Feedback on session check, login system.

I've got a login-system on a site. What would be the best practice of checking the session.

Prior to CI I checked in every file etc to be sure that the user had the right access level. Now, using CI, I've got a folder controllers/login wish is only open to users, logged in. Furthermore, I've got a MY_Controller fetching and passing stuff throughout the system.

Where should the control of the session be. My idea was to check in the MY_Controller and extend it to every controller. (The my-extension is ok sins every page will share header etc.)


I think most of the developers usually use a authentication library.
Auto-load the library & include the session checking function in the controller's constructor function(if needed)

You can omit the function call in public pages

Happy Coding,

//menu prep. At the moment the site has no other pages than in-menu-pages thats going to be public.
        $menu = $this->systemdata->get_menu();
        foreach($menu AS $array)
            $keys_unlocked[] = $array['segment'];
//------ check for segments not public
        if( in_array ($this->uri->rsegment(1), $keys_unlocked) )
            $is_logged_in = $this->session->userdata('logged');

This is the code I'm planing to use, not tested. Pointers appreciated! For instance, I'm not sure of when 404 is trowed. (It's stated in the MY_Controller, in __construct().)

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.