Hello,
I'm new to CakePHP, using it to built an administration panel for my
website. I couldn't quite understand the whole acl/auth compontents in
the manual so I'm not using those. Instead - I've searched the web,
found some tutorials, wrote some code and came up with login panel.
This is the app_controller.php file:
<?php
class AppController extends Controller {
var $uses = array('User');
var $components = array('Session');
var $helpers = array('Html', 'Form');
function checkSession(){
global $user_id;
$username = $this->Session->read('user');
if (!$username){
$this->redirect('/users/login');
exit;
} else {
$results = $this->User->findByUsername($username);
$user_id = $results['User']['id'];
$this->set('user', $results['User']['username']);
}
}
}
?>
users_controller.php:
<?php
class UsersController extends AppController {
var $name = 'Users';
var $helpers = array('Html', 'Form');
function index() {
$this->checkSession();
}
function login()
{
$this->set('error', false);
if ($this->data)
{
$results =
$this->User->findByUsername($this->data['User']
['username']);
if ($results && $results['User']['password'] ==
md5($this->data
['User']['password']))
{
$this->Session->write('user',
$this->data['User']['username']);
$this->Session->write('user_id',
$results['User']['id']);
$results['User']['last_login'] = date("Y-m-d
H:i:s");
$this->User->save($results);
$this->redirect('/');
} else {
$this->Session->setFlash('Niepoprawna nazwa
użytkownika lub hasło.
Spróbuj ponownie.');
$this->redirect('/users/login');
}
}
}
function logout()
{
$this->Session->delete('user');
$this->redirect('/users/login');
$this->Session->setFlash('Do zobaczenia!');
}
}
?>
And a small part of example posts_controller.php:
class PostsController extends AppController {
var $name = 'Posts';
var $helpers = array('Html', 'Form');
function beforeFilter()
{
$this->checkSession();
}
function index()
{
$this->set('posts', $this->Post->find('all', array('order' =>
'created DESC')));
}
// some more code
}
?>
Could some experienced Cake user tell me whether I'm doing it right?
What to change?
The application tends to log me out when I quickly click few links,
thats one issue that I was able to discover, but I'm sure that it has
security holes in it and threats.
Any feedback would be greatly appriecated,
Paul
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
