Welcome Guest, Not a member yet? Register   Sign In
Creating an admin area
#1

[eluser]Mr Scientist[/eluser]
Hi all!

This is my first post to the CI forums. I've just started learning CI after doing a bit of dabbling in PHP. I'm finding CI a fantastic library to use and the documentation second to none.

Anyway, at the moment I'm developing a small website locally to help me get to grasps with CI, I find it better than doing tutorials. I'm trying to develop a simple admin side to it. I've created a login using the 'SimpleLogin' library, and would like to create an admin area behind this.

I currently have my admin controller setup in it's own folder within the root controllers folder.

I have a couple of questions regarding this:

- In order to have the URL mysite.com/admin do I have to use a re-write rule.

- In order to have the functions that I would like to use only accessible behind the admin area do I have to nest these within the admin controller (an example would be greatly appreciated)?
#2

[eluser]Mr Scientist[/eluser]
BUMPED

Any help on this would be greatly received guys Smile
#3

[eluser]TheFuzzy0ne[/eluser]
[quote author="Mr Scientist" date="1233959884"]Hi all!
This is my first post to the CI forums.
[/quote]

Then let me be the first to welcome you to the forum.

[quote author="Mr Scientist" date="1233959884"]
I've just started learning CI after doing a bit of dabbling in PHP. I'm finding CI a fantastic library to use and the documentation second to none.
[/quote]

You've made a very good choice. CodeIgniter is the only PHP framework I've found where I could start using it immediately without spending weeks studying documentation. Every other framework I found was a real struggle to learn so I just gave up.

[quote author="Mr Scientist" date="1233959884"]
- In order to have the URL mysite.com/admin do I have to use a re-write rule.
[/quote]

I wouldn't have thought so. You should be able to create a directory named "admin" in your controllers directory, and setup some controllers inside it. The first one would be your default controller, which will most likely serve as the admin index page, or perhaps a login page.

[quote author="Mr Scientist" date="1233959884"]
- In order to have the functions that I would like to use only accessible behind the admin area do I have to nest these within the admin controller (an example would be greatly appreciated)?
[/quote]

I extended the controller with two methods.

./system/application/libraries/MY_Controller:
Code:
<?php

class MY_Controller extends Controller {
    
    function MY_Controller()
    {
        parent::Controller();

    }
    
    function _admin_restricted_area()
    {
        if (! $this->user->is_admin())
        {
            show_404();
        }
    }
    
    function _user_restricted_area()
    {
        if (! $this->user->is_logged_in())
        {
            redirect('/forums/member/login');
        }
    }
}

My controllers extend MY_Controller, and usually contain one of these lines in the constructor:

Code:
$this->_admin_restricted_area(); // Shows 404 error if the user is not an admin.

or

Code:
$this->_user_restricted_area(); // Sends the user to the login page if they're not logged in.

Example of a controller for an area that requires a user to be logged in:
Code:
<?php

class Homepage extends MY_Controller {

    function Homepage()
    {
        parent::Controller(); // Load the parent constructor.
        $this->_user_restricted_area(); // Check the user is logged in and act accordingly.
    }

    function index()
    {
        $this->load->view('index');
    }
}

Example of a controller for an area that requires an administrative privileges:
Code:
class Homepage extends MY_Controller {

    function Homepage()
    {
        parent::Controller(); // Load the parent constructor
        $this->_admin_restricted_area(); // Check the user is admin and act accordingly.
    }

    function index()
    {
        $this->load->view('index');
    }
}

I also have a user library which handles logins, and sets up the users cookies, but I won't post that; it's a bit too big, but hopefully you get the idea or at least a little inspiration.
#4

[eluser]brianw1975[/eluser]
I was just thinking about this myself..

Personally I am looking to set up a subdomain i.e. admin.mysite.com and use some redirect rules to direct it to index.php/admin/

and i'll also have to make a rewrite rule to send to a 404 if mysite.com/admin/ is accessed directly...

quite the conundrum... or i could just set up another CI folder and then use symlinks (linux box) for my existing models, views, etc

looking for ideas though.

Update: just read this thread about using CI to run more than one application and i think i can twist it to fit my needs...
#5

[eluser]Daniel Peraza[/eluser]
I faced the same problems when I first started to learn CI. I got really confused. I made a post at that time but it seems that I wasn't clear enough to get the lab technician's understanding. In the end I decided to take this approach:

- I created a base controller with all the stuff needed to check if the current user was logged in. If not, redirect to the login page. On the contrary, save some basic user information in the session and redirect to the admin page. All these things were implemented in the base controller's class methods.

- An admin controller, which extended the base controller class and actually perform the verification of the user's access rights. All common functionality shared by admins controllers was implemented here too.

- Several admin controller, which extended the admin controller, one for each of the DB tables to manage (the recommended approach to work with M-V-C as far as I have been taught). This eliminates the need for performing the access rights checks in every controller and centralizes the verification.

I posted to the forum the idea of implementing a kind of proxy pattern for factoring at runtime a version of the proper admin controller that suites the user's rights, thus, it would be impossible for a user to perform any action forbidden to her/his user group level, he/she will have exactly the rights needed to perform the actions he/she are allowed to do. But this is obviously more complicated and frequently unnecessary. It would take several levels of user group rights to be needed to do it.
#6

[eluser]Mr Scientist[/eluser]
[quote author="TheFuzzy0ne" date="1234501027"]

[quote author="Mr Scientist" date="1233959884"]
- In order to have the URL mysite.com/admin do I have to use a re-write rule.
[/quote]

I wouldn't have thought so. You should be able to create a directory named "admin" in your controllers directory, and setup some controllers inside it. The first one would be your default controller, which will most likely serve as the admin index page, or perhaps a login page.
[/quote]

As previously I was having to use the url mysite.com/admin/admin because the controller was inside an admin folder, I had to make some entries in the routes file to allow me to use the url mysite.com/admin.

The following rules are the rules I setup -

$route['admin'] = "admin/admin";
$route['admin/login'] = "admin/admin/login";
$route['admin/logout'] = "admin/admin/logout";
#7

[eluser]TheFuzzy0ne[/eluser]
Why do you have an admin directory inside the admin directory? That will be where your problem lies. You can only nest subdirectories in the controller directory one level deep.

Here's an example of the layout of the admin controller directory on my site, which doesn't use any routes. The default_controller has been set to "homepage" in my config file:

Code:
controllers        //directory
|
+--admin           // subdirectory
   |
   +--homepage.php // controller - default_controller
   |
   +--login.php    //controller
   |
   +--logout.php   // controller

It would really help if we could see your file structure, so we will be able to see where the directories and where the controllers are.
#8

[eluser]Mr Scientist[/eluser]
[quote author="TheFuzzy0ne" date="1235409939"]Why do you have an admin directory inside the admin directory? That will be where your problem lies. You can only nest subdirectories in the controller directory one level deep.

Here's an example of the layout of the admin controller directory on my site, which doesn't use any routes. The default_controller has been set to "homepage" in my config file:

Code:
controllers        //directory
|
+--admin           // subdirectory
   |
   +--homepage.php // controller - default_controller
   |
   +--login.php    //controller
   |
   +--logout.php   // controller

It would really help if we could see your file structure, so we will be able to see where the directories and where the controllers are.[/quote]

My site is set out exactly as you have shown above. System > Application > Controllers > Admin > MyAdminController.php
#9

[eluser]TheFuzzy0ne[/eluser]
What's your default_controller set to? As long as you have the right file containing the right class, it should work.

From the example I gave above, here are some valid URLs.

mysite.com/admin/
mysite.com/admin/login
mysite.com/admin/logout

Please remove your routes, as they aren't needed, and then post the URL you're using, and the code from within the file you're trying to access. There's obviously a problem somewhere that you are unaware of, and it's hard for anyone to give you an answer when we can't see anything.
#10

[eluser]the jan[/eluser]
Hi!

Great thread, I just started using CI and was having the same problem but I'm getting the idea now.

[quote author="Mr Scientist" date="1233959884"]

I also have a user library which handles logins, and sets up the users cookies, but I won't post that; it's a bit too big, but hopefully you get the idea or at least a little inspiration.[/quote]

Is there any way we could make you post it? Smile I would be very interested.




Theme © iAndrew 2016 - Forum software by © MyBB