Jump to content
Kirasiris

CodeIgniter - Blocking access to admin pages

Recommended Posts

The thing is that I never created a login page, or anything like that.

So my website is completely done, is finally ready to be published, but the only thing that I need now, is the blocking of the admin pages to the public.

I have a controller called Admin in which I have all the function and pages of "admin" , here is my controller.(all ths needs to be blocked)

<?php
class Admin extends CI_Controller {


public function __construct()
{
parent::__construct();
$this->load->model('about_model');
$this->load->model('blog_model');
$this->load->model('categorias_model');
$this->load->model('cookies_model');
$this->load->model('news_model');
$this->load->model('portfolio_model');
$this->load->model('privacy_model');
$this->load->model('terms_model');
$this->load->model('skills_model');
$this->load->model('profesion_model');
$this->load->model('slider_model');
$this->load->library('pagination');


}


public function index(){

$data['title'] = 'Admin Panel';
// Siempre poner minusculas al poner nombre de un model //
$data['blog'] = $this->blog_model->get_blog();
$data['portfolio'] = $this->portfolio_model->get_portfolio();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/dashboard',$data);
$this->load->view('templates/footer', $data);
}
//// Paginas de administracion /// 

public function sliders(){

$data['title'] = 'Sliders';
$data['slider'] = $this->slider_model->get_slider();

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/sliders',$data);
$this->load->view('templates/footer', $data);



} 

public function posts(){

$data['title'] = 'Posts';
$data['blog'] = $this->blog_model->get_blog();

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/posts',$data);
$this->load->view('templates/footer', $data);



} 

public function portfolio(){

$data['title'] = 'Portfolio';
// Siempre poner minusculas al poner nombre de un model //
$data['portfolio'] = $this->portfolio_model->get_portfolio();



$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/portfolio',$data);
$this->load->view('templates/footer', $data);
}

///// Estas paginas requieren de la funcion __construc que etsa localizada abajo, si se llegase a borrar, estas, dejaran de funcionar y/o mostrar informacion de la database
public function categorias(){

$data['title'] = 'Categorias';
// Siempre poner minusculas al poner nombre de un model //
$data['categorias'] = $this->categorias_model->get_categorias();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/categorias',$data);
$this->load->view('templates/footer', $data);
}


public function paginas(){

$data['title'] = 'Paginas';
// Siempre poner minusculas al poner nombre de un model //
$data['about'] = $this->about_model->get_about();
$data['cookies'] = $this->cookies_model->get_cookies();
$data['home'] = $this->news_model->get_home();
$data['privacy'] = $this->privacy_model->get_privacy();
$data['terms'] = $this->terms_model->get_terms();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/paginas',$data);
$this->load->view('templates/footer', $data);
}


public function skills(){

$data['title'] = 'Skills';
// Siempre poner minusculas al poner nombre de un model //
$data['skills'] = $this->skills_model->get_skills();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/skills',$data);
$this->load->view('templates/footer', $data);
}


public function profesion(){

$data['title'] = 'Profesion';
// Siempre poner minusculas al poner nombre de un model //
$data['profesionalismo'] = $this->profesion_model->get_profesion();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/profesion',$data);
$this->load->view('templates/footer', $data);
}




///////////////////////////////////////////////////////////////////////////////////////////////////////////// Slider ///////////////////////////////////////////////////////////////////////////////////////////////////////////////

// Crear slider ///
public function crearslider(){
$data['title'] = 'Crear Slider';



$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('imagen','Imagen', 'required');
$this->form_validation->set_rules('descripcion','Descripcion', 'required');
$this->form_validation->set_rules('link','link', 'required');

if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearslider',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->slider_model->crearslider();
redirect('admin/sliders');
}
}

// Borrar slider //
public function borrarslider($id){
$this->slider_model->borrarslider($id);
redirect('admin/sliders');
}

// Editar slider //
public function editarslider($slug){
$data['slider']=$this->slider_model->get_slider($slug);

if(empty($data['slider'])){
show_404();
}
$data['title']='Editar slider';

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarslider',$data);
$this->load->view('templates/footer', $data);
}

// Actualizar slider //
public function actualizarslider(){
$this->slider_model->actualizarslider();
redirect('admin/sliders'); 
}

///////////////////////////////////////////////////////////////////////////////////////////////////////////// BLOG ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// 

// Crear Post ///
public function crearpost(){
$data['title'] = 'Crear Post';
$data['categorias'] = $this->categorias_model->get_categorias();


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('fecha','Fecha', 'required');
$this->form_validation->set_rules('imagen','Imagen', 'required');
$this->form_validation->set_rules('categoria_id','Categoria', 'required');
$this->form_validation->set_rules('contenido','Contenido', 'required');

if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearpost',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->blog_model->crear_post();
redirect('admin/posts');
}
}

// Borrar post //
public function borrar($id){
$this->blog_model->delete_post($id);
redirect('admin/posts');
}

// Editar Post //
public function editarpost($slug){
$data['blog']=$this->blog_model->get_blog($slug);
$data['categorias'] = $this->categorias_model->get_categorias();

if(empty($data['blog'])){
show_404();
}
$data['title']='Editar Post';



$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpost',$data);
$this->load->view('templates/footer', $data);
}

// Actualizar Post //
public function actualizarpost(){
$this->blog_model->update_post();
redirect('admin/posts'); 
}


////////////////////////////////////////////////////////////////////////// Portfolio ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////




// Crear Portfolio ///
public function crearportfolio(){
$data['title'] = 'Crear Portfolio';


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('fecha','Fecha', 'required');
$this->form_validation->set_rules('imagen','Imagen', 'required');
$this->form_validation->set_rules('thumbnail','Thumbnail', 'required');
$this->form_validation->set_rules('categoria_id','Categoria', 'required');
$this->form_validation->set_rules('descripcion','Descripcion', 'required');
$this->form_validation->set_rules('contenido','Contenido', 'required');
$this->form_validation->set_rules('changelog','Changelog');
$this->form_validation->set_rules('precio','Precio', 'required');
$this->form_validation->set_rules('preview','Preview', 'required');
$this->form_validation->set_rules('download','Download', 'required');

if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearportfolio',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->portfolio_model->crear_post();
redirect('admin/portfolio');
}
}

// Borrar portfolio //
public function delete($id){
$this->portfolio_model->delete_post($id);
redirect('admin/portfolio');
}


// Editar Portfolio //
public function editarportfolio($slug){
$data['portfolio']=$this->portfolio_model->get_portfolio($slug);


if(empty($data['portfolio'])){
show_404();
}
$data['title']='Editar Portfolio';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarportfolio',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar Portfolio //
public function actualizarportfolio(){
$this->portfolio_model->update_post();
redirect('admin/portfolio'); 
}


/////////////////////////////////////////////////////////////////////////////////// Categorias /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Crear categorias ///
public function crearcategory(){
$data['title'] = 'Crear Categoria';
$data['categorias'] = $this->categorias_model->get_categorias();

$this->form_validation->set_rules('nombre','Titulo', 'required');
$this->form_validation->set_rules('creado_en','Fecha', 'required');



if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearcategory',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->categorias_model->crear_post();
redirect('admin/categorias');
}
}

// Borrar categorias //
public function erase($id){
$this->categorias_model->delete_post($id);
redirect('admin/categorias');
}

// Editar categoria //
public function editarcategoria($slug){
$data['categorias'] = $this->categorias_model->get_categorias($slug);

if(empty($data['categorias'])){
show_404();
}
$data['title']='Editar Categoria';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarcategoria',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar categoria //
public function actualizarcategory(){
$this->categorias_model->update_post();
redirect('admin/categorias'); 
}


//////////////////////////////////////////////////////////////// Skills ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



// Crear skill ///
public function crearskill(){
$data['title'] = 'Crear Skill';
$data['skills'] = $this->skills_model->get_skills();


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('porcentaje','Porcentaje', 'required');
$this->form_validation->set_rules('color_1','Color Primario', 'required');
$this->form_validation->set_rules('color_2','Color Secundario', 'required');


if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearskill',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->skills_model->crearskill();
redirect('admin/skills');
}
}

// Borrar skill //
public function erase_skill($id){
$this->skills_model->erase_skill($id);
redirect('admin/skills');
}

// Editar skill //
public function editarskill($slug){
$data['skills'] = $this->skills_model->get_skills($slug);

if(empty($data['skills'])){
show_404();
}
$data['title']='Editar Skill';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarskill',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar skill //
public function actualizarskills(){
$this->skills_model->update_post();
redirect('admin/skills'); 
}



//////////////////////////////////////////////////////////////// Profesionalismo ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



// Crear profesion ///
public function crearprofesion(){
$data['title'] = 'Crear Skill';
$data['profesionalismo'] = $this->profesion_model->get_profesion();


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('numero','Numero', 'required');



if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearprofesion',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->profesion_model->crearprofesion();
redirect('admin/profesion');
}
}

// Borrar profesion //
public function erase_profesion($id){
$this->profesion_model->erase_profesion($id);
redirect('admin/profesion');
}

// Editar profesion //
public function editarprofesion($slug){
$data['profesionalismo'] = $this->profesion_model->get_profesion($slug);

if(empty($data['profesionalismo'])){
show_404();
}
$data['title']='Editar Profesion';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarprofesion',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar profesion //
public function actualizarprofesion(){
$this->profesion_model->update_post();
redirect('admin/profesion'); 
}





//////////////////////////////////////////////////////////////// Editar paginas globales ///////////////////////////////////////////////////////////////////////////////////////////////////////

/// Pagina Global About
public function editarpagina_about($slug){


$data['title']='Editar Pagina About';
$data['about'] = $this->about_model->get_about($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_about',$data);
$this->load->view('templates/footer', $data);

}



/// Actualizar pagina global about ///
public function actualizarpagina_about(){
$this->about_model->update_about();
redirect('admin/paginas'); 
}

/// Pagina Global Cookies
public function editarpagina_cookies($slug){


$data['title']='Editar Pagina cookies';
$data['cookies'] = $this->cookies_model->get_cookies($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_cookies',$data);
$this->load->view('templates/footer', $data);

}



/// Actualizar pagina global cookies ///
public function actualizarpagina_cookies(){
$this->cookies_model->update_cookies();
redirect('admin/paginas'); 
}

/// Pagina Global Privacy
public function editarpagina_privacy($slug){


$data['title']='Editar Pagina Privacy';
$data['privacy'] = $this->privacy_model->get_privacy($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_privacy',$data);
$this->load->view('templates/footer', $data);

}

/// Actualizar pagina global Privacy ///
public function actualizarpagina_privacy(){
$this->privacy_model->update_privacy();
redirect('admin/paginas'); 
}


/// Pagina Global Terms
public function editarpagina_terms($slug){


$data['title']='Editar Pagina Terms';
$data['terms'] = $this->terms_model->get_terms($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_terms',$data);
$this->load->view('templates/footer', $data);

}



/// Actualizar pagina global terms ///
public function actualizarpagina_terms(){
$this->terms_model->update_terms();
redirect('admin/paginas'); 
}


}
?>

I tried to put this on my function __construct , but it still not working :/ .

        public function __construct()
        {
                parent::__construct();
$this->load->model('about_model');
$this->load->model('blog_model');
$this->load->model('categorias_model');
$this->load->model('cookies_model');
$this->load->model('news_model');
$this->load->model('portfolio_model');
$this->load->model('privacy_model');
$this->load->model('terms_model');
$this->load->model('skills_model');
$this->load->model('profesion_model');
$this->load->model('slider_model');
$this->load->library('pagination');




//// Block access to admin pages ////


       //Here you check ip allowed or not
            if (!in_array($this->input->ip_address(), array('107.208.103.39')))
            {
               // Either show 404
               show_404();
  


               // OR redirect somewhere else
               redirect('news/home');
            }






        }

is there a way to block them to the public at least with HTACCESS ?

Share this post


Link to post
Share on other sites

Authentication for CodeIgniter can be handled by a few different libraries, depending on what version of CodeIgniter you are using. If you are using 3.X, then you might try Community Auth:

 

https://community-auth.com

 

It's probably way over your head, but it works great.

 

Another popular choice is Ion Auth. I don't have experience with Ion Auth, so I can't tell you about it.

Share this post


Link to post
Share on other sites

Hey, sorry for the late answer, but I already fixed it, I just created controller/models for my user database table, and I gave permissions to users according to the status of their account.

 

Example

1:regular user

2:moderator

3:author

4:admin

 

I did something like that, but thanks for trying to help me :).

Share this post


Link to post
Share on other sites

As far as .htaccess goes, it should be fairly simple, as long as you're talking about a few specific files.

 

<Files /foo>
    deny from 1.2.3.4
</Files>
If you have multiple pages you probably need "FilesMatch" and a regexp.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.