Я использую собственный сеанс php для защиты сайта / assets / kcfinder / browse. php на kcfinder ... потому что kcfinder не может читать сеансы из созданного мной codeigniter ... Кто-нибудь может мне помочь, пожалуйста ...
=> Моя форма
<form method="POST" action="<?= base_url('Authentication/login'); ?>">
<div class="form-group row">
<label for="staticEmail" class="col-sm-2 col-form-label">Email</label>
<div class="col-sm-10">
<input type="email" class="form-control" name="email" id="staticEmail" placeholder="email@example.com">
</div>
</div>
<div class="form-group row">
<label for="inputPassword" class="col-sm-2 col-form-label">Password</label>
<div class="col-sm-10">
<input type="password" class="form-control" name="password" id="inputPassword" placeholder="******">
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
<button type="submit" class="btn btn-primary">Login</button>
</div>
</form>
=> Аутентификация. php (Контроллер)
<?php
defined('BASEPATH') or exit('No direct script access allowed');
class Authentication extends CI_Controller
{
function __construct()
{
parent::__construct();
// load libary native session
$this->load->library('Nativesession', 'nativesession');
}
function index()
{
// $this->load->view('login_view');
}
public function login()
{
$this->form_validation->set_rules(
'email',
'Email',
'required|trim|valid_email|xss_clean',
['required' => 'Email Harus Di isi', 'valid_email' => 'Harus email yang valid']
);
$this->form_validation->set_rules(
'password',
'Password',
'trim|required|xss_clean',
['required' => 'Password Harus Di isi']
);
if ($this->form_validation->run() == false) {
$data['judul'] = 'Selamat Datang';
$this->session->set_flashdata(
'pesan',
'<div class="alert alert-warning fixed alert-dismissible fade show fixed" role="alert">
authentication Failed !
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>'
);
$this->load->view('Home/Template/header', $data);
$this->load->view('Home/index', $data);
$this->load->view('Home/Template/footer');
} else {
//Jiko Lolos Validasi buat private function
$this->_login();
}
}
private function _login()
{
$email = $this->input->post('email', TRUE);
$password = $this->input->post('password', TRUE);
//perintah select dari tabel user where email = email inputan
$user = $this->db->get_where('user', ['email' => $email])->row_array();
// var_dump($user);
// die;
if ($email == $user['email']) {
// set native session jika username benar
if (password_verify($password, $user['password'])) {
$this->nativesession->set('status', 'loggedin');
var_dump($this->nativesession->set('status', 'loggedin'));
die;
} else {
$this->session->set_flashdata(
'pesan',
'<div class="alert alert-danger fixed alert-dismissible fade show fixed" role="alert">
Wrong Password !
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>'
);
redirect(base_url());
}
// redirect ke halaman blog
// redirect('blog');
} else {
$this->session->set_flashdata(
'pesan',
'<div class="alert alert-info fixed alert-dismissible fade show fixed" role="alert">
Account Not Found !
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>'
);
// redirect ke login jika username salah
redirect(base_url());
}
}
function logout()
{
$this->nativesession->delete('status');
redirect(base_url());
}
}
=> Собственная сессия. php ( Библиотеки)
<?php
if (!defined('BASEPATH')) exit('No direct script access allowed');
class Nativesession
{
public function __construct()
{
session_start();
}
// function untuk meng-set session
public function set($key, $value)
{
$_SESSION[$key] = $value;
}
// function untuk memanggil session
public function get($key)
{
return isset($_SESSION[$key]) ? $_SESSION[$key] : null;
}
// function untuk menghapus session
public function delete($key)
{
unset($_SESSION[$key]);
}
}
Я вызвал сеанс по адресу /assets/kcfinder/config.php
if(isset($_SESSION['status']) == 'loggedin'){
$status = false;
}else{
$status = true;
}