• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Should i check User Logged In session on every functions of admin controller?

#1
[eluser]Varadha[/eluser]
Hi,

I am a beginner in code igniter. I have my controllers basic setup as follows:

application/core/MY_Controller.php
-----------------------------------
Code:
class MY_Controller extends CI_Controller {
    
    function __construct(){
        parent::__construct();                
    }
    
}

application/controllers/Admin_Controller.php
---------------------------------------------
Code:
class Admin_Controller extends MY_Controller {
    
    function __construct(){
        parent::__construct();
        $this->is_logged_in();
    }
    
    function is_logged_in()
    {        
        $admin_logged_in = $this->session->userdata('admin_logged_in');
        if(!isset($admin_logged_in) || $admin_logged_in != true)
        {
            $data['main_content'] = 'admin_login_view';
            $this->load->view('includes/admin_template', $data);
        }        
    }    
}

application/controllers/admin.php
---------------------------------
Code:
class Admin extends Admin_Controller {
    
    function __construct()
    {
        parent::__construct();        
    }    
    
    function login()
    {
        $data['main_content'] = 'admin_login_view';
        $this->load->view('includes/admin_template', $data);
    }
    
    function members_area()
    {
        $data['main_content'] = 'admin_welcome_view';
        $this->load->view('includes/admin_template', $data);
    }
}

It works fine with login credentials. If i access the members_area() without login, it just loads the welcome view. I have to include many number of functions in the admin controller but all should be accessible after login only. Should i verify the login session for each and every function? Is there any other way to solve this? I need help on this. Please guide me :question: .

Regards
Varadha

#2
[eluser]Atharva[/eluser]
Why not to put
Code:
$this->is_logged_in();
in constructor of Admin controller?

#3
[eluser]SPeed_FANat1c[/eluser]
[quote author="Atharva" date="1301158242"]Why not to put
Code:
$this->is_logged_in();
in constructor of Admin controller?[/quote]

thats good idea Smile I also always write on every admin function where I need security - if(is loggedin) then do something else login

#4
[eluser]Varadha[/eluser]
Thanks guys. Now working fine.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.