CodeIgniter: checking if user logged in for multiple pages

You can run code in every method of a Controller by running it in the __construct() method:

function __construct()
{
    parent::__construct();
    if ( ! $this->session->userdata('logged_in'))
    { 
        // Allow some methods?
        $allowed = array(
            'some_method_in_this_controller',
            'other_method_in_this_controller',
        );
        if ( ! in_array($this->router->fetch_method(), $allowed)
        {
            redirect('login');
        }
    }
}

You can remove the “allowed” bits if you want to restrict access to the whole thing, but there are better ways to do this, like creating a base controller:

 

// Create file application/core/MY_Controller.php
class Auth_Controller extends CI_Controller {

    function __construct()
    {
        parent::__construct();
        if ( ! $this->session->userdata('logged_in'))
        { 
            redirect('login');
        }
    }
}

Then have your restricted controllers extend Auth_Controller instead of CI_Controller. Now your code will be run every time the controller is loaded.

CodeIgniter Outline

1 Introduction
2 Installing Codeigniter
3 Refer the Codeigniter User Guide Text Preview

SECTION 2: BASIC CONCEPTS
4 Theory behind Codeigniter – MVC
5 Routing Basics

SECTION 3: CODEIGNITER BASICS
6 Controllers
7 Views
8 Models
9 Helpers
10 Libraries
11 Using Static Files

SECTION 4: USING THE DATABASE
12 Introduction to Databases Text
13 Connecting
14 With SQL
15 With Active Records

SECTION 5: MINI PROJECT
16 Introduction
17 Creating the Database
18 Creating the base template
19 Adding a Blog Post
20 Loading all the posts
21 Loading a Single Post
22 Delete Post Functionality
23 Recap + Exercise
24 Source Code with Database SQL 2.19 MB

SECTION 6: SECURITY
25 XSS Prevention
26 SQL Injection Prevention
27 Hiding PHP Errors
28 Form Validation Text
29 CSRF Prevention

SECTION 7: CONFIGURATION
30 Config Files
31 Autoloading
32 Remove index.php
33 Change Application Folder
34 Advanced URL Routing

SECTION 8: EXTEND CODEIGNITER
35 Creating a library
36 Extend a library
37 Adding a helper
38 Extend a helper
39 Extending Core Classes

CodeIgniter Installation Instructions

CodeIgniter is installed in four steps:

  1. Unzip the package.
  2. Upload the CodeIgniter folders and files to your server. Normally the index.php file will be at your root.
  3. Open the application/config/config.php file with a text editor and set your base URL. If you intend to use encryption or sessions, set your encryption key.
  4. If you intend to use a database, open the application/config/database.php file with a text editor and set your database settings.

If you wish to increase security by hiding the location of your CodeIgniter files you can rename the system and application folders to something more private. If you do rename them, you must open your main index.php file and set the $system_folder and $application_folder variables at the top of the file with the new name you’ve chosen.

For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible via a browser. By default, .htaccess files are included in each folder to help prevent direct access, but it is best to remove them from public access entirely in case the web server configuration changes or doesn’t abide by the .htaccess.

After moving them, open your main index.php file and set the $system_folder and $application_folder variables, preferably with a full path, e.g. ‘/www/MyUser/system’.