In YII Framework, the Captcha doesn't show(conflict with accessControl)

Question

In my site, only when I remove the filters() method, the captcha can show up. other time the captcha doesn't work. and my php gd support is enable.

now I am using a custome WebUser, if I remove it from config, the captcha also works well.

by the way, if I access user/captcha directly, it only show a picture box, but not content, maybe can not load the picture..

here are some code segments in my UserController:

actions();

public function actions()
{
    return array(
        // captcha action renders the CAPTCHA image displayed on the contact page
        'captcha'=>array(
            'class'=>'CCaptchaAction',
            'backColor'=>0xFFFFFF,
            'minLength' => 4,
            'maxLength' => 4,
            'testLimit' => 99999
            )
    );
}

filters():

public function filters()
{
    // return the filter configuration for this controller, e.g.:
    return array(
        "accessControl",
    );
}

accessRulse():

public function accessRules()
{
    return array(
        array('allow',  // allow all users to perform 'index' and 'view' actions
            'actions'=>array('captcha'),
            'users'=>array('*'),
        ),
        array('allow',  // allow all users to perform 'index' and 'view' actions
            'actions'=>array('index','login','signup'),
            'expression'=>'Yii::app()->user->isGuest',
        ),
        array('allow', // allow authenticated user to perform 'create' and 'update' actions
            'actions'=>array('cpassword','info','logout'),
            'expression'=>'!Yii::app()->user->isGuest',
        ),
        array('allow', // allow admin user to perform 'admin' and 'delete' actions
            'users'=>array('admin@example.com'),
        ),
        array('deny',  // deny all users
            'users'=>array('*'),
            'message'=>'Access Denied.',
        ),
    );
}

My WebUsers.php

<?php 

// this file must be stored in: 
// protected/components/WebUser.php 

class WebUser extends CWebUser { 

  // Store model to not repeat query. 
  private $_model; 

  // Return first name. 
  // access it by Yii::app()->user->first_name 
  public function getDisplayName(){ 
    $user = $this->loadUser(Yii::app()->user->id);
    if($user)
        return $user->display_name; 
  } 

  public function getGroupId(){
      $user = $this->loadUser(Yii::app()->user->id); 
      return $user->group_id;
  }

  // This is a function that checks the field 'role' 
  // in the User model to be equal to 1, that means it's admin 
  // access it by Yii::app()->user->isAdmin() 
  public function isAdmin(){ 
      $user = $this->loadUser(Yii::app()->user->id); 
      return intval($user->group_id) == 1; 
  } 

  public function isGroupAAS(){
      $user = $this->loadUser(Yii::app()->user->id); 
      return intval($user->group_id) == 1001;
  }


  // Load user model. 
  protected function loadUser($id=null) 
    { 
        if($this->_model===null) 
        { 
            if($id!==null) 
                $this->_model=User::model()->findByPk($id); 
        } 
        return $this->_model; 
    }

  protected function afterLogin($fromCookie){
      $user = $this->loadUser($this->id);
      $user->last_login_ip = Yii::app()->request->userHostAddress;
      $user->last_login_time = new CDbExpression('NOW()');
      $user->save();
  }

} 
?> 

Answer 1

Just add 'captcha' in the actions array like this

public function accessRules()
{
    return array(array('allow',  // allow admin user to perform these actions
            'actions'=>array('index','view','add','captcha'),
            'users'=>array('admin'),
        ), ...

Answer 2

In your controller, make sure this is defined.

    // captcha action renders the CAPTCHA image displayed on the contact page
    'captcha'=>array(
        'class'=>'CCaptchaAction',
        'backColor'=>0xFFFFFF,
    ),

Then, allow the action as following.

public function accessRules()
{
    return array(
        array('allow',  // allow all users to perform 'index' and 'view' actions
            'actions'=>array('captcha'),
            'users'=>array('*'),
        ),

        array('deny',  // deny all users
            'users'=>array('*'),
            'message'=>'Access Denied.',
        ),
    );
}

and in the form,

<?php $this->widget('CCaptcha'); ?><br>
<?php echo CHtml::textField('captcha'); ?>

if this doesnt work, try this way..

<?php $this->widget('CCaptcha', array('captchaAction' => 'site/captcha')); ?>

to validate the capthca, define it as following in your action

$captcha=Yii::app()->getController()->createAction("captcha");
$code = $captcha->verifyCode;
if($code === $_REQUEST['captcha']){
}

Your code looks fine and compare your code with this answer or please provide the source code to take a look at.

Answer 3

I have tested your code with one of my SiteController & it's (captcha action) working fine under contact action. Could you kindly post full UserController code to review & identify the exact cause?

Answer 4

Give access to your captcha showing method ie actions

public function accessRules()
{
    return array(
        array('allow',  // allow all users to perform 'index' and 'view' actions
            'actions'=>array('actions'),
            'users'=>array('*'),
        ),