Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>I use a method similar to the method described by Herman Radtke in his blog at <a href="http://www.hermanradtke.com/blog/more-reliable-authentication-in-zend-framework/" rel="nofollow">http://www.hermanradtke.com/blog/more-reliable-authentication-in-zend-framework/</a>. Basically create a controller plugin as farzad mentioned:</p> <pre><code>class My_Authentication extends Zend_Controller_Plugin_Abstract { private $_whitelist; public function __construct() { $this-&gt;_whitelist = array( 'index/login' ); } public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = strtolower($request-&gt;getControllerName()); $action = strtolower($request-&gt;getActionName()); $route = $controller . '/' . $action; if (in_array($route, $this-&gt;_whitelist)) { return; } $auth = Zend_Auth::getInstance(); if ($auth-&gt;hasIdentity()) { return; } self::setDispatched(false); // handle unauthorized request... } } </code></pre> <p>and then register that plugin in your bootstrap:</p> <pre><code>public function run() { $front-&gt;registerPlugin(new My_Authentication()); } </code></pre> <p>I generally take this approach a little farther and integrate the Zend_Acl into the system as well. To do that I would define the plugin below:</p> <p>class My_Acl_Authentication extends Zend_Controller_Plugin_Abstract {</p> <pre><code> private $_acl; public function __construct($acl) { $this-&gt;_acl = $acl } public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = strtolower($request-&gt;getControllerName()); $action = strtolower($request-&gt;getActionName()); $route = $controller . '/' . $action; if (in_array($route, $this-&gt;_whitelist)) { return; } $auth = Zend_Auth::getInstance(); $role = 'anonymous'; if ($auth-&gt;hasIdentity()) { $role = $auth-&gt;getStorage-&gt;read()-&gt;role; } if ($this-&gt;_acl-&gt;isAllowed($role, $route)) { return; } self::setDispatched(false); // handle unauthorized request... } } </code></pre> <p>If you go this route there is some more work to be done, specifically you have to setup the ACL and then you also have to store the user's role in the auth storage.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload