Jump to content
Kirasiris

CodeIgniter - Blocking access to admin pages

Recommended Posts

The thing is that I never created a login page, or anything like that.

So my website is completely done, is finally ready to be published, but the only thing that I need now, is the blocking of the admin pages to the public.

I have a controller called Admin in which I have all the function and pages of "admin" , here is my controller.(all ths needs to be blocked)

<?php
class Admin extends CI_Controller {


public function __construct()
{
parent::__construct();
$this->load->model('about_model');
$this->load->model('blog_model');
$this->load->model('categorias_model');
$this->load->model('cookies_model');
$this->load->model('news_model');
$this->load->model('portfolio_model');
$this->load->model('privacy_model');
$this->load->model('terms_model');
$this->load->model('skills_model');
$this->load->model('profesion_model');
$this->load->model('slider_model');
$this->load->library('pagination');


}


public function index(){

$data['title'] = 'Admin Panel';
// Siempre poner minusculas al poner nombre de un model //
$data['blog'] = $this->blog_model->get_blog();
$data['portfolio'] = $this->portfolio_model->get_portfolio();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/dashboard',$data);
$this->load->view('templates/footer', $data);
}
//// Paginas de administracion /// 

public function sliders(){

$data['title'] = 'Sliders';
$data['slider'] = $this->slider_model->get_slider();

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/sliders',$data);
$this->load->view('templates/footer', $data);



} 

public function posts(){

$data['title'] = 'Posts';
$data['blog'] = $this->blog_model->get_blog();

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/posts',$data);
$this->load->view('templates/footer', $data);



} 

public function portfolio(){

$data['title'] = 'Portfolio';
// Siempre poner minusculas al poner nombre de un model //
$data['portfolio'] = $this->portfolio_model->get_portfolio();



$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/portfolio',$data);
$this->load->view('templates/footer', $data);
}

///// Estas paginas requieren de la funcion __construc que etsa localizada abajo, si se llegase a borrar, estas, dejaran de funcionar y/o mostrar informacion de la database
public function categorias(){

$data['title'] = 'Categorias';
// Siempre poner minusculas al poner nombre de un model //
$data['categorias'] = $this->categorias_model->get_categorias();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/categorias',$data);
$this->load->view('templates/footer', $data);
}


public function paginas(){

$data['title'] = 'Paginas';
// Siempre poner minusculas al poner nombre de un model //
$data['about'] = $this->about_model->get_about();
$data['cookies'] = $this->cookies_model->get_cookies();
$data['home'] = $this->news_model->get_home();
$data['privacy'] = $this->privacy_model->get_privacy();
$data['terms'] = $this->terms_model->get_terms();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/paginas',$data);
$this->load->view('templates/footer', $data);
}


public function skills(){

$data['title'] = 'Skills';
// Siempre poner minusculas al poner nombre de un model //
$data['skills'] = $this->skills_model->get_skills();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/skills',$data);
$this->load->view('templates/footer', $data);
}


public function profesion(){

$data['title'] = 'Profesion';
// Siempre poner minusculas al poner nombre de un model //
$data['profesionalismo'] = $this->profesion_model->get_profesion();


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/profesion',$data);
$this->load->view('templates/footer', $data);
}




///////////////////////////////////////////////////////////////////////////////////////////////////////////// Slider ///////////////////////////////////////////////////////////////////////////////////////////////////////////////

// Crear slider ///
public function crearslider(){
$data['title'] = 'Crear Slider';



$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('imagen','Imagen', 'required');
$this->form_validation->set_rules('descripcion','Descripcion', 'required');
$this->form_validation->set_rules('link','link', 'required');

if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearslider',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->slider_model->crearslider();
redirect('admin/sliders');
}
}

// Borrar slider //
public function borrarslider($id){
$this->slider_model->borrarslider($id);
redirect('admin/sliders');
}

// Editar slider //
public function editarslider($slug){
$data['slider']=$this->slider_model->get_slider($slug);

if(empty($data['slider'])){
show_404();
}
$data['title']='Editar slider';

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarslider',$data);
$this->load->view('templates/footer', $data);
}

// Actualizar slider //
public function actualizarslider(){
$this->slider_model->actualizarslider();
redirect('admin/sliders'); 
}

///////////////////////////////////////////////////////////////////////////////////////////////////////////// BLOG ///////////////////////////////////////////////////////////////////////////////////////////////////////////////// 

// Crear Post ///
public function crearpost(){
$data['title'] = 'Crear Post';
$data['categorias'] = $this->categorias_model->get_categorias();


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('fecha','Fecha', 'required');
$this->form_validation->set_rules('imagen','Imagen', 'required');
$this->form_validation->set_rules('categoria_id','Categoria', 'required');
$this->form_validation->set_rules('contenido','Contenido', 'required');

if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearpost',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->blog_model->crear_post();
redirect('admin/posts');
}
}

// Borrar post //
public function borrar($id){
$this->blog_model->delete_post($id);
redirect('admin/posts');
}

// Editar Post //
public function editarpost($slug){
$data['blog']=$this->blog_model->get_blog($slug);
$data['categorias'] = $this->categorias_model->get_categorias();

if(empty($data['blog'])){
show_404();
}
$data['title']='Editar Post';



$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpost',$data);
$this->load->view('templates/footer', $data);
}

// Actualizar Post //
public function actualizarpost(){
$this->blog_model->update_post();
redirect('admin/posts'); 
}


////////////////////////////////////////////////////////////////////////// Portfolio ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////




// Crear Portfolio ///
public function crearportfolio(){
$data['title'] = 'Crear Portfolio';


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('fecha','Fecha', 'required');
$this->form_validation->set_rules('imagen','Imagen', 'required');
$this->form_validation->set_rules('thumbnail','Thumbnail', 'required');
$this->form_validation->set_rules('categoria_id','Categoria', 'required');
$this->form_validation->set_rules('descripcion','Descripcion', 'required');
$this->form_validation->set_rules('contenido','Contenido', 'required');
$this->form_validation->set_rules('changelog','Changelog');
$this->form_validation->set_rules('precio','Precio', 'required');
$this->form_validation->set_rules('preview','Preview', 'required');
$this->form_validation->set_rules('download','Download', 'required');

if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearportfolio',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->portfolio_model->crear_post();
redirect('admin/portfolio');
}
}

// Borrar portfolio //
public function delete($id){
$this->portfolio_model->delete_post($id);
redirect('admin/portfolio');
}


// Editar Portfolio //
public function editarportfolio($slug){
$data['portfolio']=$this->portfolio_model->get_portfolio($slug);


if(empty($data['portfolio'])){
show_404();
}
$data['title']='Editar Portfolio';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarportfolio',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar Portfolio //
public function actualizarportfolio(){
$this->portfolio_model->update_post();
redirect('admin/portfolio'); 
}


/////////////////////////////////////////////////////////////////////////////////// Categorias /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Crear categorias ///
public function crearcategory(){
$data['title'] = 'Crear Categoria';
$data['categorias'] = $this->categorias_model->get_categorias();

$this->form_validation->set_rules('nombre','Titulo', 'required');
$this->form_validation->set_rules('creado_en','Fecha', 'required');



if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearcategory',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->categorias_model->crear_post();
redirect('admin/categorias');
}
}

// Borrar categorias //
public function erase($id){
$this->categorias_model->delete_post($id);
redirect('admin/categorias');
}

// Editar categoria //
public function editarcategoria($slug){
$data['categorias'] = $this->categorias_model->get_categorias($slug);

if(empty($data['categorias'])){
show_404();
}
$data['title']='Editar Categoria';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarcategoria',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar categoria //
public function actualizarcategory(){
$this->categorias_model->update_post();
redirect('admin/categorias'); 
}


//////////////////////////////////////////////////////////////// Skills ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



// Crear skill ///
public function crearskill(){
$data['title'] = 'Crear Skill';
$data['skills'] = $this->skills_model->get_skills();


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('porcentaje','Porcentaje', 'required');
$this->form_validation->set_rules('color_1','Color Primario', 'required');
$this->form_validation->set_rules('color_2','Color Secundario', 'required');


if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearskill',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->skills_model->crearskill();
redirect('admin/skills');
}
}

// Borrar skill //
public function erase_skill($id){
$this->skills_model->erase_skill($id);
redirect('admin/skills');
}

// Editar skill //
public function editarskill($slug){
$data['skills'] = $this->skills_model->get_skills($slug);

if(empty($data['skills'])){
show_404();
}
$data['title']='Editar Skill';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarskill',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar skill //
public function actualizarskills(){
$this->skills_model->update_post();
redirect('admin/skills'); 
}



//////////////////////////////////////////////////////////////// Profesionalismo ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



// Crear profesion ///
public function crearprofesion(){
$data['title'] = 'Crear Skill';
$data['profesionalismo'] = $this->profesion_model->get_profesion();


$this->form_validation->set_rules('titulo','Titulo', 'required');
$this->form_validation->set_rules('numero','Numero', 'required');



if($this->form_validation->run()===FALSE){

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/crearprofesion',$data);
$this->load->view('templates/footer', $data); 

} else{
$this->profesion_model->crearprofesion();
redirect('admin/profesion');
}
}

// Borrar profesion //
public function erase_profesion($id){
$this->profesion_model->erase_profesion($id);
redirect('admin/profesion');
}

// Editar profesion //
public function editarprofesion($slug){
$data['profesionalismo'] = $this->profesion_model->get_profesion($slug);

if(empty($data['profesionalismo'])){
show_404();
}
$data['title']='Editar Profesion';


$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarprofesion',$data);
$this->load->view('templates/footer', $data);
}


// Actualizar profesion //
public function actualizarprofesion(){
$this->profesion_model->update_post();
redirect('admin/profesion'); 
}





//////////////////////////////////////////////////////////////// Editar paginas globales ///////////////////////////////////////////////////////////////////////////////////////////////////////

/// Pagina Global About
public function editarpagina_about($slug){


$data['title']='Editar Pagina About';
$data['about'] = $this->about_model->get_about($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_about',$data);
$this->load->view('templates/footer', $data);

}



/// Actualizar pagina global about ///
public function actualizarpagina_about(){
$this->about_model->update_about();
redirect('admin/paginas'); 
}

/// Pagina Global Cookies
public function editarpagina_cookies($slug){


$data['title']='Editar Pagina cookies';
$data['cookies'] = $this->cookies_model->get_cookies($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_cookies',$data);
$this->load->view('templates/footer', $data);

}



/// Actualizar pagina global cookies ///
public function actualizarpagina_cookies(){
$this->cookies_model->update_cookies();
redirect('admin/paginas'); 
}

/// Pagina Global Privacy
public function editarpagina_privacy($slug){


$data['title']='Editar Pagina Privacy';
$data['privacy'] = $this->privacy_model->get_privacy($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_privacy',$data);
$this->load->view('templates/footer', $data);

}

/// Actualizar pagina global Privacy ///
public function actualizarpagina_privacy(){
$this->privacy_model->update_privacy();
redirect('admin/paginas'); 
}


/// Pagina Global Terms
public function editarpagina_terms($slug){


$data['title']='Editar Pagina Terms';
$data['terms'] = $this->terms_model->get_terms($slug);

$this->load->view('templates/head', $data);
$this->load->view('templates/navbar', $data);
$this->load->view('admin/editarpagina_terms',$data);
$this->load->view('templates/footer', $data);

}



/// Actualizar pagina global terms ///
public function actualizarpagina_terms(){
$this->terms_model->update_terms();
redirect('admin/paginas'); 
}


}
?>

I tried to put this on my function __construct , but it still not working :/ .

        public function __construct()
        {
                parent::__construct();
$this->load->model('about_model');
$this->load->model('blog_model');
$this->load->model('categorias_model');
$this->load->model('cookies_model');
$this->load->model('news_model');
$this->load->model('portfolio_model');
$this->load->model('privacy_model');
$this->load->model('terms_model');
$this->load->model('skills_model');
$this->load->model('profesion_model');
$this->load->model('slider_model');
$this->load->library('pagination');




//// Block access to admin pages ////


       //Here you check ip allowed or not
            if (!in_array($this->input->ip_address(), array('107.208.103.39')))
            {
               // Either show 404
               show_404();
  


               // OR redirect somewhere else
               redirect('news/home');
            }






        }

is there a way to block them to the public at least with HTACCESS ?

Share this post


Link to post
Share on other sites

Authentication for CodeIgniter can be handled by a few different libraries, depending on what version of CodeIgniter you are using. If you are using 3.X, then you might try Community Auth:

 

https://community-auth.com

 

It's probably way over your head, but it works great.

 

Another popular choice is Ion Auth. I don't have experience with Ion Auth, so I can't tell you about it.

Share this post


Link to post
Share on other sites

Hey, sorry for the late answer, but I already fixed it, I just created controller/models for my user database table, and I gave permissions to users according to the status of their account.

 

Example

1:regular user

2:moderator

3:author

4:admin

 

I did something like that, but thanks for trying to help me :).

Share this post


Link to post
Share on other sites

As far as .htaccess goes, it should be fairly simple, as long as you're talking about a few specific files.

 

<Files /foo>
    deny from 1.2.3.4
</Files>
If you have multiple pages you probably need "FilesMatch" and a regexp.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.