Welcome Guest, Not a member yet? Register   Sign In
member area and access denied view both being loaded.
#1

[eluser]Unknown[/eluser]
So I'm trying to restrict a page to only be viewed if the user is logged in. I put the session verification in the construct and what ends up happening is both my access denied page and the page that should only be viewable if logged in both get loaded. Here's my two controllers if anybody has any ideas.

Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Login extends CI_Controller {

    public function index() {
        $data['main_content'] = 'login_page';
        $this->load->view('includes/template',$data);

    }

    public function validate_user() {
        $this->load->model('membership_model');
        $query = $this->membership_model->validate();

        if ($query) {
            $data = array(
                'username' => $this->input->post('username'),
                'is_logged_in' => TRUE
            );

            $this->session->set_userdata($data);
            redirect('site');
        } else {
            $this->index();
        }

    }

}

Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Site extends CI_Controller {

    public function __construct(){
        parent::__construct();
        $this->logged_in();
    }

    public function logged_in(){
        $logged_in = $this->session->userdata('is_logged_in');

        if(!isset($logged_in) || $logged_in != true) {
            $data['main_content'] = 'denied_page';
            $this->load->view('includes/template', $data);
        }
    }

    public function index() {
        $data['main_content'] = 'files_page';
        $this->load->view('includes/template', $data);
    }

}

I tried renaming the index() function in the Site controller to something else in case that was the cause of the problem and it still did the same thing. Here's the page source from my browser if I try to go directly to /site/ without logging in

Code:
<!DOCTYPE html>
&lt;html lang="en"&gt;
&lt;head&gt;
&lt;meta charset="utf-8"&gt;
&lt;title&gt;&lt;/title>
    &lt;link rel="stylesheet" href="http://localhost/ci_project/css/style.css" type="text/css"&gt;
&lt;/head&gt;

&lt;body&gt;
<p>You do not have permission to view this page. <a href="http://localhost/ci_project/login">Click here to login.</a></p>
&lt;/body&gt;
&lt;/html&gt;&lt;!DOCTYPE html>
&lt;html lang="en"&gt;
&lt;head&gt;
&lt;meta charset="utf-8"&gt;
&lt;title&gt;&lt;/title>
    &lt;link rel="stylesheet" href="http://localhost/ci_project/css/style.css" type="text/css"&gt;
&lt;/head&gt;

&lt;body&gt;
made it
&lt;/body&gt;
&lt;/html&gt;
#2

[eluser]boltsabre[/eluser]
When you navigate to 'site' controller, your constructor is checking for logged in status, and if not found it's loading your 'login view'... it's doing this for every function inside your 'site' controller.
When user navigates to 'index' function, it's already checking for this logged in status, and not finding it, it's loading a view. However, your index function is also loading a view, and that's why you're seeing both views.

Your logged_in function should be doing a redirect to your "login" function, rather than just displaying a view.
#3

[eluser]Unknown[/eluser]
Thanks! I had a feeling it was going to end up being something simple but I was banging my head for so long trying to figure it out.




Theme © iAndrew 2016 - Forum software by © MyBB