English 中文(简体)
Best way to make Admin pages in CodeIgniter?
原标题:

I m working on an app in CodeIgniter, and I want to have admin pages for several of the objects in the application, and I m wondering what would be the better way to put these into an MVC structure.

Idea 1: In each controller, have an admin function, and add all of the admin pages I would like into that function. example URL: domain.com/articles/admin

Idea 2 Make a new admin controller, which would have to reference many different models, and put all of the admin pages in there. example URL: domain.com/admin/articles

Which way would be better?

Edit for clarification: By admin functionality, I mean being able to do the basic CRUD actions on any object, and be able to display a list of all of said object.

最佳回答

I ll echo Justin in keeping it part of the individual controllers.

You should setup some kind of authorization system that the individual controllers can use to so who is logged in (username) and what access they have (admin/member/etc). Here s a SO thread on CodeIgniter Auth Classes.

The view would then conditionally show the appropriate links, and the controller would enforce the policy by checking the auth before passing any data to the model or rendering an edit view. On unauthorized access an error could be rendered, or simply render with the non-editing view.

This approach seems to make the most sense (at least to me) because all the functionality is stored in the individual controller. Keeping admin functions in a single admin controller means you ll have to manage two controllers (the admin, and the actual controller) every time you add somethign new (or remove something).

If you re concerned about putting auth checking in every controller, you could create a generic controller class with all the auth setup, then have your controllers extend it. In the end the individual controller auth check could be as simple as:

function edit()
{
    if(!$this->auth()){
        //display auth error, or forward to view page
    }
}

Of course some kind of ACL implementation would make this better, but I don t believe CodeIgniter has an official ACL.

问题回答

Definitely a different controller at least!

I used to think that I could keep all my admin functions in a single controller, but as my programs grew, I realized that I needed multiple controllers in my administration section.

So, I created a folder inside my controllers folder with the name "admin" and put all my administrative controllers in there. So my folders would look something like:

  • application
    • controllers
      • front.php
      • welcome.php
      • admin
        • dashboard.php
        • useradmin.php
  • etc...

One problem this creates, however, is when you type http://mysite.com/admin in your browser, it returns a 404 page. So, go to your "application/config/routes.php" file and add a custom route:

$routes[ admin ] =  admin/dashboard/index ;

It s a good idea to have an admin folder in the controllers folder wherein you can access your administration e.g. yoursite.com/admin/users.

All your administrative needs will be there and all methods will be protected by checking user privileges like so:

if ( ! $this->auth->logged_in(array( login ,  admin )))
{
    $this->session->set_flashdata( message ,  You do not have access to view this page );

    redirect( admin/users/login );
}

Then all controllers outside the admin folder will - depending on your type of site - will only be for viewing, etc.. no administrative portions.

Idea 2 is better. system/application/controllers/admin

You keep all your admin controllers here.

Here is an extensive guide to the pro s and con s of each method:

http://philsturgeon.co.uk/news/2009/07/Create-an-Admin-panel-with-CodeIgniter

Depending on what you mean by Admin functionality...typically, this is thought of as an Edit view.

And typically, you use the existing controller to serve the Edit view allowing the authorized users to make the edits (in your case, Admin users only).

Looks like a personal choice, i love having everything centralized so the admin controller would be my bet.

That way i wouldn t have to open up 5 different controllers while modifying admin tasks.





相关问题
Brute-force/DoS prevention in PHP [closed]

I am trying to write a script to prevent brute-force login attempts in a website I m building. The logic goes something like this: User sends login information. Check if username and password is ...

please can anyone check this while loop and if condition

<?php $con=mysql_connect("localhost","mts","mts"); if(!con) { die( unable to connect . mysql_error()); } mysql_select_db("mts",$con); /* date_default_timezone_set ("Asia/Calcutta"); $date = ...

定值美元

如何确认来自正确来源的数字。

Generating a drop down list of timezones with PHP

Most sites need some way to show the dates on the site in the users preferred timezone. Below are two lists that I found and then one method using the built in PHP DateTime class in PHP 5. I need ...

Text as watermarking in PHP

I want to create text as a watermark for an image. the water mark should have the following properties front: Impact color: white opacity: 31% Font style: regular, bold Bevel and Emboss size: 30 ...

How does php cast boolean variables?

How does php cast boolean variables? I was trying to save a boolean value to an array: $result["Users"]["is_login"] = true; but when I use debug the is_login value is blank. and when I do ...

热门标签