I have an issue were I need insert function, admin_list_students set for only admin to login and access these function or webpages. Then I need it so the user only access the user_list_students. Currently when the user logs in they can also access the admin area. I tried setting up 2 different login pages but again when user logs in they can access admin pages.
student.php controller
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Student extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->model('login/student_model');
}
//Shows the dashboard
public function index()
{
if($this->session->userdata('is_logged_in'))
{
$this->load->view('header');
$this->load->view('student');
$this->load->view('login/footer');
}else{
$this->load->view('login/header');
$this->load->view('login/content');
$this->load->view('login/footer');
}
}
//Insert the Student
public function insert_student()
{
$interest=implode(',',$this->input->post('interest'));
$data=array('name'=>$this->input->post('name'),
'address'=>$this->input->post('address'),
'year'=>$this->input->post('year'),
'gender'=>$this->input->post('gender'),
'interest'=>$interest,
'status'=>1);
//print_r($data);
$result=$this->student_model->insert_student($data);
if($result==true)
{
$this->session->set_flashdata('msg',"Student Records Added Successfully");
redirect('student');
}
else
{
$this->seesion->set_flashdata('msg1',"Student Records Added Failed");
redirect('student');
}
}
//List of students
public function admin_list_students()
{
if($this->session->userdata('is_logged_in'))
{
$data['student']=$this->student_model->get_student();
$this->load->view('header');
$this->load->view('admin_list_of_students',$data);
$this->load->view('login/footer');
}
else{
$this->load->view('login/header');
$this->load->view('login/content');
$this->load->view('login/footer');
}
}
//List of students
public function user_list_students()
{
if($this->session->userdata('is_logged_in'))
{
$data['student']=$this->student_model->get_student();
$this->load->view('header');
$this->load->view('user_list_of_students',$data);
$this->load->view('login/footer');
}
else{
$this->load->view('login/header');
$this->load->view('login/content');
$this->load->view('login/footer');
}
}
public function delete_student()
{
$id=$this->input->post('id');
$data=array('status'=>0);
$result=$this->student_model->delete_student($id,$data);
if($result==true)
{
$this->session->set_flashdata('msg1',"Deleted Successfully");
redirect('student/list_students');
}
else
{
$this->session->set_flashdata('msg1',"Student Records Deletion Failed");
redirect('student/list_students');
}
}
public function edit_student()
{
$id=$this->uri->segment(3);
$data['student']=$this->student_model->edit_student($id);
$this->load->view('header',$data);
$this->load->view('edit_student');
}
public function update_student()
{
$id=$this->input->post('id');
$interest=implode(',',$this->input->post('interest'));
$data=array('name'=>$this->input->post('name'),
'address'=>$this->input->post('address'),
'year'=>$this->input->post('year'),
'gender'=>$this->input->post('gender'),
'interest'=>$interest,
'status'=>1);
$result=$this->student_model->update_student($data,$id);
if($result==true)
{
$this->session->set_flashdata('msg',"Student Records Updated Successfully");
redirect('student/list_students');
}
else
{
$this->session->set_flashdata('msg1',"No changes Made in Student Records");
redirect('student/list_students');
}
}
}
?>
login.php controller
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
/**
* Check if the user is logged in, if he's not,
* send him to the login page
* @return void
*/
function index()
{
if($this->session->userdata('is_logged_in'))
{
redirect('student');
}else{
$this->load->view('login/header');
$this->load->view('login/content');
}
}
/**
* encript the password
* @return mixed
*/
function __encrip_password($password) {
return md5($password);
}
/**
* check the username and the password with the database
* @return void
*/
function validate()
{
$this->load->model('login/login_model');
$username = $this->input->post('username');
$password = $this->__encrip_password($this->input->post('password'));
$is_valid = $this->login_model->validate($username, $password);
if($is_valid)/*If valid username and password set */
{
$get_id = $this->login_model->get_id($username, $password);
foreach($get_id as $val)
{
$mobileno = $val->mobileno;
$fname = $val->firstname;
$lname = $val->lastname;
$state = $val->state;
$email=$val->email;
$city = $val->city;
$username=$val->username;
$adminid=$val->admin_id;
}
$data = array(
'mobileno'=>$mobileno,
'firstname'=>$fname,
'lastname'=>$lname,
'email'=>$email,
'state'=>$state,
'city'=>$city,
'admin_id' => $adminid,
'username' => $username,
'is_logged_in' => true
);
// print_r($data);
$this->session->set_userdata($data); /*Here you can set the values in session */
redirect('student');
}
else // incorrect username or password
{
$this->session->set_flashdata('msg', 'Username or Password Incorrect');
redirect('login');
}
}
/**
* Destroy the session, and logout the user.
* @return void
*/
public function logout()
{
$this->session->sess_destroy();
redirect('login');
}
}
login.php model
<?php
class Login_model extends CI_Model {
/**
* Validate the login's data with the database
* @param string $user_name
* @param string $password
* @return void
*/
/*Check Login*/
function validate($username, $password)
{
$this->db->where('password', $password);
$this->db->where('username', $username);
$query = $this->db->get('membership');
if($query->num_rows == 1)
{
return true;
}
}
/*Get Session values */
function get_id($username, $password)
{
$this->db->select('*');
$this->db->from('membership');
$this->db->where('password', $password);
$this->db->where('username', $username);
$query = $this->db->get();
return $query->result();
}
}
如果您在一个表中编写不同类型的用户,并且在登录用户时必须在会话中使用其唯一ID保存用户类型,则必须在数据库表中设置用户类型,并且必须在何时检查此类型提供访问权限
you set your session 'is_logged_in' for both user and admin so user can view admin pages.
add usertype as a table field,when insert add as 'admin' or 'user' as it is.
when you set session set usertype $this->session->set_userdata('usertype')
and check as $this->session->userdata('usertype') == 'admin'
or $this->session->userdata('usertype') == 'user'
You need to set an additional value, say is_admin in validate()->$data array. Based on this paramenter you give acces to certan admin areas of the website, like this: In student.php controller,
public function admin_list_students()
{
if($this->session->userdata('is_logged_in') and $this->session->userdata('is_admin'))
{ ...etc
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.