質問編集履歴
3
config.php 内に「'」が不足していたため追加。
test
CHANGED
File without changes
|
test
CHANGED
@@ -208,7 +208,7 @@
|
|
208
208
|
|
209
209
|
// 'csrf_auto_token' => false,
|
210
210
|
|
211
|
-
'csrf_token_key' => csrf_token',
|
211
|
+
'csrf_token_key' => 'csrf_token',
|
212
212
|
|
213
213
|
'csrf_expiration' => 10000,
|
214
214
|
|
2
追加情報
test
CHANGED
File without changes
|
test
CHANGED
@@ -102,4 +102,536 @@
|
|
102
102
|
|
103
103
|
|
104
104
|
|
105
|
+
|
106
|
+
|
107
|
+
### 追加情報
|
108
|
+
|
109
|
+
```php
|
110
|
+
|
111
|
+
// authのConfigです
|
112
|
+
|
113
|
+
<?php
|
114
|
+
|
115
|
+
return array(
|
116
|
+
|
117
|
+
'driver' => 'Dbdriver',
|
118
|
+
|
119
|
+
'verify_multiple_logins' => false,
|
120
|
+
|
121
|
+
'salt' => 'dummy_salt',
|
122
|
+
|
123
|
+
'iterations' => 10000,
|
124
|
+
|
125
|
+
);
|
126
|
+
|
127
|
+
```
|
128
|
+
|
129
|
+
config/config.php
|
130
|
+
|
131
|
+
```php
|
132
|
+
|
133
|
+
<?php
|
134
|
+
|
135
|
+
/**
|
136
|
+
|
137
|
+
* Fuel is a fast, lightweight, community driven PHP 5.4+ framework.
|
138
|
+
|
139
|
+
*
|
140
|
+
|
141
|
+
* @package Fuel
|
142
|
+
|
143
|
+
* @version 1.8.1
|
144
|
+
|
145
|
+
* @author Fuel Development Team
|
146
|
+
|
147
|
+
* @license MIT License
|
148
|
+
|
149
|
+
* @copyright 2010 - 2018 Fuel Development Team
|
150
|
+
|
151
|
+
* @link http://fuelphp.com
|
152
|
+
|
153
|
+
*/
|
154
|
+
|
155
|
+
|
156
|
+
|
157
|
+
return array(
|
158
|
+
|
159
|
+
// 'base_url' => null,
|
160
|
+
|
161
|
+
// 'url_suffix' => '',
|
162
|
+
|
163
|
+
'index_file' => '',
|
164
|
+
|
165
|
+
'profiling' => false,
|
166
|
+
|
167
|
+
// 'cache_dir' => APPPATH.'cache/',
|
168
|
+
|
169
|
+
'caching' => true,
|
170
|
+
|
171
|
+
'cache_lifetime' => 7200, // In Seconds
|
172
|
+
|
173
|
+
// 'ob_callback' => null,
|
174
|
+
|
175
|
+
'language' => 'ja', // Default language
|
176
|
+
|
177
|
+
'language_fallback' => 'en', // Fallback language when file isn't available for default language
|
178
|
+
|
179
|
+
'locale' => null,
|
180
|
+
|
181
|
+
'encoding' => 'UTF-8',
|
182
|
+
|
183
|
+
'server_gmt_offset' => 0,
|
184
|
+
|
185
|
+
'default_timezone' => 'Asia/Tokyo',
|
186
|
+
|
187
|
+
'log_threshold' => Fuel::L_ALL,
|
188
|
+
|
189
|
+
// 'log_path' => APPPATH.'logs/',
|
190
|
+
|
191
|
+
'log_date_format' => 'Y-m-d H:i:s',
|
192
|
+
|
193
|
+
|
194
|
+
|
195
|
+
/**
|
196
|
+
|
197
|
+
* Security settings
|
198
|
+
|
199
|
+
*/
|
200
|
+
|
201
|
+
'security' => array(
|
202
|
+
|
203
|
+
'csrf_autoload' => false,
|
204
|
+
|
205
|
+
// 'csrf_autoload_methods' => array('post', 'put', 'delete'),
|
206
|
+
|
207
|
+
// 'csrf_bad_request_on_fail' => false,
|
208
|
+
|
209
|
+
// 'csrf_auto_token' => false,
|
210
|
+
|
211
|
+
'csrf_token_key' => csrf_token',
|
212
|
+
|
213
|
+
'csrf_expiration' => 10000,
|
214
|
+
|
215
|
+
|
216
|
+
|
217
|
+
/**
|
218
|
+
|
219
|
+
* A salt to make sure the generated security tokens are not predictable
|
220
|
+
|
221
|
+
*/
|
222
|
+
|
223
|
+
'token_salt' => 'dummy_token_salt',
|
224
|
+
|
225
|
+
|
226
|
+
|
227
|
+
/**
|
228
|
+
|
229
|
+
* Allow the Input class to use X headers when present
|
230
|
+
|
231
|
+
*
|
232
|
+
|
233
|
+
* Examples of these are HTTP_X_FORWARDED_FOR and HTTP_X_FORWARDED_PROTO, which
|
234
|
+
|
235
|
+
* can be faked which could have security implications
|
236
|
+
|
237
|
+
*/
|
238
|
+
|
239
|
+
// 'allow_x_headers' => false,
|
240
|
+
|
241
|
+
|
242
|
+
|
243
|
+
/**
|
244
|
+
|
245
|
+
* This input filter can be any normal PHP function as well as 'xss_clean'
|
246
|
+
|
247
|
+
*
|
248
|
+
|
249
|
+
* WARNING: Using xss_clean will cause a performance hit.
|
250
|
+
|
251
|
+
* How much is dependant on how much input data there is.
|
252
|
+
|
253
|
+
*/
|
254
|
+
|
255
|
+
'uri_filter' => array('htmlentities'),
|
256
|
+
|
257
|
+
|
258
|
+
|
259
|
+
/**
|
260
|
+
|
261
|
+
* This input filter can be any normal PHP function as well as 'xss_clean'
|
262
|
+
|
263
|
+
*
|
264
|
+
|
265
|
+
* WARNING: Using xss_clean will cause a performance hit.
|
266
|
+
|
267
|
+
* How much is dependant on how much input data there is.
|
268
|
+
|
269
|
+
*/
|
270
|
+
|
271
|
+
// 'input_filter' => array(),
|
272
|
+
|
273
|
+
|
274
|
+
|
275
|
+
/**
|
276
|
+
|
277
|
+
* This output filter can be any normal PHP function as well as 'xss_clean'
|
278
|
+
|
279
|
+
*
|
280
|
+
|
281
|
+
* WARNING: Using xss_clean will cause a performance hit.
|
282
|
+
|
283
|
+
* How much is dependant on how much input data there is.
|
284
|
+
|
285
|
+
*/
|
286
|
+
|
287
|
+
'output_filter' => array('Security::htmlentities'),
|
288
|
+
|
289
|
+
|
290
|
+
|
291
|
+
/**
|
292
|
+
|
293
|
+
* Encoding mechanism to use on htmlentities()
|
294
|
+
|
295
|
+
*/
|
296
|
+
|
297
|
+
// 'htmlentities_flags' => ENT_QUOTES,
|
298
|
+
|
299
|
+
|
300
|
+
|
301
|
+
/**
|
302
|
+
|
303
|
+
* Whether to encode HTML entities as well
|
304
|
+
|
305
|
+
*/
|
306
|
+
|
307
|
+
// 'htmlentities_double_encode' => false,
|
308
|
+
|
309
|
+
|
310
|
+
|
311
|
+
/**
|
312
|
+
|
313
|
+
* Whether to automatically filter view data
|
314
|
+
|
315
|
+
*/
|
316
|
+
|
317
|
+
// 'auto_filter_output' => true,
|
318
|
+
|
319
|
+
|
320
|
+
|
321
|
+
/**
|
322
|
+
|
323
|
+
* With output encoding switched on all objects passed will be converted to strings or
|
324
|
+
|
325
|
+
* throw exceptions unless they are instances of the classes in this array.
|
326
|
+
|
327
|
+
*/
|
328
|
+
|
329
|
+
'whitelisted_classes' => array(
|
330
|
+
|
331
|
+
'Fuel\Core\Presenter',
|
332
|
+
|
333
|
+
'Fuel\Core\Response',
|
334
|
+
|
335
|
+
'Fuel\Core\View',
|
336
|
+
|
337
|
+
'Fuel\Core\ViewModel',
|
338
|
+
|
339
|
+
'Closure',
|
340
|
+
|
341
|
+
),
|
342
|
+
|
343
|
+
),
|
344
|
+
|
345
|
+
|
346
|
+
|
347
|
+
/**
|
348
|
+
|
349
|
+
* Cookie settings
|
350
|
+
|
351
|
+
*/
|
352
|
+
|
353
|
+
// 'cookie' => array(
|
354
|
+
|
355
|
+
// Number of seconds before the cookie expires
|
356
|
+
|
357
|
+
// 'expiration' => 0,
|
358
|
+
|
359
|
+
// Restrict the path that the cookie is available to
|
360
|
+
|
361
|
+
// 'path' => '/',
|
362
|
+
|
363
|
+
// Restrict the domain that the cookie is available to
|
364
|
+
|
365
|
+
// 'domain' => null,
|
366
|
+
|
367
|
+
// Only transmit cookies over secure connections
|
368
|
+
|
369
|
+
// 'secure' => false,
|
370
|
+
|
371
|
+
// Only transmit cookies over HTTP, disabling Javascript access
|
372
|
+
|
373
|
+
// 'http_only' => false,
|
374
|
+
|
375
|
+
// ),
|
376
|
+
|
377
|
+
|
378
|
+
|
379
|
+
/**
|
380
|
+
|
381
|
+
* Validation settings
|
382
|
+
|
383
|
+
*/
|
384
|
+
|
385
|
+
// 'validation' => array(
|
386
|
+
|
387
|
+
/**
|
388
|
+
|
389
|
+
* Whether to fallback to global when a value is not found in the input array.
|
390
|
+
|
391
|
+
*/
|
392
|
+
|
393
|
+
// 'global_input_fallback' => true,
|
394
|
+
|
395
|
+
// ),
|
396
|
+
|
397
|
+
|
398
|
+
|
399
|
+
/**
|
400
|
+
|
401
|
+
* Controller class prefix
|
402
|
+
|
403
|
+
*/
|
404
|
+
|
405
|
+
// 'controller_prefix' => 'Controller_',
|
406
|
+
|
407
|
+
|
408
|
+
|
409
|
+
/**
|
410
|
+
|
411
|
+
* Routing settings
|
412
|
+
|
413
|
+
*/
|
414
|
+
|
415
|
+
// 'routing' => array(
|
416
|
+
|
417
|
+
/**
|
418
|
+
|
419
|
+
* Whether URI routing is case sensitive or not
|
420
|
+
|
421
|
+
*/
|
422
|
+
|
423
|
+
// 'case_sensitive' => true,
|
424
|
+
|
425
|
+
|
426
|
+
|
427
|
+
/**
|
428
|
+
|
429
|
+
* Whether to strip the extension
|
430
|
+
|
431
|
+
*/
|
432
|
+
|
433
|
+
// 'strip_extension' => true,
|
434
|
+
|
435
|
+
// ),
|
436
|
+
|
437
|
+
|
438
|
+
|
439
|
+
/**
|
440
|
+
|
441
|
+
* To enable you to split up your application into modules which can be
|
442
|
+
|
443
|
+
* routed by the first uri segment you have to define their basepaths
|
444
|
+
|
445
|
+
* here. By default empty, but to use them you can add something
|
446
|
+
|
447
|
+
* like this:
|
448
|
+
|
449
|
+
* array(APPPATH.'modules'.DS)
|
450
|
+
|
451
|
+
*
|
452
|
+
|
453
|
+
* Paths MUST end with a directory separator (the DS constant)!
|
454
|
+
|
455
|
+
*/
|
456
|
+
|
457
|
+
'module_paths' => [
|
458
|
+
|
459
|
+
APPPATH.'modules'.DS
|
460
|
+
|
461
|
+
],
|
462
|
+
|
463
|
+
|
464
|
+
|
465
|
+
/**
|
466
|
+
|
467
|
+
* To enable you to split up your additions to the framework, packages are
|
468
|
+
|
469
|
+
* used. You can define the basepaths for your packages here. By default
|
470
|
+
|
471
|
+
* empty, but to use them you can add something like this:
|
472
|
+
|
473
|
+
* array(APPPATH.'modules'.DS)
|
474
|
+
|
475
|
+
*
|
476
|
+
|
477
|
+
* Paths MUST end with a directory separator (the DS constant)!
|
478
|
+
|
479
|
+
*/
|
480
|
+
|
481
|
+
'package_paths' => array(
|
482
|
+
|
483
|
+
PKGPATH,
|
484
|
+
|
485
|
+
),
|
486
|
+
|
487
|
+
|
488
|
+
|
489
|
+
/**************************************************************************/
|
490
|
+
|
491
|
+
/* Always Load */
|
492
|
+
|
493
|
+
/**************************************************************************/
|
494
|
+
|
495
|
+
'always_load' => [
|
496
|
+
|
497
|
+
|
498
|
+
|
499
|
+
/**
|
500
|
+
|
501
|
+
* These packages are loaded on Fuel's startup.
|
502
|
+
|
503
|
+
* You can specify them in the following manner:
|
504
|
+
|
505
|
+
*
|
506
|
+
|
507
|
+
* array('auth'); // This will assume the packages are in PKGPATH
|
508
|
+
|
509
|
+
*
|
510
|
+
|
511
|
+
* // Use this format to specify the path to the package explicitly
|
512
|
+
|
513
|
+
* array(
|
514
|
+
|
515
|
+
* array('auth' => PKGPATH.'auth/')
|
516
|
+
|
517
|
+
* );
|
518
|
+
|
519
|
+
*/
|
520
|
+
|
521
|
+
// 'packages' => array(
|
522
|
+
|
523
|
+
// //'orm',
|
524
|
+
|
525
|
+
// ),
|
526
|
+
|
527
|
+
'packages' => [
|
528
|
+
|
529
|
+
'auth',
|
530
|
+
|
531
|
+
'email',
|
532
|
+
|
533
|
+
],
|
534
|
+
|
535
|
+
|
536
|
+
|
537
|
+
/**
|
538
|
+
|
539
|
+
* These modules are always loaded on Fuel's startup. You can specify them
|
540
|
+
|
541
|
+
* in the following manner:
|
542
|
+
|
543
|
+
*
|
544
|
+
|
545
|
+
* array('module_name');
|
546
|
+
|
547
|
+
*
|
548
|
+
|
549
|
+
* A path must be set in module_paths for this to work.
|
550
|
+
|
551
|
+
*/
|
552
|
+
|
553
|
+
'modules' => [
|
554
|
+
|
555
|
+
'AAA',
|
556
|
+
|
557
|
+
'BBB',
|
558
|
+
|
559
|
+
],
|
560
|
+
|
561
|
+
|
562
|
+
|
563
|
+
/**
|
564
|
+
|
565
|
+
* Classes to autoload & initialize even when not used
|
566
|
+
|
567
|
+
*/
|
568
|
+
|
569
|
+
// 'classes' => array(),
|
570
|
+
|
571
|
+
|
572
|
+
|
573
|
+
/**
|
574
|
+
|
575
|
+
* Configs to autoload
|
576
|
+
|
577
|
+
*
|
578
|
+
|
579
|
+
* Examples: if you want to load 'session' config into a group 'session' you only have to
|
580
|
+
|
581
|
+
* add 'session'. If you want to add it to another group (example: 'auth') you have to
|
582
|
+
|
583
|
+
* add it like 'session' => 'auth'.
|
584
|
+
|
585
|
+
* If you don't want the config in a group use null as groupname.
|
586
|
+
|
587
|
+
*/
|
588
|
+
|
589
|
+
// 'config' => array(),
|
590
|
+
|
591
|
+
'config' => [
|
592
|
+
|
593
|
+
],
|
594
|
+
|
595
|
+
|
596
|
+
|
597
|
+
/**
|
598
|
+
|
599
|
+
* Language files to autoload
|
600
|
+
|
601
|
+
*
|
602
|
+
|
603
|
+
* Examples: if you want to load 'validation' lang into a group 'validation' you only have to
|
604
|
+
|
605
|
+
* add 'validation'. If you want to add it to another group (example: 'forms') you have to
|
606
|
+
|
607
|
+
* add it like 'validation' => 'forms'.
|
608
|
+
|
609
|
+
* If you don't want the lang in a group use null as groupname.
|
610
|
+
|
611
|
+
*/
|
612
|
+
|
613
|
+
// 'language' => array(),
|
614
|
+
|
615
|
+
],
|
616
|
+
|
617
|
+
|
618
|
+
|
619
|
+
);
|
620
|
+
|
621
|
+
```
|
622
|
+
|
623
|
+
|
624
|
+
|
625
|
+
sessionのConfigはdefault(Core)のままで触ってはいません。
|
626
|
+
|
627
|
+
|
628
|
+
|
629
|
+
<データベース>
|
630
|
+
|
631
|
+
xamppの10.1.22-MariaDB、phpMyAdminのバージョンは4.8.5です。
|
632
|
+
|
633
|
+
|
634
|
+
|
635
|
+
|
636
|
+
|
105
637
|
お分かりになる方、どうぞご教授お願いします。
|
1
コメントの修正
test
CHANGED
File without changes
|
test
CHANGED
@@ -30,7 +30,7 @@
|
|
30
30
|
|
31
31
|
public function complete_login($user_id) {
|
32
32
|
|
33
|
-
Session::set('user_login', $user_id); ← ここは速い
|
33
|
+
Session::set('user_login', $user_id); // ← ここは速い
|
34
34
|
|
35
35
|
Session::instance()->rotate();
|
36
36
|
|
@@ -62,7 +62,7 @@
|
|
62
62
|
|
63
63
|
protected function perform_check() {
|
64
64
|
|
65
|
-
$this->user = Session::get('user_login'); ← ここに時間が掛かる
|
65
|
+
$this->user = Session::get('user_login'); // ← ここに時間が掛かる
|
66
66
|
|
67
67
|
return !empty($this->user);
|
68
68
|
|
@@ -80,7 +80,7 @@
|
|
80
80
|
|
81
81
|
protected function perform_check() {
|
82
82
|
|
83
|
-
$this->user = 'USER0001'; ← 固定値にすると速い
|
83
|
+
$this->user = 'USER0001'; // ← 固定値にすると速い
|
84
84
|
|
85
85
|
return !empty($this->user);
|
86
86
|
|