I'm having a problem with the yii\web\User login method. According to the official documentation, this method return a boolean, but for some reason it is not for me:
return | boolean | Whether the user is logged in
I put this method inside an if statement, so if the user gets logged on, the program executes a block of code that I need to. Problem is, after going inside this method, the code simply stops running, the user in fact gets logged in, but the code inside my if statement won't run, I tried to assign the return of the login method to a dummy variable, and the code simply stops and redirect the user to the home page.
Related
So I'm trying to make a dummy website where only members who are marked as premium can see certain content. Since it's a dummy website the way this is distinguished is by selecting yes or no on a checkbox while creating an account. But, what I'm having trouble figuring out is how I can have the entire site check to make sure the user is a premium member and not a normal member or guest. On the registration page itself, I figured I could use an if statement to initially mark it like this
if($user['premium'] == 1){
$_SESSION['premium'] = true;
}
but how would I make it so a page like membersonly.php ONLY shows up if the user is a premium member? I'm assuming I'd have to use either a function or a class but I truly do not know what I would need to do inside either.
EDIT
I guess I didn't explain myself clearly enough, not surprising since I posted this at 2am. I don't want to just redirect normal users and guests away from membersonly.php I want it so the link for the membersonly page ONLY shows up on the nav bar if the user has a premium account. Could this be accomplished with an if statement or could I need to create a function or class dedicated to monitoring this?
You can simply do by the following steps:
1. On the button click post event first check if the user is premium or normal
2. Put an if condition that if user is premium then
header('Location: ****.php');
else to the other php file using the same way.
NOTE: you need to add to you database if the user is premium or normal.
I assume you know basic php follow just below steps on your membership page.
Create connection to database.
Fetch user from user id (I think you done use login for it).
check condition where user is premium or not if user is not premium then redirect it to home page.
require_once('connection.php');
// Fetch user details.
if($user['premium'] != 1){
header("location:index.php");
}
Add a flag column in your db table 'is_premium'.Upon saving, if a user is
premium than insert 1 in this flag else 0.Than create a function which checks
if logged in user is premium or not and call this function on start of every
page.following is the implementation of function which checks for premium
user.
function checkPremium(){
if($_SESSION['premium'] == true){
return true;
}else{
header('Location:some_other_page.php');
}
}
As I have right now, I have 3 functions: Main,Login and Panel. Explanation of the 3 functions:
Main
This is the home page. The thing is, on this page there is a login screen as well. So the input will be sent to the function 'Login'.
Login
This is where (only) all the validation will be. If validation fails, I'm sending it back to the Main with the error messages, and if it succeeds, It'll go further to the function 'Panel'.
Panel
Success. You logged in. Nothing special here.
Now my problem is, everything described in the function Login, can mostly fit in the Main function. Is there any reason to not just get everything from Login and put it in Main? So basically when the form is sent, if it fails, stay on the same page but with error messages or 'Succes! you logged in.' I feel like I'm overthinking this too much.
There should be no repetition, validation must be separate function for example validateData(Login) and similar (in calcFunctions.php)
HTML functions should be also in separate functions in for example (view)showFunctions.php then you proceed procedural in index.php you start with if session does not exists you do this else that.
Function login, main and similar are bad because I don't know what they are doing just by looking at their names. Functions you can use for example for particular actions in index.php. showInfoForEveryone, showInfoForLoggedIn, showSingupAndLogin, cleanData, showFormSingUP, showFormSingIn, errortable (array for errors that you can display if there is any), validateData() etc..
This way there is no repetition.
I get the MVC thing. :) I swear I do.
So, I have the main controller that serves up either the Home 'view' or a Login/Registration 'view' based on if the user is logged in.
Works fine and dandy.
On registration an email link is sent, which the user needs to click to verify the account->email, this happens to be a function in the Home controller that fires off a model is the link is valid.
Now, inside this model is the code to update the database with A: Activated/Not, B: Try Count.
Now, once this is done, I want to display the Login/Register 'view' with an appropriate message (failed, not failed, tried too many times, etc...)
I was going to use a redirect and throw the message type, and message text in a session variable and just display it that way, but then got to thinking that I could bypass that by firing off the Home controller index function passing in an array variable containing the message type, and message text.
Boy was I wrong.
So, how can I do this? I'd really like to stay away from relying on sessions
The respective method of Model should return a value (probably an array) that contains status and count (pseudo-code)
$statusCount = $model->getStatusCount($input);
And later pass the data to View
$view->set('statusCount', $statusCount);
So answering the question: yes, you can evade the $_SESSION.
I need to perform an action like save the result for a survey for a guest user(non registered/not logged in) in elgg, in which the user only gets a page having a form of data .
I manage to get this thing but, when i submit the action it shows the error
Sorry, you cannot perform this action while logged out.
and redirect to the login page.
How to solve this issue
Thanks
check the register_action , there is a parameter $public with options true/false
if u set it to true this action be accessed by people not logged into the system.
The problem is that each action that is called gets checked by elgg with the action-_gatekeeper() method.
The easiest way to get around this is to not have your survey results sent to a script defined as an action, but rather just have your form submit directly to your script (have the submit URL be something like www.your site.com/mod/yourPlugin/handleSurvey.php )
Yes that's true, you can set action public, but after that for saving results in elgg, you have to override the accesses so that not loggedin user can save data to database.
Check for the Permissions Check
I am currently working on adding pre-validation to my website. So that pages that require a log-in or other criteria, will only display if your session matches that criteria. I've got most of the system working, but I have one major obstacle. I cannot figure out how to stop CodeIgniter from running the rest of the controller (and thereby showing the page anyways), when the validation fails.
Here is my configuration:
All my pages are in the Content controller
My security system is a model called security.php
In the _head private function (which is called by every page), I load security.php and call it's main function: run()
$this->security->run() gets the specific validation criteria for the page, and checks them.
If the user passes, then run() does nothing, and the page execution continues
This is where I need help. If the user does not pass, then I need to display an error page, and stop the controller from calling any other views.
Does anyone know how to do this?
Thanks,
Lemiant
You could do one of two things. A would be to redirect to another page with a differant uri. B would be to use an if/else statement to choose which view you show under the same uri.
One thing you need to do is have the security method you talked about return TRUE or FALSE if it is successful or not.
Examples:
A:
if(!$this->security->run())
{
redirect('my/error/page');
}
B:
if($this->security->run())
{
// Security Passes, proceed as normal
}
else
{
// Security Fails, show error page
}
Hope this helps
How stop execution of codeigniter: die(); or exit();
But, I don't think that's really what you want to do. What you want to do is to load a different view to show an error page if the validation fails.