I've created log in page for my website with Zend Framework, It works.
in Page A (www.example.com/a) , user must log in to system , and if username and password match , user goes to Page B,C,..(www.example.com/b)
but if anybody insert a link directly (www.example.com/b) ,It can see page B , without any permission, how to fix it?
You can use a plugin.
For example, you can try something like this:
In your bootstrap, add this function (to declare the plugin)
public function _initPlugins(){
$front = Zend_Controller_Front::getInstance();
$front->registerPlugin(new Application_Plugin_PRoutage());
}
with this example, in the application/plugins folder, create the PRoutage.php plugin like this:
class Application_Plugin_PRoutage extends Zend_Controller_Plugin_Abstract
{
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
if ( FALSE === Zend_Auth::getInstance()->hasIdentity())
{
// Redirection to login page
$request->setControllerName('login')
->setActionName('login')
->setDispatched(true) ;
}
}
}
I have not used Zend, but it can be done simply in Laravel using the filter 'before: auth' in route.
Route::get('b', ['before'=>'auth', function() {
//return your View here
}]);
This way before visiting page 'b' directly via URL, the system will check if user is authenticated, if not, it will display error page.
You may refer Zend_Auth API for implementation details in Zend, it will be similar:
http://framework.zend.com/manual/1.12/en/zend.auth.introduction.html http://framework.zend.com/manual/current/en/user-guide/routing-and-controllers.html