Best way for check user is logged in or not

[eluser]mTuran[/eluser]
Firstly user can login by check remember me function or not. If select it, cookie will write to client. my question is after user closing browser and re-enter the site i have to check user is logged in or not. What is the best way to do this ? How can i autoload logged in or not control in every page ?

Thank You

[eluser]Aimadj[/eluser]
use this library for advanced user management : http://dexcell.shinsengumiteam.com/dx_auth/

[eluser]mTuran[/eluser]
Thanks for replying but i don't wanna use ready library because i coded my user model file(i didn't coded library, it is library) The model file called USER can create new user, sign method or reset password method etc...

Now i confused about remember me function. I coded remember me function if user select remember me when loging in system create cookie for identity user at next visit. but i have to auto load any function which is check cookie and do auto login in every pages.

[eluser]Dam1an[/eluser]
Even if you don't want to use a ready made library, there's nothing stopping you from looking how other system have implemented that feature to give you an idea of how to do it yourself

[eluser]tkyy[/eluser]
dont use a crappy premade library, i recommend modifying the sessions class or just use it out of the box with database. all you have to do is set some userdata indicating that person is logged in and create a function likeso in a new library

Code:

/**
     * indicates that this page is internal, it cannot be accessed unless the user
     * is logged in and has verified his or her email address in the event that an
     * unverified or anonymous user attempts to access a page with this in it, they
     * will be redirected to the welcome page and all session items related to them
     * are destroyed
     */
    public function internal()
    {
        $udata        =    $this->ci->session->userdata;
        
        if(isset($udata) && is_array($udata) && isset($udata['verified']) && isset($udata['logged']) && isset($udata['local_key']))
        {
            if($udata['verified']==TRUE && $udata['logged']==TRUE)
            {
                if($this->ci->local->read('local_key')==$udata['local_key'])
                {
                    /* good :) */
                    return;
                }
            }
            
            /* unverified user, show them the confirm page */
            if($udata['verified']==FALSE && $udata['logged']==TRUE)
            {
                redirect('register/confirm');
                return;
            }
        }
        
        /* something was wrong, destroy and redirect to welcome */
        $this->destroy();
        redirect(ospc_base());
        return;
    }

[eluser]xwero[/eluser]
The model is only the base for the authentication and authorization of the users. The model just has to have methods to fetch and manipulate the user data.

The library or a controller takes care of what will happen if a user tries to login, wants to change data, which parts and features of the site the user has access to, ...

Because it's a thing most sites need people already developed a variety of solutions for it. So instead of making the same mistakes the people who developed those solutions by coding it yourself, you can make use of their solutions and cut down on development time.

[eluser]xwero[/eluser]
tkyy i don't like the tone of your response.

dont use a crappy premade library

You are hinting here every premade library is crap which puts down a lot of people who have taken the time to code and present their solutions for others to use, which is disrespectful.

If you take it into the extreme why do you use CI? It's also a crap premade framework, not? if you can do everything better why use code others made?

[eluser]mTuran[/eluser]
you're right certainly. I am coding about 14 hours and i will look later to that library. if i can't do, i will ask again. Thank you.

[eluser]Dam1an[/eluser]
Just to add to what xwero said (which I agree with completely) if you do feel a particular library or user contributed script/code is 'crappy' instead of just saying so, why not point out where it can be improved and offer suggestions? I'm sure anyone that takes the time and effort to release some code is more then happy for suggestions and constructive criticism

[eluser]tkyy[/eluser]
[quote author="xwero" date="1243265454"]
tkyy i don't like the tone of your response.

You are hinting here every premade library is crap which puts down a lot of people who have taken the time to code and present their solutions for others to use, which is disrespectful.
[/quote]

hi xwero

i truly see very good use in libs like, say, ignitedrecord. however, sessions are very, very application-specific. to use a premade lib for auth when, skills-permitting, you could quickly change the ci libs and tables to get just what you need done and prevent the overhead caused by a generic version of a feature that should be specific to the app.

If you take it into the extreme why do you use CI? It's also a crap premade framework, not? if you can do everything better why use code others made?

ci gives a great foundation for sessions: a basic session_id, data encryption, and ability to use db and validate against useragent and ip address which is great for security. the coding style of codeigniters core files is very straightforward and is not cryptic.

i actually think ci is quite good, and i prefer it to anything else, even kohana. that being said, ci is most powerful in the hands of those who fully understand how to use it. it does not take much more knowledge to modify ci session libs than it does to get to the point where you are installing an auth library.