In my application I have got a main controller in which I have a few methods. One of them checks if the user is logged in and if not it redirects the user to login form etc.
class FA_Controller_Auth extends Zend_Controller_Action {
public function preDispatch() {
//chceck user is login
}
}
aand all controllers extend from this main class
IndexController extends FA_Controller_Auth{}
but now I am building multi payment gatwey from Zend_Payment_Controllerso Payment_GatewayController should extend from Zend_Payment_Controller. But I need to chack if the user is logged in or not and I am looking for somthing like multi extend
Payment_GatewayController extends Zend_Payment_Controller, FA_Controller_Auth
I know there is no way to use multi extend class in PHP but maybe there is a better way to do this, action helper or plugin to check authorisation ?
Regards.
Regards.
You can only extend one class. This is exactly why using a base controller class is considered bad practice, as it limits you somewhat. Instead you should move the logic for both checks into controller plugins instead.
Related
I want to create a base controller class for all my controllers in Symfony, I am very new to Symfony, so don't be angry with dumb question. I am asking this question because I can't do something like this
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
class AbstractController extends Controller
{
public function __construct()
{
//...... check access level
$user = $this->getUser(); //This is not working, I don't have access to the Controller(the base class) properties
}
}
Now one of my controllers
class UserController extends AbstractController
{
public deleteUserAction(Request $request)
{
var_dump($this);// this will dump an empty class that is not instance of Symfony\Bundle\FrameworkBundle\Controller\Controller
//.... delete user
}
}
What is the best way to do this? please...
EDIT....
What I really want to do is to check whether a user privilege level is enough to access a particular action(e.g. deleteUserAction()) in a particular controller(e.g. UserController), I have a class that attach privilege level to all actions in all controllers. The check will be very efficient if it happens in a parent controller (e.g. BaseController's constructor) which is executed before UserController->deleteUserAction() but in the base controller I don't have access to $this.
I have tried voter and ACL none help my situation.
Thanks in advance.
I think second one is the best way to create your own class and use common function in it.
If you want to add some common functions of controller then it is not the proper way to add it into the Symfony default controller, Instead you can create BaseController and extend your all the controller with BaseController and your BaseController should extends Controller.
By this way the default controller of the symfony stay untouched.
simply use service controller... is shared:
http://symfony.com/doc/current/controller/service.html
I'm currently working on CI for my website, and i'm having some trouble about extending Controller_CI.
I have one controller that deals with login/signin actions, which doesn't need authentication, and others controllers that check if a user session exists before loading content.
For that purpose, I created MY_Controller class and add authentication code in the constructor.
Then I made all my controller extend MY_Controller, except the first one that still extends Controller_CI
My question is : Is it the right way to deals with authentication ? Is it still possible to use Controller_CI even if it's extended ?
I found another pattern :
http://philsturgeon.co.uk/blog/2010/02/CodeIgniter-Base-Classes-Keeping-it-DRY
I guess it's better, but still, I don't understand why not using the first solution.
Thanks
Extending controller class for that purpose will work, but this solution is not much flexible. I would rather create a library that handles authentication, and run it from a controller when it is desired. Please read http://ellislab.com/codeigniter/user-guide/general/creating_libraries.html for details about creating custom libraries in CI.
Please remember you can only extend the CI_Controller with MY_Controller only once. In that aspects it's not a good idea. Suppose you want to implement another feature (e.g. a piece of code that makes a specific entry in the log) for some controllers, but not necessarily the controllers that need authentication you cannot make another MY_Controller.
Using a library is a better thing.
I'm using the flexi auth library on a big CI site. On every controller that requires authentication I just add the following:
public function __construct() {
parent::__construct();
$this->load->library('flexi_auth');
if (!$this->flexi_auth->is_logged_in())
redirect('auth/login');
}
I think a combination of what Phil Sturgeon suggests in that blog post and using a library would be best. So I would create a core controller (by that I mean a controller you place into application/core that extends CI_Controller) called MY_Controller which will look something like this
class MY_Controller extends CI_Controller
{
function __construct()
{
parent::__construct();
}
//Any other functions you want
}
Then judging by your question you currently have controllers that fit into two categories
Controllers that do require a logged in user before they do
anything
Controllers that don't require a logged in user before they do anything
So I would then create another controller in the /application/core directory that extends MY_Controller but in its constructor it checks to see if the user is logged in
class Auth_Controller extends My_Controller
{
function __construct()
{
parent::__construct();
//Check to see if the user is logged in
$this->load->library('authentication');
if(!$this->authentication->user_logged_in())
{
redirect('/login');
}
}
//Any other functions you want
}
Now when you create you controller you can choose which one of the core controllers you want to extend. If its a controller than doesn't require a logged in user you can extend MY_Controller but if it does required a logged in user you can extend Auth_Controller. That way it means you only need to do the user login check once in your code.
Like others have said if may be a good idea to place any authentication code into a library as that's a better place to put it than in a controller.
Summary
So to summarise by having all of your controllers extend core controllers rather than CI_Controller it should cut down on code repetition.
I also currently working on a CI project and had the same issue. I have came up with a different solution to deal with the authentication.
I extended the core controller as bellow,
class MY_Controller extends CI_Controller
{
public $data = array();
public $calledClass ;
public $calledMethod ;
public function __construct()
{
parent::__construct();
$authException['authentication']['login'] = true;
$authException['authentication']['logout'] = true;
$authException['welcome']['index'] = true;
$this->load->library("router");
$this->calledClass = $this->router->fetch_class();
$this->calledMethod = $this->router->fetch_method();
if(!#$authentication[$this->calledClass][$authentication->calledMethod] && !Auth::isUserLoggedIn())
{
# IS_AJAX is a contant defined in the contants.php
# define('IS_AJAX', isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
if(IS_AJAX)
{
# if this is an AJAX call, it sets a value in the header ,
# which can be captured in the AJAX response
# to redirect the user to the login page.
$this->output->set_header("auth-him:1");
exit;
}
else
{
redirect("authentication/login");
}
}
}
}
Hope the code above is clear and this helps.
To extend core controller more than one time, If you still need to use 2 controllers to handle authentication, I have followed this method
https://stackoverflow.com/a/22125436/567854
Hope this also helps :)
It appears that in Zend Framework 2, every controller seems to extend the AbstractActionController by default.
I was thinking if there's a way for all my controllers to extend a CustomController that in turn extends the AbstractActionController.
The purpose of this CustomController, is to do checks like whether a user is authorized to access my other controllers or not and also may be generate menu navigation.
Is this still a good idea and if so, will doing this work?
**IndexController.php**
class IndexController extends CustomController {
}
**CustomController.php**
class CustomController extends AbstractActionController {
}
Thanks,
Of course you can extend a base class and it will work.
Is it a good idea ? It really depends on your project.
For authentication and permission check, you could also use a module like ZfcRbac or BjyAuthorize
For navigation, there is spiffy-navigation
If you use php 5.4+, Traits can also be an alternative to inheritance
So, i have some problem.
I just want to create some website where visitor can interact with my site if they're registered.
Let say they've provided their username,email,password, blah..blah..blah...
And then after they provided their blah..blah..blah.. it will autologin (if their data is passed) to my site.
After they logged in my site, they must provided more data again, like they uploaded their profile picture, how they control their privacy in my site, like step by step registration.
I don't want they interact with my site, until they complete their registration.
How do i make every page in my site looks like registration page until they finished their registration.
It's not like i will give this kind of function right.
if(is_login()){
if(is_registration_complete()){
//you're free to go
} else {
// complete your registration first
}
} else {
//you're not logged in
}
In my every controller, if you know what I mean :)
How do I create this function globaly?
If their registration isn't complete, they will go to registration controller, in every routes.
If they complete their registration, they will go to the, yeah you know the default routes.
I'm so sorry if my English is bad, English isn't my native language, sorry for grammar mistakes :)
The easiest is probably to create a library with your checking function and then to include it in the Constructor of the impacted ControllerS :
class Blog extends CI_Controller {
public function __construct()
{
parent::__construct();
// Load the lib here or Autoload
$this->load->library('mylogincheckhelper');
$this->mylogincheckhelper->is_complete();
}
}
And then you do all the ckecks and routing in the Lib.
create a view with your post-registering stuff and make them conditionally visible. and include the view in your templates.
One way you can do it is to create a custom controller by extend the core CI_Controller. Then you can have your page controllers extend from your custom controllers. By extending, you inherit the functions of the parent, as well as run the parent constructor (or run it if you override it), making them "globally available" to whoever extends it.
//extend the core controller
class MY_Controller extends CI_Controller {
//override to provide additional functionality
public function __construct(){
//run the core controller
parent::__construct();
//then do your login and registration checks here
//you can put code here, call another function or load a helper class
//or better, redirect them to your registration page
}
}
//your page's controller extending from your custom controller
class Page extends MY_Controller {
//not overriding the constructor will execute the parent constructor
//every page that extends your extended controller will inherit it's functions
//and execute it's constructor
}
Just a quick logical question.
I have 2 Zend Controllers namely Merchant and Account. Merchant Controller has an action called editAction. My question is whether it is possible to have same action in Account as well without duplicating the code. I managed to create a include file for the view but I like to have a best way to manage my code. I currently have an idea of having an Helper class and invoke that helper class to both these Controllers. But I know someone would have got better solution than this. Please help me.
Thank you
The simplest solution would be to extend Zend_Controller_Action into your own base class and put editAction() into that. For example, assuming you have model classes named 'Account' and 'Merchant':
abstract class My_Controller_Action extends Zend_Controller_Action
{
protected $_modelName;
public function editAction()
{
$model = new $this->_modelName();
// Do your editing here.
}
}
class AccountController extends My_Controller_Action
{
protected $_modelName = 'Account';
}
class MerchantController extends My_Controller_Action
{
protected $_modelName = 'Merchant';
}
Keep in mind that this design implies that the code in editAction() would work for both Accounts and Merchants.
I think the best course of action would be to put majority of the logic inside your Models and keep your controllers lean. Your models can extend your own class which would have common operations in it.
You could also write your own class, it doesn't have to be a helper, and use it in the controllers to save the entity:
$saver = new My_Editing_Class();
$saver->edit("account",$this->getRequest()->getPost()); // Editing "account" with the POST data.
You then do your magic inside "My_Editing_Class".