Check for Login on Each Function? |
[eluser]Michael Wales[/eluser]
Quote:This is exactly what hooks were made for. Meh, hooks are ugly as there is no clear way within the application code to tell what is going on. By reviewing the code, as a third party, it can only be described as "magic happens here" until you realize a hook was involved. By extending the Controller class, additional functionality is immediately recognizable via the class definition.
[eluser]Majd Taby[/eluser]
yes, but including the same code in every controller is repetitive and counter-productive. But I see what you're saying though. Maybe a comment in each controller or some hooks info in the profiler would be good.
[eluser]Michael Wales[/eluser]
Or just extend the controller - I usually have 3-4 different controller sub-classes that I use throughout my apps. This post has more detail and my CI Dev Pack has 3 of my favorite Controller sub-classes.
[eluser]wiredesignz[/eluser]
I posted an auto protect user library in ignited code, it validates user credentials on every page load. Don't you guys search the forums?
[eluser]Edemilson Lima[/eluser]
Instead of using: Code: header("Location: $no_access"); Use the right CI function: Code: redirect('/login/form/'); Quote:I posted an auto protect user library in ignited code, it validates user credentials on every page load. I did try to find it, but is hard without the thread name... Can you post the link here for us?
[eluser]Kemik[/eluser]
I've never understood using adding logged_in to userdata. Why not just check user_id is stored?
[eluser]Edemilson Lima[/eluser]
user_id is enough, unless you have more than one type of authentication or privileges to check.
[eluser]Colin Williams[/eluser]
Hope I'm not beating a dead horse here. I have an access($perm = NULL, $redirect = TRUE) method in my user library that, when called without arguments, just checks to see for a flag in the session that the user is logged in. If they aren't logged in, in redirects them to a login page, appending the current location so that the user can return to the page which they were attempting to access. The implementation looks something like this: Code: //... access() also does some permission checking, and can be told to redirect to a different path (or set to FALSE for a simple access check without sending the anonymous user elsewhere). Example: Code: //...
[eluser]wiredesignz[/eluser]
Auto protect user library: Code: <?php if (!defined('BASEPATH')) exit('No direct script access allowed'); |
Welcome Guest, Not a member yet? Register Sign In |