I already registered session with my code and preventing the the profile direct access with following code.
public function profile() {
if ($this->session->userdata('logged_in')) {
//var_dump($this->session->userdata['logged_in']);
$session_data = $this->session->userdata('logged_in');
$data['nric_number'] = $session_data['nric_number'];
$this->load->view('templates/header');
$this->load->view('layouts/employee/profile', $data);
$this->load->view('templates/footer');
} else {
//If no session, redirect to login page
$base = base_url();
redirect($base . 'checkinout', 'refresh');
}
}
Suppose, I am going prevent another controller named allusers. So, Script will be something like below-
public function allusers() {
if ($this->session->userdata('logged_in')) {
$this->load->view('layouts/employee/allusers');
} else {
//If no session, redirect to login page
$base = base_url();
redirect($base . 'checkinout', 'refresh');
}
}
But, I would not like to use following condition for each method. Can I skip actually?
if($this->session->userdata('logged_in')) {
} else {
}
Just put the code in your constructor of class, in this way you dont need to check for the session in all methods!
if(!($this->session->userdata('logged_in'))) {
$allowed = array(
'method1',
'method2'
);
if ( ! in_array($this->router->fetch_method(), $allowed) {
redirect('login');
}
}
Related
How can I create logout button if my login controller with session is like this?
function login_user() {
$user_login = array(
'username'=>$this->input->post('username'),
'password'=>$this->input->post('password')
);
$data=$this->Infoserbilis_model->login_user($user_login['username'],$user_login['password']);
if($data) {
$session_data['logged_in'] = TRUE;
$this->session->set_userdata($session_data);
//$this->session->set_userdata('logged_in', $session_data);
redirect('Infoserbilis/admin_page', 'refresh');
} else {
echo '<script>alert("Invalid Username or Password");</script>';
redirect('Infoserbilis/index', 'refresh');
}
}
I have tried $this->session->sess_destroy(); on my function logout but to no avail. Thanks in advance
public function logout() {
// Removing session data
$this->session->sess_destroy();
echo '<script>alert("Bye!");</script>';
redirect('Infoserbilis/index', 'refresh');
}
Ok, base on your message, $this->session->sess_destroy() just only destroy the current session, you need redirect page manually. Write the specific route you want to redirect to in redirect() function
/**
* logout
*/
public function logout()
{
$this->session->sess_destroy();
redirect('/');
}
function logout() {
$this->session->unset_userdata('is_searched');
redirect('CONTROLLER/login');
}
You are redirecting to index function in Infoserbilis controller. Check session is active or not in that function.
Here is an example :
public function index() {
if($this->session->userdata('is_logged_in') == true){
//load the required view
}
else {
redirect('controller/login');
}
}
or you can redirect to login from logout function
public function logout() {
$this->session->sess_destroy();
redirect('controller/login');
}
this is my controller:-
public function home() {
if($this->session->userdata('id')) {
$this->header();
$this->load->model('admincon');
$e = $this->admincon->select();
$data['e'] = $e;
$this->load->view('admin/home',$data);
} else {
$this->index();
}
}
in the view page of function home() there is a form which submitted through function subques() the function is here:-
public function subques() {
if($this->session->userdata('id')) {
$tp=$this->input->post('box1',TRUE);
$s=$this->input->post('box',TRUE);
$t=$this->input->post('t',TRUE);
$a=$this->input->post('a',TRUE);
$b=$this->input->post('b',TRUE);
$c=$this->input->post('c',TRUE);
$d=$this->input->post('d',TRUE);
$n=$this->input->post('n',TRUE);
$this->load->model('admincon');
$this->admincon->subque($s,$t,$a,$b,$c,$d,$n,$tp);
$this->home();
} else {
$this->index();
}
}
but after submitting the values to the database when user redirected to the page if they click on refresh button the previous data store into the database another time. how to solve this problem.
i mean how to clear the variables after use them.
User redirect() instead of $this->home()
public function subques()
{
if($this->session->userdata('id'))
{
$tp=$this->input->post('box1',TRUE);
$s=$this->input->post('box',TRUE);
$t=$this->input->post('t',TRUE);
$a=$this->input->post('a',TRUE);
$b=$this->input->post('b',TRUE);
$c=$this->input->post('c',TRUE);
$d=$this->input->post('d',TRUE);
$n=$this->input->post('n',TRUE);
$this->load->model('admincon');
$this->admincon->subque($s,$t,$a,$b,$c,$d,$n,$tp);
redirect('controller_name/home');
}
else
{
redirect('controller_name/index');
}
}
without this $this->home(); use
redirect(base_url() . 'controller_name/home');
When I login success then redirect to the home page.
After I set session in login and view page, when I refresh that same page then it is redirect in to the login page, whats the reason for that and would you please provide solution for this problem?
Controller
public function login() {
$email = $this->input->post('email');
$password = md5($this->input->post('password'));
$result = $this->search_model->login($email, $password);
if($result !='') {
$this->session->set_userdata('user_id', $email);
$seid = $this->session->userdata('user_id');
}
if ($seid=='') {
//echo ($seid);
$this->index();
} else {
$this->view();
}
}
public function view() {
$seid = $this->session->userdata('user_id');
$data['result']=$this->search_model->getall($seid);
$this->load->view('pagination_view',$data);
}
Model
function login($email, $password) {
$this->db->where("email", $email);
$this->db->where("password", $password);
$query=$this->db->get("tbl_reg");
return $query->result_array();
}
View
<?php
if(!$this->session->userdata('user_id'))
{
redirect(base_url().'search/login');
}
else
{
}
?>
Two problems, the first architectural the second likely causing your problem. The first is you should not be redirecting in a view. This should be in the controller that loads your home page (or other pages). You shouldn't even get to the view if you don't belong there.
The second problem is if($result!=''). This won't work. $result is an array. Use if(!empty($result)) or if(count($result)!==0) or something similar.
On your pagination_view I would not use redirect instead place that on controller function
public function view() {
if ($this->session->userdata('user_id') == FALSE) {
redirect(base_url().'search/login');
} else {
$data['result'] = $this->search_model->getall($seid);
$this->load->view('pagination_view',$data);
}
}
First off, heres my code:
<?php
class Admin extends CI_Controller {
public function __construct()
{
parent::__construct();
$this->load->model('admin_model');
}
function logout()
{
$this->session->unset_userdata('logged_in');
session_destroy();
redirect('home', 'refresh');
}
public function index()
{
if($this->session->userdata('logged_in'))
{
$session_data = $this->session->userdata('logged_in');
if ($session_data['id'] != 1){
$this->load->view('head');
echo "Sorry, you have to be an administrator to access this page";
$this->load->view('footer');
} else {
$session_data = $this->session->userdata('logged_in');
$data['username'] = $session_data['username'];
$this->load->view('head');
$this->load->model('admin_model');
$data['users'] = $this->admin_model->show_data();
$data['bikes'] = $this->admin_model->show_bikes();
$this->load->view('admin', $data);
$this->load->view('footer');
}
} else
{
redirect('login', 'refresh');
}
}
The dilemma I'm in is, yes this will stop all normal users accessing the admin/index page. However they still will be able to access admin/create, admin/update and so on unless i put an if statement on all the functions which will take some time. Is there a quicker way (possibly something i could put in the construct) that will apply the check to all the admin pages? Thanks
Simply move your admin-check code to the constructor:
<?php
class Admin extends CI_Controller {
public function __construct()
{
parent::__construct();
if(!$this->session->userdata('logged_in')) {
redirect('login', 'refresh');
}
if ($session_data['id'] != 1){
$this->load->view('head');
echo "Sorry, you have to be an administrator to access this page";
$this->load->view('footer');
exit; // or return? sorry, not too familiar w/ CodeIgniter
}
$this->load->model('admin_model');
}
...
public function index()
{
...
}
I have the following.
controllers/customers.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
session_start(); //we need to call PHP's session object to access it through CI
class customers extends CI_Controller {
function __construct()
{
parent::__construct();
}
public function view($id) {
$this->load->model('customers');
$news = $this->customers->view_customer($id);
$data['title'] = $news['title'];
$data['body'] = $news['body'];
$this->load->view('customers_customer_view', $data);
}
function index()
{
if($this->session->userdata('logged_in'))
{
$session_data = $this->session->userdata('logged_in');
$data['username'] = $session_data['username'];
$this->load->view('customers_view', $data);
}
else
{
//If no session, redirect to login page
redirect('login', 'refresh');
}
}
function logout()
{
$this->session->unset_userdata('logged_in');
session_destroy();
redirect('dashboard', 'refresh');
}
}
?>
models/customer.php
<?php
class customers_model extends CI_Model {
public function __construct() {
$this->load->database();
}
public function view_customer($id) {
if($id != FALSE) {
$query = $this->db->get_where('news', array('id' => $id));
return $query->row_array();
}
else {
return FALSE;
}
}
}
?>
views/customers_customer_view.php
<?php print $title; ?>
<?php print $body; ?>
I am very new to code igniter, I have followed this tutorial from the web, No matter what i do i cannot get the database info to display when loading root/customers/view/1
All i get is a blank page. Even if i change the view to include a some static text it wont display, From this i believe it to be something wrong with loading the view, But all looks ok to me.
Please can somebody assist.
You wrote:
$this->load->model('customers');
But model file is named: customer.php.
And class name is: customers_model.
Please check it again.
I will give you an example:
$this->load->model('customers');
Your model file have to be: customers.php.
And your class name have to be: class Customers {}