I have a user registration page that launches a third party script for a game, i only want this page to finish loading if the user accepts the permission (it will set a HTTP variable). I currently have it prompting for permission but is loading the page in the background, how would i go about "waiting" or "reloading" the page to re-check if this variable is set yet?
Controller function for add
public function add() {
if ($this->User->IGBRequireTrust()) {
if ($this->request->is('post')) {
$this->User->create();
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved'));
$this->redirect(array('action' => 'index'));
} else {
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
}
}
}
}
Public function in Model that is called above
// Returns TRUE if the user trusts the site, FALSE otherwise.
public function IGBRequireTrust()
{
if($_SERVER['HTTP_EVE_TRUSTED'] != 'yes')
{
echo "<script>CCPEVE.requestTrust('http://*.".$_SERVER['HTTP_HOST']."');</script>";
}
return true;
}
The page needs to redirect back to the index function with a session flash msg set if they do not accept the permission. I tried adding an else in where it calls the IGBRequireTrust function but it seems to always do both.
UPDATE:
AppController Function
public function beforeFilter() {
$this->Auth->allow('index', 'view');
if($this->name == 'Users' && $this->action == 'add'){
//die('correct controller and action');
if(isset($_SERVER['HTTP_EVE_TRUSTED'])){
if($_SERVER['HTTP_EVE_TRUSTED'] != 'yes' && $this->action != 'promptEveTrusted'){
$this->redirect(array('controller'=>'Users', 'action'=>'promptEveTrusted'));
}
} else {
$this->Session->setFlash(__('Registration is only allowed through the EVE in game browser.'));
$this->redirect(array('controller'=>'Users', 'action'=>'index'));
}
//} else {
// die('wrong controller and action');
}
}
Looks like you are injecting javascript into the page, which will not get rendered until after all php code. Maybe try using javascript as your logic here. Or jquery would be super easy. Also, $this->User->IGBRequireTrust() is always returning true. put return false in your if statement
// Returns TRUE if the user trusts the site, FALSE otherwise.
public function IGBRequireTrust()
{
if($_SERVER['HTTP_EVE_TRUSTED'] != 'yes')
{
echo "<script>CCPEVE.requestTrust('http://*.".$_SERVER['HTTP_HOST']."');</script>";
return false;
}
return true;
}
<script>
var eve_trusted = '<?php echo $_SERVER['HTTP_EVE_TRUSTED']; ?>';
var declined_eve_url = '<?php echo $this->webroot; ?>users/unauthorized';
//Might have to wait for your script injection to load so we will wait for document ready
$(function(){
if(!eve_trusted) window.location.href = declined_eve_url;
});
</script>
Here I would offer you help in canceling the page load with js but, I am not sure of the order that your main script will load.
Alternatively, you could clean all of this up by putting your logic in the beforeFilter of your AppController.ctp
function beforeFilter(){
if($_SERVER['HTTP_EVE_TRUSTED'] != 'yes' && $this->action != 'promptEveTrusted')
$this->redirect(array('controller'=>'User', 'action'=>'promptEveTrusted'));
}
//USERS CONTROLLER
function promptEveTrusted(){
//This will give the user a blank template, comment if you don't wish this
$this->layout = 'ajax';
}
//views / users / prompt_eve_trusted.ctp
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
<script>
$(function(){
CCPEVE.requestTrust('http://*.".$_SERVER['HTTP_HOST']."');
});
</script>
I would load the page without the http variable and that would just show a message (by javascript, for example).
If the user accepts it, then, javascript will redirect him to the same page with a variable, which will then load everything you want when the variable is set.
If he doesn't accept it, it will just keep in the same page or redirect him to another one, as you prefer.
Related
Im using laravel 4.0 im tyring to display a layout only if a variable ==0 (just in case a user tries to navigate to the url instead of clicking through) (i know I can redirect instead of extending but this is undesirable for now)
I am trying to get the layout to only extend when the user navigates to the page manually, noajax is set to true if their is no ajax request being sent when it goes to the function, so if the user where to navigate to the url manually it will still display the page but extend the layout.
#if ($noajax==1)
#extends('layouts.master')
#endif
#section('content')
//controller
public function test($id,$model)
{
if (Request::ajax())
{
//$foreign_key and $model must be <> null
if ($id == null || $model == null) {
$this->render('../Errors/missing_arg', 'error');
return;
}
if($model=="ArtObj")
{
$partable = "art_objects";
$path='img/art-objects/';
}
$parid=$id;
$noajax=0;
$mediaimgs = Media::where('parent_id' , $id )->where('parent_table', $partable)->paginate(15);
$response = Response::Json($mediaimgs);
return View::make('/Admin/manageimage/manage_image',compact('parid','mediaimgs','model','path','noajax'));
}
else{
if($model=="ArtObj")
{
$partable = "art_objects";
$path='img/art-objects/';
}
$parid=$id;
$mediaimgs = Media::where('parent_id' , $id )->where('parent_table', $partable)->paginate(15);
$response = Response::Json($mediaimgs);
$noajax = 1;
return View::make('/Admin/manageimage/manage_image',compact('parid','mediaimgs','model','path','noajax'));
}
}
In this case you should use 2 views in controller.
In controller you should use:
if ($noajax) {
return View::make('noajax');
}
else {
return View::make('ajax');
}
In noajax view you can extend from any other view and if noajax and ajax have common code, you should put it in separate file and use #include in those both views to include common part of code.
I have a base class which is inherited by all the controllers. I am having a function in the base class which determines the logged in users role using Auth. Once the users role is determine a variable $LoggedIn_role is set.
This method is correctly called on the initial page load, but later i am issuing ajax calls to check whether the user is still logged in, at that time the Auth::logged_in() always returning 0.
The kohana version i am using is 3.3
Can any one please suggest what is the best approach to circumvent this issue. Thanks.
To login -
if ($ValidObj->check()) {
if (Auth::instance()->login($_POST['email'], $_POST['password'],FALSE)) {
$this->DoPostLoginJobs();
} else {
$this->ManageError(Controller_Application::MsgWrongUserCredentials);
}
} else {
$this->Form_Errors = $ValidObj->errors('');
}
To Logout -
public function action_logout() {
$loggedout = Auth::instance()->logout();
if ($loggedout)
HTTP::redirect ('/home/'); // redirects to the home page.
}
Inside the controller_Application . The base class of all the controllers
public function DetermineUserRole() {
$this->LoggedIn_Role = Controller_Application::None;
try {
if (Auth::instance()->logged_in('freelancer')) {
$this->LoggedIn_Role = Controller_Application::Freelancer;
$this->LoggedIn_Id = Auth::instance()->get_user()->pk();
} else if (Auth::instance()->logged_in('employer')) {
$this->LoggedIn_Role = Controller_Application::Employer;
$this->LoggedIn_Id = Auth::instance()->get_user()->pk();
}
} catch (Gettrix_Exception $exc) {
$this->ManageError(Controller_Application::RedirectNonRecoverableError);
}
public function before() {
if ($this->request->is_ajax()) {
$this->auto_render = false;
}
$this->DetermineUserRole();
if($this->auto_render==TRUE){
parent::before();
$this->template->content = '';
$this->template->styles = array();
$this->template->scripts = array();
View::set_global('site_name', 'TheWebTeam');
View::bind_global('Form_Errors', $this->Form_Errors);
View::bind_global('LoggedIn_Role', $this->LoggedIn_Role);
View::bind_global('LoggedIn_Id', $this->LoggedIn_Id);
View::bind_global('InvitedEmail', $this->InvitedEmail);
View::bind_global('InvitedUniqueID', $this->InvitedUniqueID);
View::bind_global('scripts', $this->template->scripts);
View::bind_global('styles', $this->template->styles);
}
//This is inside the Home page controller, where it lists all the jobs for the logged in user.
public function action_joblist()
{
echo Auth::instance()->logged_in() . //The state holds to the initial state, doesn't //change when the user is logged out or logged in.
}
Please note that action_joblist() is called via AJAX/Jquery call.
The issue is fixed by following the instructions given in the link : http://forum.kohanaframework.org/discussion/9619/session-timeout-corruption-problems/p1
I want go to the home pages as the privilege of user that current logged in.
When i am trying to open the page that having the link it goes to the home page. What changes that i need on my code
<body>
Home
</body
function home()
{
if($_SESSION['privillage']=="ADMIN")
{
header('location:admin_home.php');
}
elseif($_SESSION['privillage']=='SUPERVISOR')
{
header('location:home.php');
}
else
{
header('location:user_home.php');
}
}
Your function is being used inside an <a href="...">, so it's clearly supposed to return a URL (also you need to echo it)
Your current code is trying to redirect the user immediately, which won't work because you've already sent <a href=".
Try:
function home() {
if($_SESSION['privillage'] == "ADMIN") return "admin_home.php";
if($_SESSION['privillage'] == "SUPERVISOR") return "home.php";
return "user_home.php";
}
header('location is used if you want a PHP script to redirect the browser to another page. What you are trying to do is simply changing the href based on certain conditions.
function home()
{
if($_SESSION['privillage']=="ADMIN")
{
return 'admin_home.php';
}
elseif($_SESSION['privillage']=='SUPERVISOR')
{
return 'home.php';
}
else
{
return 'user_home.php';
}
}
For readability, you could consider using PHP's switch statement
may be you have to capitalize the first letter of "location" use "Location" in header('Location:user_home.php'); :)
I am trying to send the id data from a button back to one of my controllers on button click. Depending on the id sent, I want the controller function to redirect the user to different views.
Button:
<a href="/oauth/facebook" id="{{$artist->id}}" class="sign">
/oauth/facebook route:
Route::get('oauth/{provider}', 'Oauth2Controller#action_session')->before('guest');
Function action_session in Oauth2Controller:
public function action_session($provider) {
$id=Input::get('id');
if($id > 5) {
return Redirect::to('/fans');
}
else {
return Redirect::to('/artists');
}
}
I tried using ajax but it seems that the oauth/facebook route is called on button click first, before the ajax request can go through (so the $id field is blank when the controller runs). Is there any way to do this? Thank you.
You won't find the id in the input using this approach, but you could extend the route with an optional (unless you want it for all providers) parameter like this:
Route
Route::get('oauth/{provider}/{id?}', 'Oauth2Controller#action_session')->before('guest');
Controller
public function action_session($provider, $id = null) {
if ($id > 5) {
return Redirect::to('fans');
} else {
return Redirect::to('artists');
}
}
Button
...
I need little Active record help. I am trying to update page views which i store in database. Each time post() function runs, add +1 . Here is my code:
public function post($id) {
if($id == NULL){
redirect('blog');
}
else{
$this->db->where('entry_id',$id);
$this->db->set('views','views+1');
$this->db->update('entry');
Please help!
Correct your code like this for example:
public function post($id) {
if(!isset($id) || (int) $id<=0){
header('Location: /blog');
}
else{
$this->db->where('entry_id',$id);
$this->db->set('views','views+1');
$this->db->update('entry');
}
Mark the header('Location: /blog') - you should put here your real server path to the blog.
If you use a custom redirection function, like your redirect() then check if the is an output before calling her. Header redirection only works if no other output is sent to the browser before invoking it.
public function post($id) {
if($id == NULL){
redirect('blog');
}
else{
$this->db->where('entry_id',$id);
$this->db->set('views','views+1',FALSE);
$this->db->update('entry');
FALSE turns off Active record escaping,by default it ignores +1.