CodeIgniter Forums
Administration security - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Administration security (/showthread.php?tid=43944)



Administration security - El Forum - 07-28-2011

[eluser]Unknown[/eluser]
Hello, i would like to ask if there is a way to secure my administration functions.
I have main controller called Admin and there is login method inside. If a user logs in, he should be able to access all other functions inside the admin controller.

When i create a new function, I always have to first check if the user is logged in.
Is there any way to check if the user is logged without always typing "if ($this->session->userdata('logged')) {}" at the beginning of a function? Something in __construct() perhaps?

Once again, my goal is to prevent accessing any method inside the admin controller (i.e. admin/add_user) without being logged in and explicitly write the IF logged_in statement every time.


Administration security - El Forum - 07-28-2011

[eluser]ghprod[/eluser]
Yes,

you can use logic from Phil Sturgeon, he create MY_controller for base controller, extend from CI_controller

then create Admin_controller where every controller/method for admin page referenced by this as parent Smile
so you only need to place login function on Admin_controller Smile

please download Pyrocms and see how its work Smile