Mutsop
asked on
opinion on how my script is programmed (codeigniter)
Hi,
I need your opinion on:
if my script is well programmed. It is made in codeigniter.
Before I continue, sorry for this long post.
As I previously stated in another post I'm just a rookie.
So I wanted to ask you guys what you think of my application so far.
Is it well written? How about the placement of the files/code?
What would you do?
The following code has the basics ofhttp://www.phpandstuff.com/articles/codeigniter-doctrine-from-scratch-day-1-install-and-setup
Oke so lets get started:
My application is a start of a cms system: Simple admin login and forgot password. When you forgot the password, a random new password will be emailed.
Login screen:
authenticate function in the login controller:
Instead of duplicating the Current_User::login() model function, I kept the same code and added a user level check.
fyi in the user model I added
And now for the diffcult part...
Forgot Password:
forgot_password and _send_password from the forgot_password controller:
current_user model (partial):
user model (partial):
Now I'm kind of lost, if this is well programmed or not?. What do you think? Any opinion is appreciated :)
Kind regards
I need your opinion on:
if my script is well programmed. It is made in codeigniter.
Before I continue, sorry for this long post.
As I previously stated in another post I'm just a rookie.
So I wanted to ask you guys what you think of my application so far.
Is it well written? How about the placement of the files/code?
What would you do?
The following code has the basics ofhttp://www.phpandstuff.com/articles/codeigniter-doctrine-from-scratch-day-1-install-and-setup
Oke so lets get started:
My application is a start of a cms system: Simple admin login and forgot password. When you forgot the password, a random new password will be emailed.
Login screen:
I created a table user for both the admins and users... I make the difference using a "user level" - 1 being the admin, 2 or above the normal users.
- When the form is being submit, the "submit" function is being called.
- In the submit function we have a "_submit_validate" function with form validations
- In the "_submit_validate" function we have a callback to authenticate
authenticate function in the login controller:
public function authenticate() {
$isAuthenticated = Current_User::login($this->input->post('username'),
$this->input->post('password'));
$isAdmin = Current_User::user()->ulevel;
if ($isAuthenticated == TRUE && $isAdmin == 1) {
return TRUE;
}
return FALSE;
}
Instead of duplicating the Current_User::login() model function, I kept the same code and added a user level check.
fyi in the user model I added
$this->hasColumn('ulevel', 'integer', 5);
in the setTableDefinition function.And now for the diffcult part...
Forgot Password:
I have a simple form with one email imputbox and a submit button.
- When the form is being submit, the "submit" function is being called.
- In the submit function we have a "_submit_validate" function with form validations
- In the "_submit_validate" function we have a callback to forgot_password
forgot_password and _send_password from the forgot_password controller:
public function forgot_password() {
$pass = Current_User::forgot_password($this->input->post('email'));
$this->_send_password($pass, $this->input->post('email'));
}
private function _send_password($pass, $email) {
$this->load->library('email');
$this->email->from('admin@aptest.com', 'apTest');
$this->email->to($email);
$this->email->subject('Reset Password - apTest');
$this->email->message('Here is your new password: ' & $pass);
$this->email->send();
}
current_user model (partial):
public static function forgot_password($email) {
if ($u = Doctrine::getTable('User')->findOneByEmail($email)) {
$newPassword = Current_User::user()->reset_password();
$u->password = $newPassword;
$u->save();
return $newPassword;
}
return FALSE;
}
user model (partial):
public function Reset_Password() {
return $newPassword = random_string('numeric', 16);
}
Now I'm kind of lost, if this is well programmed or not?. What do you think? Any opinion is appreciated :)
Kind regards
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes that is what I mean.
ASKER
So you mean splitting the authentication part and checking for if that authenticated member has the rights to view a certain page (like an admin level)?
@darren-w-:
I do indeed need to refactor most of the script, problem is I don't quite know how and what should be script apart.