![]() |
Administration security - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Administration security (/showthread.php?tid=43944) |
Administration security - El Forum - 07-28-2011 [eluser]Unknown[/eluser] Hello, i would like to ask if there is a way to secure my administration functions. I have main controller called Admin and there is login method inside. If a user logs in, he should be able to access all other functions inside the admin controller. When i create a new function, I always have to first check if the user is logged in. Is there any way to check if the user is logged without always typing "if ($this->session->userdata('logged')) {}" at the beginning of a function? Something in __construct() perhaps? Once again, my goal is to prevent accessing any method inside the admin controller (i.e. admin/add_user) without being logged in and explicitly write the IF logged_in statement every time. Administration security - El Forum - 07-28-2011 [eluser]ghprod[/eluser] Yes, you can use logic from Phil Sturgeon, he create MY_controller for base controller, extend from CI_controller then create Admin_controller where every controller/method for admin page referenced by this as parent ![]() so you only need to place login function on Admin_controller ![]() please download Pyrocms and see how its work ![]() |