php - Allowing views with specific creditials -
i looking methods of blocking users don't have rights viewing particular pages. tried putting function inside of backend controller inside codeigniter core folder , have backend controllers extend it. wanted put function inside of keep dry principal of putting function inside of every controller.
i'm looking maybe different way of writting function or different ideas of should function.
public function view_allowed($user_data) { if ($user_data->role_id != 4) { return false; } return true; }
with call function inside contruct of other controllers , , if statement if returns false direct other page don't have right creditials view page.
any questions, comments, concerns?
edit 2 :
i had make edit because i'm pondering do. purpose of want run function on each controllers construct regular user should not able view , admin can. if following how know redirect different page if user not able view page.
<?php if (!defined('basepath')) exit('no direct script access allowed'); class recent_activities extends backend_controller { /** * load parent construct , additional models, helper, libraries available. * @return void */ public function __construct() { parent::__construct(); $view_allowed = view_allowed($user_data); } public function index() { $this->breadcrumb->add_crumb('<li><a href="' . site_url() . 'control-panel/activities/recent-activities">activities</a></li>'); $this->breadcrumb->add_crumb('recent activites'); $activities = $this->user->get_all(); $this->template ->title('recent activites') ->build('recent_activities_view'); } }
i create helper function this:
if(!function_exists('view_allowed')) { function view_allowed($user_data=null) { if($user_data->role_id != 4) { return false; } else { return true; } } }
here post on how set helper function https://stackoverflow.com/a/804520/1893629
in controller
$this->load->helper('new_helper'); //pass in $user_data //will return true or false $view_allowed = view_allowed($user_data);
update edit 2:
<?php if (!defined('basepath')) exit('no direct script access allowed'); class recent_activities extends backend_controller { /** * load parent construct , additional models, helper, libraries available. * @return void */ public function __construct() { parent::__construct(); $view_allowed = view_allowed($user_data); if(!$view_allowed) { redirect('go/to/a/new/page'); } } public function index() { $this->breadcrumb->add_crumb('<li><a href="' . site_url() . 'control-panel/activities/recent-activities">activities</a></li>'); $this->breadcrumb->add_crumb('recent activites'); $activities = $this->user->get_all(); $this->template ->title('recent activites') ->build('recent_activities_view'); } }
Comments
Post a Comment