Welcome Guest, Not a member yet? Register   Sign In
Authentication by email and group/access level
#3

[eluser]doubleplusgood[/eluser]
Thanks man. Looks like I need to do some additional check as my site still lets me log in to the admin area even though my group isn't 5. This is my Admin controller for logging in.

So in theory, if i'm logging in as a user with groupid of 4, then it should redirect me to the admin/index view.

Code:
<?php

    class Admin extends Controller {
        
        function Admin()
        {
            parent::Controller();
        }
        
        function index()
        {
            $view_data = array();
            
            if ( $this->auth->logged_in() )
            {
                $view_data['view_file'] = 'admin/dashboard';
                $this->load->view('admin/dashboard', $view_data);
            }
            else
            {
                $view_data['view_file'] = 'admin/index';
                $this->load->view('admin/index', $view_data);
            }
            
            //$this->load->view('layout', $view_data);
        }
        
        function login()
        {
            $email = $this->input->post('email');
            $password = $this->input->post('password');
            
            if ( empty($email) || empty($password) )
            {
                die('fill it in!');
            }
            
            $logged_in = $this->auth->login($email, $password);
            
            redirect('admin');
        }
        
        function logout()
        {
            $this->auth->logout();
            
            redirect('admin/index');
        }
        
        function is_valid_user($email)
        {
            $this->db->where('email', $email);
            $this->db->where('groupid', 5);
            $query = $this->db->get('users', 1);
            
            if ( $query->num_rows() == 1 )
            {
                return TRUE;
            }
            else
            {
                $this->form_validation->set_message('is_valid_user', 'This user is not registered!');
                
                return FALSE;
            }
        }
        
        function is_not_user($email)
        {
            $this->db->where('email', $email);
            $this->db->where('groupid', 4);
            $query = $this->db->get('users', 1);
            
            if ( $query->num_rows() == 1 )
            {
                $this->form_validation->set_message('is_not_user', 'This user is already registered!');
                return FALSE;
            }
            else
            {
                return TRUE;
            }
        }
    }


Messages In This Thread
Authentication by email and group/access level - by El Forum - 10-14-2009, 04:22 AM
Authentication by email and group/access level - by El Forum - 10-14-2009, 06:22 AM
Authentication by email and group/access level - by El Forum - 10-14-2009, 07:03 AM



Theme © iAndrew 2016 - Forum software by © MyBB