• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Protect site using MY_Controller?

#1
[eluser]Sven Delle[/eluser]
I'm trying to protect a website using the MY_Controller way.

I have a custom config file with:
Code:
$config['site_protected'] = true; // or false
in it.

I then have a MY_Controller that looks like this:
Code:
<?php if(!defined('BASEPATH')) exit('No direct script access allowed');

class MY_Controller extends CI_Controller
{
function __construct()
{
  parent::__construct();
    
  if($this->config->item('site_protected')) // also tried with '== true' added
  {
   $this->session->set_userdata('REDIRECT', uri_string());
   $this->output->set_status_header('401');
   redirect('login');
  }
}
}
/* End of file: ./application/core/MY_Controller.php */


All pages I want to protect extends the MY_Controller.

I then have a login controller, extending CI_Controller (so it does not conflict with the redirect in the MY_Controller).

If the login validates I want to change the config setting ($config['site_protected']) to false and send the user to the recorded url.

Code:
$this->config->set_item('site_protected', false);
redirect($this->session->userdata('REDIRECT'));

I then expect the MY_Controller to never redirect the user to the login page again.

But this seems not to be the case!?

Am I wrong in assuming that the config value will have changed throughout the session? Should I somehow use a session setting, and if, then how?

Any help in achieving a simple to maintain solution to the problem are appreciated.

But I suspect that the config file gets reloaded on every page visit, and therefore resets back to the default value. Is this the case?


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.