How to restrict pages based on user roles in codeigniter

Hey guys, after 3 days of my effort finally i did user role based pages restrictions.

Wanna interested to know how it can ?? 😉

Coooooooooooool.. I will explain the procedure now.. 🙂

Now iam going to build a application system where user enters with admin/user logins..if user enters with admin credentials he can access all pages..if not he cant access restricted page.

Steps:

1.create a db named user with id,email,password,role.

2.create a DB for sessions also..Clickhere

3.create necessary controllers,views etc. Here in my example..controller name is main and view name is performancefactors.

4. now create a model for users to get user details.

<?php

class Model_users extends CI_Model
{

public function can_log_in(){

$this->db->where(’email’,$this->input->post(’email’));
$this->db->where(‘password’,md5($this->input->post(‘password’)));
$query = $this->db->get(‘user’);
//$fields = $this->db->field_data(‘role’);
if($query->num_rows()==1){ //if it founds a user meaning if it find a valid credential

//return true;
return $query;
//return $fields;

}
else
{
return false;
// /return $query;
}

}// end of can_log_in

 ?>

5. Now create a model for roles..

<?php

class Model_role extends CI_Model {

 public function scalar($user,$role){

$this->db->where(’email’,$this->input->post(’email’));
$this->db->select($role); #Because I need the value
//$this->db->field_data($role);
// $this->db->where($where); #Because I need the variable column entitled siteoverview
$query = $this->db->get($user); #From the settings table
$row = $query->row_array(); // get the row
return $row[‘role’]; // return the value
}
}

?>

6. Now pass this roles in session database table..follow the controller code..

public function login_validation()
{
$this->load->library(‘form_validation’);
$this->form_validation->set_rules(’email’,’Email’,’required|trim|xss_clean|callback_validate_credentials’);
$this->form_validation->set_rules(‘password’,’Password’,’required|md5|trim’);
if($this->form_validation->run()){
//$userlevel = $query->result();
$this->load->model(‘model_role’);
$data = array(
’email’=>$this->input->post(’email’),
‘is_logged_in’=> 1,
‘role’=>$this->model_role->scalar(‘user’,’role’) // passing role details to session table
);
$this->session->set_userdata($data);
redirect(‘main/members’);
}
else
{
$this->load->view(‘login’);
}
}

public function validate_credentials($query) // we will load models here to check with database
{
//$userlevel[‘records’] = $this->model_users->can_log_in($this->input->post(’email’));
$this->load->model(‘model_users’);
if($this->model_users->can_log_in()){
return true;
//print_r($query) ;
//return $fields;
}
else
{
//print_r($query) ;
$this->form_validation->set_message(‘validate_credentials’,'<div class=”alert alert-error”><a href=”#” class=”close” data-dismiss=”alert”>&times;</a>
Incorrect Username/Password</div>’);
return false;
}
}

7. Now create a condition to view a page based on user roles..either show/restrcit…

in my case iam having user-role =1 for admin and role = 0 for normal user..

controller code for a view:

public function perffactors(){
if($this->session->userdata(‘is_logged_in’)&&$this->session->userdata(‘role’,’1′)){ //if session is created then login to members page
$this->load->view(‘perffactors’);
}else
{
redirect(‘main/restricted’);
}

}

Advertisements