Unfortunately, that didn't help me too much. Here is my code:
uses('sanitize');
class AppController extends Controller {
var $components = array( 'rdSimpleAuth' );
var $rdAccess = '*'; // this will protect every page except the
loginPage.
var $Sanitize;
function __construct() {
$this->rdSimpleAuth->roles = array( 'Admin' => 'admin',
'User' => 'user',
'Anon' => 'anon' );
$this->Sanitize = &new Sanitize;
parent::__construct();
}
function beforeFilter() {
if( '' == trim( $this->Session->read( 'rdAuth.id' ))) {
$this->Session->write( 'rdAuth.role', 'anon' );
}
if( eregi( CAKE_ADMIN, $this->action )) {
$this->rdAccess[$this->action] = array( 'role' => 'admin' );
}
if( !$this->rdSimpleAuth->check( $this->action, $this->rdAccess ))
{
$this->redirect( '/users/login' );
exit;
}
}
}
As an aside, what is
var $rdAccess = '*';
doing anyway? How is it protecting every page except the loginPage??
class UsersController extends AppController {
var $name = 'Users';
var $rdAccess = array( 'index' => array( 'admin', 'user', 'anon' ),
'view' => array( 'admin', 'user', 'anon' ),
'add' => array( 'admin' ),
'edit' => array( 'admin' ));
function login() {
//RENDER VIEW IF USER IS LOGGED IN
if( $this->rdSimpleAuth->valid ) {
if( $redirectPage = $this->Session->read( 'rdAuth.redirect' )) {
$this->Session->del( 'rdAuth.redirect' );
$this->redirect( $redirectPage );
} else {
$this->redirect( '/' );
}
}
//RENDER LOGIN FORM AND THEN HANDLE POST
if( empty( $this->data )) {
$this->render('login');
} else {
$this->Sanitize->cleanArray( $this->data );
if( $this->User->validates( $this->data )) {
$this->data['User']['username'] = $this->Sanitize->paranoid(
$this->data['User']['username'], array( '.','_','-' ));
$this->data['User']['password'] = md5(
$this->data['User']['password'] );
$this->data = $this->User->find( array( 'User.username' =>
$this->data['User']['username'],
'User.password' =>
$this->data['User']['password'] ));
if(( 0 < strlen( $this->data['User']['id'] )) &&
( trim( $this->Session->read( 'rdAuth.id' )) == trim(
$this->data['User']['id'] ))) {
//sets up the session vars
$this->rdSimpleAuth->set( $this->data['User'] );
/* This was causing problems when 'redirect' was set to
something else.
* Don't read it from session, instead use the variable from
the component.
* @author Mandy
*/
//$this->redirect( $this->Session->read('rdAuth.redirect') );
$this->redirect( $this->rdSimpleAuth->loginPage );
} else {
$this->data['User']['password'] = '';
$this->set('message', 'Invalid login/password');
}
} else {
$this->data['User']['password'] = '';
$this->set('message', 'Invalid login/password');
$this->validateErrors($this->User);
}
}
}
}
If no role has been set, I'm setting it to anon. By default, anon has
access to both the index() and view() action. However, everytime I try
to go to either of those pages, I'm redirected to login.
What's going on? What am I missing?
thnx,
Christoph
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Cake PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
