[eluser]elmne[/eluser]
I have the following controller in the admin folder
Code:
<?php
class Homepage extends Controller {
function __construct()
{
parent::Controller();
$this->load->library('auth');
}
function index()
{
$this->load->view('layout/admin/main');
}
function login()
{
if ($this->input->post('submit') != FALSE)
{
$login = array($this->input->post('username'), $this->input->post('password'));
if($this->auth->process_login($login))
{
// Login successful, then redirect.
$this->auth->redirect();
}
else
{
$data['error'] = 'Login failed, please try again';
$this->load->vars($data);
}
}
$this->load->view('layout/admin/login');
}
}
I then have this in the library as the Admin_controller
Code:
<?php
class Admin_Controller extends MY_Controller
{
function __construct()
{
parent::__construct();
if($this->data['user']['group'] !== 'admin')
{
show_error('This is administrator area only.');
}
}
}
?>
I then have this as the auth.php within teh library too
Code:
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
class Auth {
var $CI = null;
// get the CI Super object
function __construct(){
$this->CI =& get_instance();
}
function Auth()
{
$this->CI =& get_instance();
$this->load->library('session');
$this->load->database();
$this->load->helper('url');
}
function process_login($login = NULL)
{
// A few safety checks
// Our array has to be set
if(!isset($login))
return FALSE;
//Our array has to have 2 values
//No more, no less!
if(count($login) != 2)
return FALSE;
$username = $login[0];
$password = $login[1];
// Query time
$this->db->where('username', $username);
$this->db->where('password', $password);
$query = $thisdb->get('user_account_staff');
if ($query->num_rows() == 1)
{
// Our user exists, set session.
$this->CI->session->set_userdata('logged_user', $username);
return TRUE;
}
else
{
// No existing user.
return FALSE;
}
}
function redirect()
{
if ($this->CI->session->userdata('redirected_from') == FALSE)
{
redirect('/admin','', 301);
} else {
redirect($this->CI->session->userdata('redirected_from'));
}
}
/**
*
* This function restricts users from certain pages.
* use restrict(TRUE) if a user can't access a page when logged in
*
* @access public
* @param boolean wether the page is viewable when logged in
* @return void
*/
function restrict($logged_out = FALSE)
{
// If the user is logged in and he's trying to access a page
// he's not allowed to see when logged in,
// redirect him to the index!
if ($logged_out && $this->logged_in())
{
redirect('/admin');
}
// If the user isn' logged in and he's trying to access a page
// he's not allowed to see when logged out,
// redirect him to the login page!
if ( ! $logged_out && ! $this->logged_in())
{
$this->CI->session->set_userdata('redirected_from', $this->CI->uri->uri_string()); // We'll use this in our redirect method.
redirect('/admin/login');
}
}
/**
*
* Checks if a user is logged in
*
* @access public
* @return boolean
*/
function logged_in()
{
if ($this->CI->session->userdata('logged_user') == FALSE)
{
return FALSE;
}
else
{
return TRUE;
}
}
}
I then have a login form like this
Code:
<?php echo form_open('admin/login'); ?>
<label><br />
Username
<input type="text" name="username" value="" id="username"/>
</label>
<p>
<label>Password
<input type="password" name="password" value="" id="passw" />
</label>
</p>
<p>
<input type="submit" name="submit" value="Login" />
</p>
</form>