7

Let say at my controller named Book, I have many methods, such as get_book(); read_book(); remove_book();

No methods in the class can be used without user logged in, and I can get the user_id from session.

My question is, what is/are the best ways to check the if the user_id session is set so that I can use the methods?

As for now I am thinking of creating a is_logged_in() method, and apply it to every methods with an if-else statement, like

if($this->is_logged_in()
{
   //do something
}
else
{
   //redirect to home
}

Isn’t it long and tedious? Is there an ultimate way to achieve this?

I read the link

codeigniter check for user session in every controller

But it seems that I still have to apply the is_logged_in check at every methods.

Thank you for helping me!

Community
  • 1
  • 1
Gerard
  • 513
  • 3
  • 7
  • 14

3 Answers3

11

Create a file called MY_controller.php (the prefix can be edited in config file) in /application/core:

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class MY_Controller extends CI_Controller {


    function __construct()
    {

        parent::__construct();

        //Initialization code that affects all controllers
    }

}


class Public_Controller extends MY_Controller {

    function __construct()
    {
        parent::__construct();

        //Initialization code that affects Public controllers. Probably not much needed because everyone can access public.
    }

}

class Admin_Controller extends MY_Controller {

    function __construct()
    {
        parent::__construct();
        //Initialization code that affects Admin controllers I.E. redirect and die if not logged in or not an admin
    }

}

class Member_Controller extends MY_Controller {

    function __construct()
    {
        parent::__construct();

        //Initialization code that affects Member controllers. I.E. redirect and die if not logged in
    }

}

Then anytime you create a new controller, you decide what access it requires

    class Book extends Member_Controller {

        //Code that will be executed, no need to check anywhere if the user is logged in. 
        //The user is guaranteed to be logged in if we are executing code here.

//If you define a __construct() here, remember to call parent::__construct();
    }

This cuts code duplication a lot, since if you need another member controller other than Book you can just extend the Member_Controller. Instead of having to do the checks in all of them.

Esailija
  • 138,174
  • 23
  • 272
  • 326
  • I understood your answer, this is really follow the DRY and helps me to apply the correct business rule to different group of user. Thank you and @Kemal Kernal so much for your help :) – Gerard Nov 24 '11 at 16:57
9

You don't necessarily need to do that. Simply put the login check code in the constructor and you're all set!

class Book extends CI_Controller
{
    public function __construct()
    {
        if ($this->is_logged_in())
        {
            // redirect to home
        }
    }

    public function get_book()
    {
        ...
    }

    // The rest of the code...
}
Kemal Fadillah
  • 9,760
  • 3
  • 45
  • 63
  • Thank you so much, i tested and it works flawlessly. To be updated from the link is that we should put MY_Controller under application/core. Again, thanks for your help :) Have a nice day! – Gerard Nov 24 '11 at 16:21
  • 2
    @user826224, you still need to duplicate code with this. My answer differs a lot from the one you linked, you should read it carefully :) – Esailija Nov 24 '11 at 16:25
0

You can use the method in constructor of controller, like:

if ( ! $this->session->userdata('logged_in'))
    {   
            redirect('login');
    }
Sudhir Bastakoti
  • 99,167
  • 15
  • 158
  • 162