Using : PHP MVC CI
I created a Controller class with the name of My_Controller in Core Folder. In this class, It is being checked if the session exists or not. This controller is being extended in all controller classes. Here is the code
<?php
class My_Controller extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->library('session')
if(empty($this->session->userdata('userName')) {
header('Location: '."Login Url");
}
}
}
?>
Question: Is there any better location to write the Session code in MVC Architecture ??
You don't have to use session_start();
In Controller
class My_Controller extends CI_Controller {
function __construct()
{
parent::__construct();
}
public function index($value)
{
$session = $this->model_name->check_session();
if($session==true){
#valid code
}
else{
redirect('controller/method');
}
}
}
In Model
public function log_in()
{
$log = $this->session->all_userdata();
if (isset($log['userName'])) {
return true;
} else {
return false;
}
}
you need to create the hook in CI and check the session over there.
Hook will call in every request so you can write permission role over there.
Here is more detail how you can write the hook.
http://www.codeigniter.com/user_guide/general/hooks.html
create a file name auth_hook.php in hook folder and write this code
<?php
if (!defined('BASEPATH'))
exit('No direct script access allowed');
class Auth_hook extends CI_Controller {
private $CI;
public function __construct() {
$this->CI = & get_instance();
}
public function is_authorized() {
$uri = $this->CI->uri->segment(1);
if (strcmp($uri, 'user') && $uri != '') {
if ($this->CI->session->userdata('logged_in')) {
return true;
} else {
redirect(site_url('user'));
}
return true;
}
return true;
}
}
Related
In my header view I wrote this code:
<?php
if($this->session->userdata('logged_in')) {
$query = $this->db->get_where('instructors', array('id' => $this->session->userdata('id')));
$insdatacheck = $query->row_array();
if($insdatacheck['name'] == '') {
redirect(base_url().'user/continueregistration');
} else { ?>
<script type="text/javascript">alert('test');</script>
<?php
}
}
?>
But it does not redirect to the following page. However, if I write this in the controller, it works properly. I wrote it in header view because I want to check it in every page where enters the user. How can I improve it and write in a proper way? Thanks in advance
I think instead of your header you should put your check inside your controller constructor.
class Test extends CI_Controller {
function __construct() {
parent::__construct();
// if not logged-in redirect to login page
if ($this->session->userdata('logged_in') == false) {
redirect('login'); // where you want to redirect
}
}
}
Another option is to create a base controller. Place the function in the base controller and then inherit from this.
To achieve this in CodeIgniter, create a file called MY_Controller.php in the libraries folder of your application.
class MY_Controller extends Controller
{
public function __construct()
{
parent::__construct();
}
public function is_logged_in()
{
$user = $this->session->userdata('user_data');
return isset($user);
}
}
Then make your controller inherit from this base controller.
class X extends MY_Controller
{
public function __construct()
{
parent::__construct();
}
public function do_something()
{
if ($this->is_logged_in())
{
// User is logged in. Do something.
}
}
}
First create session in the controller only,
Then we access session in any page,
$this->load->library('session');
$user=$this->session->userdata('logged_in');
if (!isset($user)) {
redirect(base_url().'user/continueregistration');
}
else {
<script type="text/javascript">alert('test');</script>
}
I am trying to use session in all controllers, but can't get success.
Here is my controller code of library.
<?php if(!defined('BASEPATH')) exit('NO direct script access allowed');
class MY_Controller extends CI_Controller
{
public function __construct()
{
parent::__construct();
}
public function is_logged_in()
{
$user = $this->session->userdata('username');
return isset($user);
}
}
?>
And here I am inherit It in my other controller file.
class Homepage extends MY_Controller
{
public function __construct()
{
parent::__construct();
}
public function CheckSession()
{
if ($this->is_logged_in())
{
echo '111';
}
}
}
I also try helper but giving me same error.
<?php
function is_logged_in() {
// Get current CodeIgniter instance
$CI =& get_instance();
// We need to use $CI->session instead of $this->session
$user = $CI->session->userdata('user_data');
if (!isset($user)) { return false; } else { return true; }
}
?>
autoload.php part
$autoload['helper'] = array('url','form','file','login');
$autoload['drivers'] = array('session');
$autoload['libraries'] = array('database','session', 'email', 'form_validation', 'MY_Controller');
I am Following this link.
either you need to autoload session library in your authoload.php like this
$autoload['libraries'] = array('session');
or load session library in constructor of library file like this
public function __construct()
{
parent::__construct();
$this->load->library('session');
}
I followed a tutorial on how to set up a login system for php apps in codeigniter. The logic when the user has session data is working great, but I have a problem when the user isn't logged in (f.ex. refreshes the page after a while). The view of "not_logged_in" gets executed twice when I were to call for the functin from constructor.
The following code works, but it means I gotta add the code for every function I add after.
class App extends CI_Controller {
function __construct()
{
parent::__construct();
}
private function logged_in()
{
$is_logged_in = $this->session->userdata('is_logged_in');
if (isset($is_logged_in) OR $is_logged_in)
{
return TRUE;
}
else
{
$data['title'] = 'Chyba přihlášení';
$data['main_content'] = 'not_logged_in';
$this->load->view('includes/template', $data);
return FALSE;
}
}
function index()
{
if($this->logged_in())
{
$data['title'] = 'APLIKACE';
$data['main_content'] = 'app_view';
$data['userid'] = $this->session->userdata('userid'); //get userid from session
$this->session->unset_userdata('userid'); //destroy the data
$this->load->view('includes/template' , $data);
}
}
function logout()
{
$this->session->sess_destroy();
redirect('login');
}
}
Now the real question, how would I go about putting the whole logic into a constructor without having to check for it in every function?
Make APPPATH.'core/MY_Controller.php' file and put authentication logic in constructor there. Than extend that class from every controller (you need auth logic).
class MY_Controller extends CI_Controller
{
public function __construct();
{
parent::__construct();
$this->check_login();
}
protected function check_login()
{
$is_logged_in = $this->session->userdata('is_logged_in');
//here should be *AND* instead *OR* logic
if (isset($is_logged_in) && !empty($is_logged_in))
{
return TRUE;
}
else
{
redirect('login/index');
exit();
}
}
}
Login.php controller:
class Login extends CI_Controller//NOT extending MY_Controller to avoid infinite loop
{
public function __construct();
{
parent::__construct();
}
public function index()
{
//here is login view
//and logic of preserving session
//with redirect to 'app/index' after successful login
}
public function logout()
{
$this->session->sess_destroy();
redirect('login');
}
}
App.php controller:
class App extends MY_Controller//extending MY_Controller to check login status
{
public function __construct();
{
parent::__construct();
}
public function index()
{
//here is app dashboard view
}
public function statistics()
{
//here is some other method that requires logged in user
}
}
I also would recommend you to check Ion_auth authentication system to see if suitable for you.
I have this private session in one of my controllers that checks if a user is logged in:
function _is_logged_in() {
$user = $this->session->userdata('user_data');
if (!isset($user)) {
return false;
}
else {
return true;
}
}
Problem is that I have more than one Controller. How can I use this function in those other controllers? Redefining the function in every Controller isn't very 'DRY'.
Any ideas?
Another option is to create a base controller. Place the function in the base controller and then inherit from this.
To achieve this in CodeIgniter, create a file called MY_Controller.php in the libraries folder of your application.
class MY_Controller extends Controller
{
public function __construct()
{
parent::__construct();
}
public function is_logged_in()
{
$user = $this->session->userdata('user_data');
return isset($user);
}
}
Then make your controller inherit from this base controller.
class X extends MY_Controller
{
public function __construct()
{
parent::__construct();
}
public function do_something()
{
if ($this->is_logged_in())
{
// User is logged in. Do something.
}
}
}
Put it in a helper and autoload it.
helpers/login_helper.php:
function is_logged_in() {
// Get current CodeIgniter instance
$CI =& get_instance();
// We need to use $CI->session instead of $this->session
$user = $CI->session->userdata('user_data');
if (!isset($user)) { return false; } else { return true; }
}
config/autoload.php:
$autoload['helper'] = array('login');
Then in your controller you can call:
is_logged_in();
You can achieve this using helper and CodeIgniter constructor.
You can create custom helper my_helper.php in that write your function
function is_logged_in() {
$user = $this->session->userdata('user_data');
if (!isset($user)) {
return false;
}
else {
return true;
}
}
In controller if its login.php
class Login extends CI_Controller {
public function __construct()
{
parent::__construct();
if(!is_logged_in()) // if you add in constructor no need write each function in above controller.
{
//redirect you login view
}
}
I think using hooks is pretty easy. Just create a hook to check $this->session->user. It will be called in every request.
Get all user's data from session.
In the Controller,
$userData = $this->session->all_userdata();
In the View,
print_r($userData);
I coded like this according to above answers.. And this is running for me
Create file my_helper.php
<?php
function _is_logged_in() {
if(isset($_SESSION['username'])){
return true;
} else {
return false;
}
}
?>
Edit in autoload.php file
$autoload['helper'] = array('my');
In your Controller file
class Welcome extends CI_Controller {
public function __construct(){
parent::__construct();
if(!_is_logged_in())
{
redirect("Login");
}
}
}
Just add this on your folder core file ci_controller at function __construct() to check all controller ():
function __construct()
{
parent::__construct();
if(! $user = $this->session->userdata('user_data');)
{
return false;
}
}
I have a controller called member within this a construct function
function __construct()
{
parent::Controller();
$this->is_logged_in();
}
I want to check in my other controller that user is logged in how I can use this function in my other controller called profile and others
This is my First project with CodeIgniter
Your authentication checks should be in a library:
The is an excerpt from a basic codigniter authentcation script:
class Site_sentry
{
function Site_sentry()
{
$this->obj =& get_instance();
}
function is_logged_in()
{
if ($this->obj->session)
{
if ($this->obj->session->userdata('session_logged_in'))
{
return TRUE;
}
else
{
return FALSE;
}
}
else
{
return FALSE;
}
}
function login_routine()
{
//do login here (enter into session)
}
}
This library is stored in application/libraries under a filename named after its class with the .php suffix.
Then you can either add this to your autoload config file application/conig/config.php:
$autoload['libraries'] = array('database', 'site_sentry', 'session');
or load it manually in each controller:
$this->load->library('Site_sentry);
Then you can check your session from within controllers, like so:
class Class extends Controller{
function Class()
{
parent::Controller();
if( $this->site_sentry->is_logged_in() == FALSE){
redirect('managerlogin/');
}
}
}
Also check this documentation page http://codeigniter.com/user_guide/libraries/sessions.html; of particular interest is the storing the session into the database section.
I don't think that doing it with the class is the best idea. If the user is logged in, you should check for a flag (value or whatever) inside the session, so you don't need to work with the other controller.
The advantage would be that the session can be accessed more easily and it is the more common approach.
Example with session:
class SomeClass extends Controller {
function __construct()
{
parent::Controller();
$this->is_logged_in();
}
function is_logged_in()
{
$is_logged_in = $this->session->userdata('is_logged_in');
if(!isset($is_logged_in) || $is_logged_in != TRUE)
{
redirect('login');
}
}