Home/ Questions/Q 6151887
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T19:50:10+00:00

I have a CakePHP 1.3 application that has a login system, which works well.

  • 0

I have a CakePHP 1.3 application that has a login system, which works well. It uses a DB with a users table, which existed before creating this app.

I’m using Auth in my AppController. The login function looks like

function login() {}

and it’s located in the users_controller.

Everything works fine, as I said, but I have problems trying to add a new functionality. I would like to, during the login process, detect if a user has introduced a specific combination of login/password (let’s say admin/adminpwd). If so, the login should be succesful AND he would be taken to an admin area (/admin/index). Otherwise, the login process should work as usual.

Once in this admin area (controlled by an admin_controller), this user should be able to perform some actions exclusive to him, no to the rest of users (even if they type on the browser /admin/action).

I’ve read about ACL, and probably it would help with this, but it seems too complicated for what I really need. Is there any simple way to do this? I guess I should modify the login function, but I don’t really know how exactly, and if there’s anything else I should change… any ideas?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Let’s just see some code…

    class UsersController extends AppController {

    // we're moving the variable to AppController!

    public function login() {

        $usrInfo = $this->Auth->user();

        if (isset($usrInfo) {

            // this index name might not be right.  I'm going off memory please check this!
            if (in_array($usrInfo['username'], $this->adminUsers)) {
                // do your code here for admin users.  
                // could be a redirect or just changing the layout used
            } else {
                // is a user that is logged in but not in our admin list
            }

    }

}

    To test if the user is logged in you would need to do something like the following:

    class AppController extends Controller {

    protected $adminUsers = array('joe_blow_uname', 'jane_blow_uname');

    public function beforeFilter() {

        $routing = Configure::read('Routing.admin');
        $usrInfo = $this->Auth->user();

        if (isset($this->params[$routing]) && isset($usrInfo)) {
            if (!in_array($usrInfo['username'], $this->adminUsers)) {
                // do code here for non-admin users using /admin prefix
            }
        }

    }

}

    Let me know if this doesn’t help.

    Or worse breaks something…

    Edit:

    This is really not the best way to do this obviously. ACL or setting up some kind of group in your database would probably be better. BUT, it is a relatively quick-n-dirty way that, for a small site, should work fine.

    • 0