tags:

views:

38

answers:

1
Q: 

How can i prevent the loading of index function with __construct in CodeIgniter?

Hello,

i am building admin area for my app with CodeIgniter, i created a base Admin Controller in the library named: MY_Admin_Base that extends the CI Controller. and there i checking in the DB if the admin has access to the method.

class MY_Admin_Base extends Controller {

    function __construct()
    {
        parent::Controller();


        //check if the admin has premission to the page
        $this->load->model('admin_permissions_model');
        $query = $this->admin_permissions_model->get_admin_permission(
            array(
            'admin_id'=>$this->session->userdata('admin_id'),
            'page_id'=>$pages_cat_id)
            );

            if(!$query)
                $this->view->load('admin/restricted_area');
    }
}

the main class extends that MY_Admin_Base, and has index method, something like that:

class Main extends MY_Admin_Base {

    function __construct()
    {
        parent::__construct();
    }

    function index() 
    {       
        $this->view->load('admin/main');
    }
}

the problem is that the both the views are loaded if the admin does`nt have access...the restricted and the main view.

someone have any suggestion?

+1  A: 

In the MY_Admin_Base class create a variable to store whether or not the user is an admin:

class MY_Admin_Base extends Controller {
    public $is_admin = true;

Then change

if(!$query)
    $this->view->load('admin/restricted_area');

to

if(!$query) {
    $this->view->load('admin/restricted_area');
    $this->is_admin = false;
}

then in your index function, change the code to.

function index()  {
    if(!$this->is_admin) return;

    $this->view->load('admin/main');
}
Matt Lynn  2010-08-28 17:42:06
but i will need do the checking for every method?
CaTz  2010-08-28 17:49:26
Yes, you will need to check in every method. An alternative could just be to use the die(); function to terminate the code execution after you load the restricted_area view, although depending on your environment that may not necessarily be a good idea. Another alternative is to create an array in every controller containing the names of the "protected" methods, then just use in_array inside of the constructer to determine if the user is allowed to access that method, if not then call the die(); function or use some other safer method of shutting down the execution of the application.
Matt Lynn  2010-08-28 17:54:04
OK...thank you!
CaTz  2010-08-28 18:12:02

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases