How can I limit access to specific functions in CodeIgniter? - codeigniter

I have a huge controller in codeigniter, with many functions. I want to limit access to certain functions. How should I proceed?
And can I call the functions using cron daemon???
Or should I place those functions in another controller??

a) To limit the access to functions in your controller you shold use private function declaration example:
function _example_function() {...} USING the underscore!!
This way its impossible to call this function by URL.
b) Other simple way to restrict the access to functions in your controller is to use session variables and states to block the access.
2.) Yes you can use cron to run function just call the URL:
http://host/controller_name/FUNCTION
Regards,
Pedro

I have a huge controller in
codeigniter, with many functions. I
want to limit access to certain
functions. How should I proceed?
You can use some access control based on session to limit access to certain controllers->functions only. At the start of the function you can place the code like if($_SESSION['user'] != 'xyz') exit('access denied') ;
And can I call the functions using
cron daemon???
yes you can call any controller function in cron with this command
wget https://www.example.com/controller-name/function-name
Or should I place those functions in another controller??
Its always a good idea to refactor the code if its getting very big and getting unmanageable.

Another way is to use the protected namespace. When I try calling a function which is marked as protected I'm able to use it within the PHP code yet when trying to load it trough the browser I receive a 404.
Of course marking it as private would work too, but then you'd loose the ability to use the function within an extension of your class. When working with core extensions a lot that would be a problem.
cu
Roman

Related

Caching with codeigniter and twig

I'm trying to cache my output. I'm using Codeigniter's built-in feature $this->output->cache() but it doesn't work. My guess is because I'm using twig. Any ideas?
I found the answer, may it be useful for whoever pass here.
$output = $this->twig->render('template.html'); // use render instead of display
$this->output->set_output($output); // use CI's output (autoloaded by default) manually
$this->output->cache(5); // cache for 5 minutes, doesn't matter where this line is in the function.
As you discovered yourself, you should map output to the Output class via one of the appropriate methods in order to take advantage of its built-in caching features. Note that CI 3.0 currently in development on Github has some updates that you may like (gzipped cache files that retain all output headers, for example).
You could extend the Loader library with a customized view() method, and perform the logic there as well, rather than needing 2+ lines in each controller (if you wanted to load multiple files, you'd have to call render() then append_output() every time).
I did exactly that with the Smarty template library. Should be able to do something similar with Twig. (I've been meaning to port it over as well, but haven't had the time.)

How to override Dojo's xhrGet and xhrPost?

We are extensively using Dojo's xhrGet and xhrPost in our application. This has been used across multiple JavaScript files. Now we need a uniform way in which we handle the exceptions that are returned from the server in case of an AJAX call. We don't want to handle this in all places where we are using Dojo's xhrGet or xhrPost. Is it possible to do that without disturbing any of the existing code? For example, when some exception is sent from the server as part of the ajax response, I need to display some message in a consistent way across the application.
Could you please suggest me a solution for this? Kindly let me know if any more information is required.
Use IO Pipeline Topics as I described in Generic Loading Icon in Dojo and you won't have to change your code at all.
did you look at the dojo/aspect or dojo/on ? You can define functions that get executed after a function was called (or before) with aspect.
Take a look at that:
http://dojotoolkit.org/reference-guide/1.8/dojo/aspect.html#dojo-aspect-after
Why dont you create a custom xhrArgs class using dojo/declare that has the same error function for all his children ?
http://dojotoolkit.org/reference-guide/1.8/dojo/_base/declare.html#dojo-base-declare
Lucian

How to call an action inside another action in Yii?

I've a situation where i get some information from database and based on the data , i want to do/forward to some other controller & action.
How can i do this using Yii? Its like an ajax request..
If i can use the CController->forward() , then how can use the post values for actions?
I shall assume that the reason why redirect() didn't work for you was because you can't sent post variables with it. If that's the case, then let me show you how to overcome the lack of POST support in redirect(). You can use setState(). It creates variables that simulate POST variables. This is the code to store or set a variable:
Yii::app()->user->setState('var', 'value');
And, in order to trace the value you just code as follows:
Yii::app()->user->getState('param1');
It would equally work with forward, but I'm not sure why you want to use it instead of redirect().

Is There A Downside To Calling Models From Helpers In CakePHP?

A bit of context: I need to cache the homepage of my CakePHP site - apart from one small part, which displays events local to the user based on their IP address.
You can obviously use the <cake:nocache> tag to dictate a part of the page that shouldn't be cached; but you can't surround a controller-set variable with these tags to make it dynamic. Once a page is cached, that's it for the controller action, as far as I know.
What you can usefully surround with the nocache tags are elements and helpers. As such, I've created an element inside these tags, which calls a helper function to access the model and get the appropriate data. To get at the model from the helper I'm using:
$this->Modelname =& ClassRegistry::init("Modelname");
This seems to me, however, to be a kind of iffy way of doing things, both in terms of CakePHP and general MVC principles. So my question is, is this an appropriate way of getting what I want to do done, or should it ring warning bells? Is there a much better way of achieving my objectives that I'm just missing here?
Rather than using a Helper, try to put your code in an element and use requestAction inside of the element.
see this link
http://bakery.cakephp.org/articles/gwoo/2007/04/12/creating-reusable-elements-with-requestaction
This would be a much better approach than trying to use a model in your helper.
Other than breaking all the carefully-laid principles of MVC?
In addition to putting this item into an element, why not fetch it with a trivial bit of ajax?
Put the call in its own controller action, such that the destination URL -> /controller/action (quite convenient!)
Pass the IP back to that action for use in the find call
Set the ajax update callback to target within the element with the results of the call accordingly
No need to muck around calling Models directly from Views, and no need to bog things down with requestAction. :)
HTH

Getting the url of an aspx page using the page type

I'm using a web application project.
I have a folder in my web root called Users and in the folder I have a page called UserList.aspx
What I want to be able to do is type in Response.Redirect(Users.UserList.URL)
What I reckon I can probably do is create a class that extends Page and add a static property called URL that calls MethodInfo.GetCurrentMethod().ReflectedType (I think this works haven't tested) and then have that convert Users.UserList -> ~/Users/UserList.aspx
The problems with this method that I know of are one I need to go through every page and make it extend the base class and it doesn't work with any pages that contain a '-' character.
The advantages are that if pages are moved around then there aren't any broken links (Resharper gives out when there is a Page with the wrong namespace).
Also then every individual page that takes query string params could have a static method so that if I want to add/remove params I can see what uses those params etc.
Also if I want to call that page I don't have to check the name of the params e.g. UserId userId, Id or id. So that would look something like Users.ViewUser.GetUrl(1) -> ~/Users/ViewUser.aspx?UserId=1
So the question is: Is there a better way of doing this? Or is this a bad idea in principal?
You could just create an extension method for the base Page class that does what you are thinking. That would avoid having to go back and modify the base class for all your pages.
There is a better way. Create a traffic cop that knows about paths. Then if paths change, your data model changes or other stuff you just change that one place. Plus you could have read from a config file and make changes at run time.
Thus your call looks like this:
Repose.Redirect(TrafficCop["Users.UserList"].URL)
or some other way if you don't like the syntax.
The MethodInfo.GetCurrentMethod().ReflectedType doesn't work so I came up with another method of doing this using generics.
Instead of Users.ViewUser.GetUrl() or Users.ViewUser.URL it's GetUrl()
For a page with parameters it's still Users.ViewUser.GetUrl(1), it isn't ideal because they should both have the same way of being called but better than strings I guess.
Going to leave the question open for a while just in case.
edidt: I think I will actually just create another method called GetUrl(String getQuery) because if I have two parameters that are of the same type it doesn't work very well.
further edit: I found out how to do exactly what I want to do.
created a class called BasePage:Page where T : Page
on that are the static methods redirect and geturl
each page inherits from the base page as follows: MyPage:BasePage
Any page can redirect to that page by using the command MyPage.Redirect();

Resources