CodeIgniter Forums
Should i check User Logged In session on every functions of admin controller? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Should i check User Logged In session on every functions of admin controller? (/showthread.php?tid=39977)

Should i check User Logged In session on every functions of admin controller? - El Forum - 03-26-2011

[eluser]Varadha[/eluser]
Hi,

I am a beginner in code igniter. I have my controllers basic setup as follows:

application/core/MY_Controller.php
-----------------------------------
Code:
class MY_Controller extends CI_Controller {
    
    function __construct(){
        parent::__construct();                
    }
    
}

application/controllers/Admin_Controller.php
---------------------------------------------
Code:
class Admin_Controller extends MY_Controller {
    
    function __construct(){
        parent::__construct();
        $this->is_logged_in();
    }
    
    function is_logged_in()
    {        
        $admin_logged_in = $this->session->userdata('admin_logged_in');
        if(!isset($admin_logged_in) || $admin_logged_in != true)
        {
            $data['main_content'] = 'admin_login_view';
            $this->load->view('includes/admin_template', $data);
        }        
    }    
}

application/controllers/admin.php
---------------------------------
Code:
class Admin extends Admin_Controller {
    
    function __construct()
    {
        parent::__construct();        
    }    
    
    function login()
    {
        $data['main_content'] = 'admin_login_view';
        $this->load->view('includes/admin_template', $data);
    }
    
    function members_area()
    {
        $data['main_content'] = 'admin_welcome_view';
        $this->load->view('includes/admin_template', $data);
    }
}

It works fine with login credentials. If i access the members_area() without login, it just loads the welcome view. I have to include many number of functions in the admin controller but all should be accessible after login only. Should i verify the login session for each and every function? Is there any other way to solve this? I need help on this. Please guide me :question: .

Regards
Varadha

Should i check User Logged In session on every functions of admin controller? - El Forum - 03-26-2011

[eluser]Atharva[/eluser]
Why not to put
Code:
$this->is_logged_in();
in constructor of Admin controller?

Should i check User Logged In session on every functions of admin controller? - El Forum - 03-28-2011

[eluser]SPeed_FANat1c[/eluser]
[quote author="Atharva" date="1301158242"]Why not to put
Code:
$this->is_logged_in();
in constructor of Admin controller?[/quote]

thats good idea Smile I also always write on every admin function where I need security - if(is loggedin) then do something else login

Should i check User Logged In session on every functions of admin controller? - El Forum - 03-29-2011

[eluser]Varadha[/eluser]
Thanks guys. Now working fine.