Not giving access to certain method in controller

2019-01-27 13:03发布

站内文章 / PHP
10 0 0

问题:

I want user to not access certain method of controller when session is not set. For this I can check session in all method and if session is set then only go to furthur else redirect to specific page. Since I have many method that I don't want user to take access if session is not set. Its bulk to go through all method and check session. Are there any shortcut way to obtain this functionality.

I tried checking session is constructor method of controller but it works for all method. But I want only specific method to block if session is not set. How to do it.

Example:

class dashboard extends CI_Controller {

 function __construct() {
    parent::__construct();
    $this->load->library('session');
    $this->load->model('dbmodel');
    $this->load->helper('url','form');


    //verified user check
    if($this->session->userdata("unverified") != FALSE) {
        redirect("verify_user");  

    }

    }
    //verified user check
}

Above code, redirects to verify_user controller as soon as 'unverified' session is found when user go to dashboard controller. But I want to give access to some method of dashboard controller. Not all method. Where as this code redirects whenever session is found and don't give access to any method of dashboard controller.

回答1:

Check this It might help you

class MY_controller extends CI_controller{
    function __construct() {
        parent::__construct();
    }
    function _required_user($params =array()){
        $action =$this->router->fetch_method();
        if(empty($params['except']))
            $params['except'] =array();
        if(empty($params['only']))
            $params['only'] =array();
        if(count($params['except']) > 0 && in_array($action,$params['except']))
            return true;    
        if(count($params['only']) > 0 && in_array($action,$params['only']) && $this->session->userdata('is_login'))
            return true;
        if($this->session->userdata('is_login'))    
            return true;
        redirect('login');  

    }       
}

class dashboard extends MY_Controller {

  function __construct() {
        parent::__construct();
        $this->load->library('session');
        $this->load->model('dbmodel');
        $this->load->helper('url','form');
        $this->_required_user(array('except'=>array('index')))      
    }
    function add(){
    /*
    Session required
    */  
    }
    function edit(){
    /*
    Session required
    */  
    }
    function index(){
    /*
    no session required
    */
    }
  }

 class content extends MY_Controller{
    function __construct() {
        parent::__construct();
        $this->load->library('session');
        $this->load->model('dbmodel');
        $this->load->helper('url','form');
        $this->_required_user(array('only'=>array('index')))        
    }
    function add(){
    /*
    no Session required
    */  
    }
    function edit(){
    /*
    no Session required
    */  
    }
    function index(){
    /*
    session required
    */
    }
 }  
class Myaccount extends MY_Controller{
    function __construct() {
        parent::__construct();
        /*
        for all functions session required
        */
        $this->_required_user()     

    }
    function edit(){
    /*
    session required
    */
    }
    function save(){
    /*
    session required
    */
    }
 }
  1. Only param: check session is exist for only given functions/function
  2. Except param: Don't check session for given functions/function
  3. No Param : check session for all function in controller and redirect

You can modified _reuired_user function according to your requirement



回答2:

you can try the following - if it helps

create in your application/core folder a class named MY_Controller something like

class MY_Controller extends CI_Controller
{

    public function checkUserSession()
    {
        if($this->session->userdata("unverified") != FALSE) 
        {
            redirect("verify_user");
        }
        return true;
    }

}

after that your dashboard controller should look like

class dashboard extends MY_Controller 
{
    public function show_dashboard()
    {
        if ($this->checkUserSession())
        {
            //your code
        }
    }
}


回答3:

Create a library with any name i created Users.

class Users 
{
    public function __construct()
    {
        $this->ci =& get_instance();
    }

    function _is_logged()
    {
        if(!$this->ci->session->has_userdata('unverified'))
        {
            redirect('verify_user');
        }
    }
}

Load the library or put it in to autoload in application/config/autoload.php

Then just call the function at the top of your methods which one you want to restrict.

function abc()
{
    $this->users->_is_logged();
    // your code
}


回答4:

This is not an answer but suggestion based on my experience :

As a developer it is easy if it is done like the above mentioned answer by @user1048123.

But for example if you are accessing the method(ex: index) for which session is not needed but still function _required_user() method has to be processed before the index getting displayed where you have to passed larger array( ex:30 methods in array name) . This will slow down the loading time of methods for which session is not needed .So for better performance check the session is the method (in each method ) for which session is needed to be checked.

This idea might be older but it really matters performance when you have alrger number of methods or users are larger.



回答5:

can you check like this?

function __construct()
{
    parent::__construct();
}

function chk_login()
{
    if($this->session->userdata('logged_in'))
    {
         echo "some action";
    }
    else
    {
         redirect('login');
    }
 }


回答6:

In Controller

<?php
    class dashboard extends CI_Controller {

        function __construct()
        {
            parent::__construct();
            $this->load->library('session');
            $this->load->model('dbmodel');
            $this->load->helper('url','form');


        }

        public function index()
        {
            $user = $this->session->userdata("unverified")//asign session value to variauble
            $result = $this->dbmodel->check_user($user);//check user validity

        if(empty($result))
        {
            //user is not verified
            $this->load->view('unverified_loging');
        }
        else
        {
            //user is verified
            $this->load->view('verified_loging');
        }

    }

In Model

    public function check_user($user)
    {
        $query = $this->db->query("SELECT * FROM user WHERE <argument here>");//check with database
        $result = $query->result_array();
        return $result;

    }

If user is satisfied with the validity user then it pass the data to $result. Else if not satisfied with the validity it will return $result as NULL.

So in controller you can check whether $result its empty or not



标签: php codeigniter session
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~