Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Needed: Summary of Security and Sessions versus standard PHP
Needed: Summary of Security and Sessions versus standard PHP
  • El Forum
    Guest
  •  
#5
07-05-2007, 11:06 PM

[eluser]Rick Jolly[/eluser]
Php native sessions based on Lick's example.

LoginPage:
Code:
class MyLoginPage extends Controller
{
   function MyLoginPage()
   {
      parent::Controller();
      session_start();
   }

   function index()
   {
      if ( /* login form submitted */ )
      {
          if ( /* valid user login */ )
          {
              $_SESSION['logged_in'] = true;

              // redirect to secure page..
          }
          else
          {
             // set login error message
          }
       }
      
       // load the login view
   }
}

SecretPages:
Code:
class MySecretPage extends Controller
{
   function MySecretPage()
   {
      parent::Controller();
      session_start();

      if (empty($_SESSION['logged_in']))
      {
          // redirect to login page
      }
   }
  
   ...
}

You could make "MySecretPage" a parent to all secure controllers. That way for every secure controller, you'd just extend "MySecretPage" and no additional authentication checks would be necessary:
Code:
include(APPPATH . '/controllers/my_secret_page.php');

/* This controller is secure because the authentication
   check is done in MySecretPage's constructor */
class ChildSecretPage extends MySecretPage
{
   function ChildSecretPage ()
   {
      parent::MySecretPage();
   }
  
   ...
}


Messages In This Thread
Needed: Summary of Security and Sessions versus standard PHP - by El Forum - 07-05-2007, 11:06 PM



Theme © iAndrew 2016 - Forum software by © MyBB