Jump to content

Working with sessions


Xtremer360

Recommended Posts

The purpose of this code is to check the set value of the user?s status id to verify if they are even activated, banned, suspended, or deleted. I just happen to take checks to the extreme. I know if they are viewing the page they are on in my control panel they shouldn?t have been able to get to this point but they are just extra checks but that?s how I prefer to do things. My question is that am I performing these tasks correctly with in reference to the session flashdata and the redirect. What I?m wanting to do is say they have the proper credentials to view the page content but I go in and say delete their account. If they go to a different page with the same sort of if statements that it goes to the logout page and logs their session out and then also after it visits the logout page it redirects to the login page which I have already on that logout page but that on the login page if the flash data is set then it views it.

 

roster.php [controller] aids in the listing of my roster members

//permissions based code for that controller/view
//user is registered but not activated
if ($user_data->user_status_id == 1)
{
    $this->session->flashdata('message',    $this->config->item('user_account_deleted_message'));
    redirect('logout', 'refresh');
    $x++;
}
//user is suspended
if ($user_data->user_status_id == 3)
{
    $this->session->flashdata('message', $this->config->item('user_account_suspended_message'));
    redirect('logout', 'refresh');
    $x++;                
} 
//user is banned
if ($user_data->user_status_id == 4)
{ 
    $this->session->flashdata('message', $this->config->item('user_account_banned_message'));
    redirect('logout', 'refresh');
    $x++;
}
//user is deleted
if ($user_data->user_status_id == 5)
{ 
    $this->session->flashdata('message', $this->config->item('user_account_deleted_message'));
    redirect('logout', 'refresh');
    $x++;                
} 

 

logout.php

public function index()
{ 
    $this->session->keep_flashdata('message');
    $this->session->sess_destroy();
    $this->session->set_userdata(array('user_id' => '', 'username' => '', 'xtr' => '', 'role' => '', 'default_roster_id' => ''));
    redirect('login', 'refresh');
} 

 

login_form_view.php

<?php if ($this->session->flashdata('message') && (!empty($this->session->flashdata('message'))))
{
    echo '<div class="alert">'.$this->session->flashdata('message').'</div>';    
}  

Link to comment
Share on other sites

The flashdata code that is in the roster controller should actually be $this->session->set_flashdata(...

 

But somewhere in my code after it leaves the logout page and goes to login it doesn't display the flashdata message. And doesn't even create the div for it.

Link to comment
Share on other sites

OK.. I think you just answered your own question there. Which would be: No, obviously not if you get an error.

 

Speaking of said question, you really shouldn't hide it in a middle of a block of text like that, and use proper punctuation to signal that it is indeed a question and not just a statement. I missed it on my first two reads, even though I notice that you said you had a question I couldn't figure out what it was at first.

 

Now, if you actually want someone to help you figure out the problem (which I suspect, and not just a confirmation on that you're doing something wrong), then you need to post the relevant code. The above is a nice preamble, but it does not show the really important part.

Link to comment
Share on other sites

The purpose of this code is to check the set value of the user?s status id to verify if they are even activated, banned, suspended, or deleted. I just happen to take checks to the extreme. I know if they are viewing the page they are on in my control panel they shouldn?t have been able to get to this point but they are just extra checks but that?s how I prefer to do things. My question is that am I performing these tasks correctly with in reference to the session flashdata and the redirect. What I?m wanting to do is say they have the proper credentials to view the page content but I go in and say delete their account. If they go to a different page with the same sort of if statements that it goes to the logout page and logs their session out and then also after it visits the logout page it redirects to the login page which I have already on that logout page but that on the login page if the flash data is set then it views it.

 

Punctuation, please use it.  I have no patience to try to read this six times just to get the idea of what you want to do.  Please separate important pieces of info onto new lines, nobody will get mad.

 

In your roster controller, why are you incrementing $x ??

 

Your error, however, is that you're destroying the session for no reason.  This means you've lost track of the current user, which means CI will generate a new one, with a new ID.  Guess what's in that? Plus, guests get sessions, too, ya know?!  Instead of killing the session (with your all-so-important message in it), just blank the details that keep your user logged in and kill the cookie.

 

Tips:

[*] User a master model to manipulate and validate the session

[*] Don't use arrays to set_userdata, it's already an array that accepts $key, $value pairs:

$this->session->set_userdata('name', 'Mahngiel');

echo $this->session->userdata('name');

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.