How to implement a secured login/logout in Codeigniter? - codeigniter

I am making a secured login for the system I am creating with CI since there should be an admin control of the system.
My approach was that I made a file on the application/core directory named MY_System.php where I got this line of code:
class MY_System extends CI_Controller
{
function __construct()
{
parent::__construct();
}
}
Then I also have Admin_Controller.php where I got this code :
class Admin_Controller extends MY_System
{
function __construct()
{
parent::__construct();
$this->is_logged_in();
}
function is_logged_in()
{
$is_logged_in = $this->session->userdata('is_logged_in');
if(!isset($is_logged_in) || $is_logged_in != true)
{
redirect(base_url(). 'login');
}
}
}
The 2 files above are saved inside the core folder of the framework.
While on the controllers directory of the system, I got several controllers let's say Person in instance where I have this code:
class Person extends Admin_Controller
{
function __construct()
{
parent::__construct();
}
}
I believe that in this way, whenever the are pages of the system that shall be restricted I would use the Admin_Controller as the parent of the classes so that the users can't directly access the pages.
Now, my problem is that as I would click logout, the session will be destroyed and the user's data are emptied thus, the user must be redirected to the login page but it doesn't go that way because whenever I would click the back button of the browser right after I click logout, the previous page where the user was would still show up but when I click the links on those page, that's the time when the user will be redirected to the login page. What I want is that, after clicking logout and if he/she attempts and clicks the back button of the browser, he/she must be redirected to the login page.
Does anyone know the solution for my problem? Any help is appreciated. Thanks in advance.

Try adding the follwing HTTP Header to your pages:
Cache-Control no-cache, no-store, must-revalidate
This will force your browser to redownload the page (= re-execute your controller which should check the is_logged_in variable and redirect to the login page)

Try doing this instead:
redirect(site_url('login'), 'refresh');

Related

Authentication redirection in codeigniter

I am new to codeigniter framework. I am trying to build a authentication system.
Authentication is working fine. My problem is that after successfully logging, when I click the back button in the browser it is directed to login page again. I want to redirect it to the home page itself. i want to reload the home page not the index page(index page is the login page, after successful login goes to home page)
How can I do it
In your login page check that login session is started or not, if it is started than redirect to home page :
if(isset($_SESSION['user']))
{
header('Location:http://localhost/projectname/home');
}
If you have any confusion please let me inform.
Thanks
on the home page controller check whether the session exists or not. if it exists then redirect to home page otherwise login page.
In your home_model.php do something like below:
<?php
class Home_model extends CI_Model
{
function __construct()
{
parent::__construct();
$this->check_session();
}
function check_session()
{
$session_login = $this->session->userdata("MYLOGIN");
if($session_login == '')
{
redirect('home');
}
if($session_login == 1 && $session_login == TRUE)
{
redirect('home/dashboard');
}
}
}
Load home_model in home controller.

what is the Best way to logout from page in codeigniter?

I make a link for logout in my view page.When I clicked it goes to another page but when I click the back button of browser it comes back to last page I log outed from it.what should I do to prevent this action?
cotroller:
function logout(){
$this->session->sess_destroy();
redirect('acontrol/index');}
thanks for your help.
You can check before the function calls that whether a session is there are not.If the session is empty then you need to redirect to login page again.Better you can check at __construct function in your class.It will called prior to your function call so,for each page the page will be redirect to login whenever your session is empty.
function __construct() {
if($this->session->userdata('iUserId') == '') {
// Redirect to Login page
redirect('controllername/login');
}
}
you can check the session into controller construct method
public function __construct()
{
// Initialization of class
parent::__construct();
if(!$this->session->userdata('id')){
$this->session->set_flashdata('error', 'Please login first');
/* if user is not login then
redirect back to login page and show error
*/
redirect('admin/login/index');
}
}

Codeigniter Passing parameters from view to controller

view has this anchor:
echo anchor('login', 'Login or Register');
how do i send the current url to my controller login? and then use it on another function called login_validation?
all i want is, login and back to the last url, however nothing works. so i thought saving the current url when i click "Login or Register" and then after login, on function login_validation, i should redirect to that url saved...
controller index
public function index(){
$this->main_login();
}
main_login
public function main_login(){
$this->load->helper('url');
// on view i will call the next function login_validation
$this->load->view("view_login");
}
login_validation
public function login_validation(){
$this->load->library('form_validation');
(...)
if ($this->form_validation->run()){
// i should redirect the saved url here, instead of home
redirect('home');
}else{
(...)
}
}
i appreciate any help
You can do this simply by using $this->agent->referrer() in your controller class main_login().
Save the referrer url into your session, and once the user is validated (or if they are), then you pull that string from session:
in main_login():
// grabs url where you clicked login
$this->session->set_userdata('referrer_url', $this->agent->referrer());
in login_validation():
// pull url from session and redirect, make sure to account for not having url too
redirect( $referrer_url );
I apologize for the delay, i was really busy with the end of the semester,
So i will explain how i did to solve this problem, all i wanted was back to the current page after the login.. so, everytime i open my view login i will save the last page url, with this code:
$refering_url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '' ;
and then i should save it in my session, so i can access from my controller and redirect the user to the last page, but look, i can’t simple save the url every time i access the view login, beucase every time i miss the password, i will be redirected to the login page, and so the last url, will the login and not the last one, and of course its wrong, So we have to save it on session, but only in the first time we access the view login, to do that, i compare the variable above ($refering_url) to the view login and view login validation, if its not the same, i can confirm that the previous page is the one i was before the login, and then i can save it to my session,
here the comparison, and the last url saved in my session:
if (($refering_url != ‘URL TO VIEW LOGIN‘) &&
($refering_url != ‘URL TO LOGIN VALIDATION){
$this->session->set_userdata('url', $refering_url);
}
after login is validated, on the controller, i should redirect the user , to the last page he was (the url saved on the session), to do that i used this code:
$this->session->set_userdata($data);
$url=$this->session->userdata('url');
redirect($url, 'refresh');

Codeigniter website taking ~30 seconds to load some pages

I have a codeigniter website that runs beautifully on localhost, but now that I have moved it to Host gator some page requests are taking around 30 seconds to serve up, if loaded at all! The weird thing is that is seemingly random, and while waiting for the page to load, if I simply re-click the link the page will load normally. I'm not sure if this is a programming problem in my controllers (code below) or just issues on host gators end. Please plesse please someone help me out here, as I am going insane.
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
class Company extends CI_Controller
{
function __construct()
{
parent::__construct();
if (!$this->session->userdata('language')) $this->session- >set_userdata('language', 'en');
}
function index ()
{
$tags['title'] = 'title tag';
$this->load->view($this->session->userdata('language').'/includes/view_header',$tags);
$this->load->view($this->session->userdata('language').'/company/view_company');
$this->load->view($this->session->userdata('language').'/includes/view_footer');
}
function warranty ()
{
$tags['title'] = 'title tag';
$this->load->view($this->session->userdata('language').'/includes/view_header',$tags);
$this->load->view($this->session->userdata('language').'/company/view_warranty');
$this->load->view($this->session->userdata('language').'/includes/view_footer');
}
}
I suggest you to test with codeigniter profiler, It will show all the processing time like sql execution etc...
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
class Company extends CI_Controller
{
function __construct()
{
parent::__construct();
$this->output->enable_profiler(TRUE);
if (!$this->session->userdata('language')) $this->session- >set_userdata('language', 'en');
}
When enabled a report will be generated and inserted at the bottom of your pages.
To disable the profiler you will use:
$this->output->enable_profiler(FALSE);
For more details http://codeigniter.com/user_guide/libraries/output.html
Hope this will help you, let us know if anything there... Thanks!!
Do you have any Javascript or external file on your site? That might be the problem.
Try using Firebug/YSlow and you'll probably get if an external js/file (Facebook or Twitter js for example) is taking lot of time to load.

Multiple Web Pages in CodeIgniter

I am having trouble simply making multiple pages with CodeIgniter. For example, I am trying to make a simple About page with codeigniter. So I create an about.php controller and an about_view.php view file. However if I were to try and make a link from the home page to "http://miketrottman.com/about" it will go nowhere. I am sure I am fundamentally missing something but I have read and watched example videos I am just spinning my wheels on this project at this point. Here is my home.php controller, let me know if I should post any other code. My site is http://miketrottman.com. I am new to the CodeIgniter scene an any help is much appreciated!
home.php in Controller directory
'
class Home extends Controller {
function Home()
{
parent::Controller();
}
function index()
{
//Load Extensions
$this->load->database();
$this->load->library('session');
//Include these basics everytime the home page is loaded
$data['pageTitle'] = "Trottman's Blog";
$data['title'] = "Trottman's Blog Title";
$data['heading'] = "Trottman's Blog Heading";
//Load Proper CSS for users browser
$data['css'] = $this->getCSS();
//Load the Blog Model
$this->load->model('blog_model');
//Load the Blog Entries
$data['blog'] = $this->blog_model->getBlogEntries();
$data['blog_comments'] = $this->blog_model->getBlogCommentEntries();
//
//Load all of this information into the home_view Page
$this->load->view('home_view', $data);
}
function getCSS()
{
//Load user_agent library to pull user's browser information
$this->load->library('user_agent');
//Agent is now the users browser
$agent = $this->agent->browser();
//According to the users browser, this is what the CSS should be
if ($agent == 'Internet Explorer')
{
$cssFile = "ieStyle.css";
}
else
{
$cssFile = "style.css";
}
return $cssFile;
}
}?>
'
And I am dumb, my whole problem was I was trying to go to /about and what I should have been doing is http://miketrottman.com/index.php/about because I have yet to remove the index.php in my URIs.
So I guess, thanks Stack overflow for creating an outlet for my ignorance, perhaps others can learn from my mistake then!

Resources