• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
User is logged in - CI destroys session - how to know if user was logged in?

#1
[eluser]CloppiWeb[/eluser]
Hey everybody.

I'm currently doing my bachelor thesis and my subject is framework for a site that runs auctions. I still have many months ahead before the product is finalized and ready but very close of launching beta version for public use as a part of testing.

I'm always considered about user experiment and this case involves notifying user what is happening in the application. So, my problem, which I have been solving for the last three days is:

Users current state is saved in the session, from where the application checks if user is logged in or not. Ci takes care about the session validation. I want to know when Ci destroys the session, whether or not user was logged in. I'v tried extending the input and session class, I've also tried hooking pre_system but I just cant catch the change. This is a minor factor, I just thing it would bee cool if user was notified after the session is destroyed that system logged you out.

#2
[eluser]WanWizard[/eluser]
You can extend the session library, and then define your own session_destroy:
Code:
function sess_destroy()
    {
        var_dump($this->userdata); // you can access the session data here before it's destroyed

        $logged_in = $this->userdata['is_logged_in']; // or do something like saving the current logged-in state
        parent::sess_destroy(); // call the original method
        if ( $logged_in )
        {
            redirect('you_have_been_logged_out_controller');
        }
    }
Note that the destroy method contains a design flaw: it does delete the session record and the cookie, but not the session data currently loaded. So your controllers will still be able to access the userdata as if the session still existed.

#3
[eluser]CloppiWeb[/eluser]
[quote author="WanWizard" date="1272586563"]You can extend the session library, and then define your own session_destroy:
Code:
function sess_destroy()
    {
        var_dump($this->userdata); // you can access the session data here before it's destroyed

        $logged_in = $this->userdata['is_logged_in']; // or do something like saving the current logged-in state
        parent::sess_destroy(); // call the original method
        if ( $logged_in )
        {
            redirect('you_have_been_logged_out_controller');
        }
    }
Note that the destroy method contains a design flaw: it does delete the session record and the cookie, but not the session data currently loaded. So your controllers will still be able to access the userdata as if the session still existed.[/quote]

You mean this overrides the orginal sess_destroy function?

#4
[eluser]WanWizard[/eluser]
Yes.

Create a MY_Session.php in your application libraries directory, and add this method.

See the manual, under "Creating your own libraries", on how to extend a core library.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.