I created a website , this website has a backend with the usual login / logout, my website also has this feature for the registered clients, however Yii is taking the same user for the website and for the backend.
If I sign out from the backend it also sign me out from the website, how can I have multiple users so this won't happen?
You just assign roles to users. Then you do RBAC and let those qualified (admin group) to have access to the backend, while clients not.
If you are authenticating with Yii, that authenticated user will be the current user everywhere in Yii until you log out and someone else does.
Related
I'm developing a application with raw PHP. But I have a problem that needs solution. I have two types of user in my application (e.g: Administrator & User).
For administrator, I have following files under "admin" folder,
Admin (Dashboard, Change password, Add User, Profile, User List etc.)
Also for user, I have following files under "account" folder
Account (My account, Change password, Edit Profile etc.)
I want, after login user can't access any files of "admin" folder. Now, after login I check the role first, if use then I redirect him/her to www.example.com/account/my-account.php but, when user hit the following url then he/she can easily access backend functionalities.
www.example.com/admin/dashboard.php, www.example.com/admin/change-password.php, www.example.com/admin/add-user.php, www.example.com/admin/profile.php, www.example.com/admin/user-list.php
Is there any way to close the "admin" folder entrance for user?
TIA
See according to your question you have to assign a role. Though I prefer php frameworks more than a core php but still you could do.
Say you have a form where user and admin shares the same login form for logging purpose.
And you want admin to access all route and restrict few route to the user.
So , the little bit of logic, while you create admin or user you need to assign role as well.
When admin logs in ,according to it, the sql query fetches role and he is routed according to it and same goes with user also.
Set session for user and admin role. And when you enter to target after login the session you have to restrict pages not to acces by user.
I developed a software that includes a Laravel component that has a website, and then 2 apps (iOS and Android) that consume services from that Laravel component. I have users on my database schema, those users come from all system components. Now I want to add Facebook Login for users so that they don't have to fill in their information. But I want to add this login to my website and my 2 apps.
What do I need to do on my Back-end and database to integrate the solutions? so that if a user logins with Facebook on my website and then logins with facebook on my iOS app, I can see they are the same?.
Thank you
In your database add a Facebook_id column, if all your apps are pulling from the same database, then that should solve your problem of knowing they are the same.
when a user signs up to your site using Facebook , Facebook will give you back thier Facebook_id, every time a user logs back into your site from Facebook, Facebook looks for that id and sees if the access token provided by them is valid. If its valid it signs the user back into your app/site
https://github.com/SammyK/LaravelFacebookSdk is a great Laravel Facebook SDK
The best way will be for you to used laravel socialite https://github.com/laravel/socialite.
also check this https://stackoverflow.com/a/30590747/6726714
I have implement SOS concept between two php application. it application it available different domain like one is www.example.com and another is www.test.com.
My required following condition.
1.When user is login any appplication to login this user with check user name and password into mysql database table
2.After login any application username and password is not required/reenter user can directly login this application similar to Google.
3.When user logout at time both application can be logout.
-->my first application can be created Yii framework and another is moodle
please give idea to implement this concept in my both application
I have seen Joomla using many types of user access for the admin site. For example user, admin user, registered user and super user. The system actually know what type of user you are once we logged in. I'm trying to do the same thing for my web app. I need any suggestions on how this features can be achieved using PHP.
Assuming a user is in a database, you could have an column like role which would be user, admin, registered, and super.
Then in PHP you can use switch / if-condition blocks based on that role variable.
I'm developing a CakePHP 1.3 application which needs to login users backend and frontend.
On the backend, admins and others must login to edit pages and data.
On the frontend, users can login to see "private" pages.
I'm using CakePHP ACL/Auth to login backend users (but i dont'have so clear how it works).
What do you suggest? I was thinking to set frontend users as a particular "acl" group to see that pages.
User admin routing.( http://book.cakephp.org/view/945/Routes-Configuration )
This will allow you to create separate functionality for ADMINS and USERS. You can even create additional user types and create routes for them too.
ACL is a bit difficult to understand and does not make sense for all situations. This blog may be of some use to help you get started:
http://www.studiocanaria.com/articles/cakephp_auth_component_users_groups_permissions_revisited