Home/ Questions/Q 7778621
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T18:26:38+00:00

This question is specifically about how to correctly implement session security in a function/OOP/MVC

  • 0

This question is specifically about how to correctly implement session security in a function/OOP/MVC based environment.

I am familiar with session security in a procedural file – if I have a control_panel.php file that is written procedurally, I can simply check session security at the top of the page, or whenever the logic dictates it would be first loaded.

However, I’m new to OOP/MVC, and my pages are now just a bunch of functions!

Hopefully I do not need to check session security in every function..?

Note that I’m using CodeIgniter2.

Here’s an example of my code:

<?php

class Main_controller extends CI_Controller {

public function __construct() {
        parent::__construct(); 
}

public function index() {
   //$this->load->view(my_view);
   //run some code
}

public function function1() {
   //$this->load->model(my_model);
   // run some code
}

private function function2() {
   //$this->load->view(my_view2);
   //run some code
}
?>

And in a procedural php page it’d just look like this:

<?php

// check user login
if (isset($_SESSION["user"]) && !empty($_SESSION["user"])) {

// all of the code on the page

}
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Extend the base controller as MY_Controller – and put the check there.

    class MY_Controller extends CI_Controller
{
    public function __construct() 
    {
        parent::__construct();

        if ( ! isset($_SESSION["user"]) OR (empty($_SESSION["user"]))
        {
            // User not logged in - so send them to the home page
            redirect ("/");
        }
    }
}

    Then extend the MY_Controller for each of your controllers you want “secure”, the user wont be able to access any of them unless they are logged in

    class Main_controller extends MY_Controller
{
    public function __construct() 
    {
        parent::__construct(); 
    }

    public function index()
    {
        //$this->load->view(my_view);
        //run some code
    }

    public function function1()
    {
        //$this->load->model(my_model);
        // run some code
    }
}

    See here for more info: http://codeigniter.com/user_guide/general/core_classes.html

    • 0