Preventing Logged in users from calling methods/functions of a controller directly. N00b here :oP

[eluser]Bas Vermeulen[/eluser]
Ghehe, I just came back from a 24 hour shift so I didn't read your post very well the first time. After replying I saw that you ment to prevent logged in users to have access to some controllers and methods. So I updated my post a bit (probably while you were replying) to explain that my example can be used to fix what you want. You can add arrays with secure controllers and or methods and do:

Code:

if($is_logged_in) {
    // Logged in, check if the request is permitted.
    // First get the allowed controllers and methods
    $secure_controllers = $this->config->item('secure_controllers');
    $secure_methods = $this->config->item('secure_methods');
    // Then get the controller and method of the current request
    $current_controller = $this->router->fetch_class();
    $current_method = $this->router->fetch_method();
    // Now let's do the check
    if (in_array($current_controller, $secure_controllers)) {
        // We can continue because the requested controller
        // is an allowed secure controller
        // Doing some stuff here
    } elseif (in_array($current_method, $secure_methods)) {
        // We can continue because the requested method
        // is an allowed secure method
        // Doing some stuff here
    } else {
        // We have to abort this request because the requested
        // controller or method is a private secure one.
        // Show error, redirect, remap, etc
    }
} else {
    // Doing some stuff here
}

Is this what you mean or should I just head to bed and try again later