
- 在多维数组中查找最大值 2021-01-01
- 超薄框架REST服务两次获得输出 2022-01-01
- Libpuzzle 索引数百万张图片? 2022-01-01
