Developing a Website with CodeIgniter Part 4: Admin Site CRUD
Posted on 30. Jan, 2010 by Shawn McCool in Database, PHP, Screencasts, Web Development
This screencast continues a series with the goal of documenting the development of a functionally complete site using PHP with the CodeIgniter framework and jQuery for JavaScript UI Improvements including AJAX interactions.
This video covers the development of an admin user management system (CRUD) and includes updates to the authentication system including a method that is used allow only admins into specific sections of the site.
Related Posts
- Developing a Website with CodeIgniter Part 3: The Login Process
- Developing a Website with CodeIgniter Part 1: Development Environment and Framework Configuration
- Developing a Website with CodeIgniter Part 2: Users Database Table and the User Model
- Understand the Structure of CodeIgniter
Share this Post
Show Your Appreciation
If you'd like to express your appreciation for the work I've done why not buy me a coffee?Click here to donate $3 to my caffeine fund.
Nice to see a followup of this great tutorials.
I appreciate your work a lot.
Shawn, seriusly this tutorial is superb.
I was visiting your site like 10+ times a day waiting to find a new screen cast.
I have learnt a lot watching you coding.
I’m really grateful for your hard work, and all the dedication you put on your tutorials.
Thank you.
Sorry, my English is very poor (thanks google translator), but I’ve seen all the videos of course and I think it is a magnificent work. Thank you very much for sharing your knowledge.
I am average user of CodeIgniter and your techniques seem very good, especially the modularity of the code.
I am developing a backend for my work and all this stuff is great, I follow your steps with some adjustments to my database.
I look forward to more video.
Congratulations, and thanks again.
Hello again.
I find some “issues” in this implementation, but perhaps the solution is in the next video.
Problem 1: A deleted or inactive user can enter the system
Problem 2: We have two users with the same email, even the same password, this collision is not controlled?
Problem 3: Is there a way to “limit” downtime on the backend and bind to logout if time is too long
Thanks for answering these questions.
@Juan
1) We’ll be updating the login system a bit in the next screencast. There was a bit of time between the previous screencasts and the 4th and some of my methodologies have changed since. We’re going to bring it all current in part 5. It’ll be a shorter video and will be completed sooner.
2) Usually, yes. That’s exactly what you’d want to do. That’s one of many bits of functionality that I haven’t had a chance to include yet. I’ll go ahead and include that in the next screencast. Thanks for bringing it up.
3) If I understand your question correctly, the proper way to do this would be to edit the session configuration in the config.php file. Once the session times out, so does the user. Is that what you’re asking?
Thanks for the replies, I look forward to next video to continue with my development using your methodology.
With regard to Question 3:
In the config.php can indicate how long the session is valid. If such registers 60 (seconds) after which time the system is going to do a logout automatically, whether or not I am working with the application, no?
I currently have these values set (default)
$ config [ 'sess_expiration'] = 7200;
$ config [ 'sess_time_to_update'] = 300;
What I mean is: when someone connects to the application wants to do a logout automatically if you stop using it for xx minutes (for example, if you leave your computer alone) as a security measure.
In other developments do the following:
1 .- In a session variable keep the time and date
2 .- When a page is loaded (for example, in the constructor) check the date and time of the session variable with date and time system
3 .- If the difference is greater than xx minutes, I make a logout automatically.
4 .- If deference is lower, then update the session variable with date and time
Is that a correct method? or are other methods more “clean” and professionals.
thank you very much for responding.
@Juan
Are you trying to make it so that each individual user has a different longout time?
Not at all. If everyone has the same time session is enough for me. I just want to logout if you do not currently working in your computer (eg if they leave) as a security measure.
As I said in previous post, in config.php, if I put 60 seconds for the session. When you pass one minutes always make logout,’re working or not with the application. This is true, or am I wrong?
Anyway I will try again to see what happens and do not waste your time, but we’ll probe some time.
Thank you very much for your help on this topic
Oooo, I’m very sorry Shawn McCool. I just try again by changing the settings in config.php and see that it works as I desire. This we probe some time I think did not work.
Thank you very much for your directions, I’m sorry I wasted your time doing this nonsense.
I look forward to the next video. (some approximate date of publication?)
Hey Shawn, I love your tutorials.
But I noticed a error on this one, after making the pagination you can’t edit the users because it redirects you to a messed up link. I’m still trying to figure what’s wrong but just giving heads-up. (It’s a lot of code very fast so I might have made so mistake, I’ll continue to check)
Can’t wait for next part, you are awesome.
@Canha
Expect part 5 soon. I’ll be bringing the methodologies up to date and correcting any bugs that may have entered into the system. It’ll be a significantly shorter video than the previous but the resulting code will be much more clean.
Great hehe, thanks for teaching us!
Hello again Shawn!
I have a request for the next screencasts, if it’s possible to you of course:
You know when you try to access example.com/users/ (the CRUD system you know) and it redirects you to login page, when you aren’t login or don’t have permissions? Well, would be nice if you could teach us how to make it go to users page after logging in, something like /login/?nextpage=/users/ like I’ve seen in some websites, or even better if you manage!
Really looking foward to make my own game file hosting community website with the help of your tutorials and code igniter!
Sincerely,
Canha
@Canha
I’ll absolutely put that in. You can expect the next screencast soon. I’m currently exploring alternatives to Zend Studio. Once I find something that I like I’m going to record the next video. Thanks for the feedback!
@Shawn
Hey shawn, why are you “exploring alternatives” to ZS?
I use Notepad++ but recently I’ve been using NetBeans Ide 6.8
I have one request, in your tutorial (6)
can you try to include how to implement a wysiwyg editor like TinyMce for “CRUD” content from the database?
Again thankyou for sharing your kwnoledge with us.
Great tutorial….
How about a code roll up at the end of video 4? It would be helpful….
Excellent tutorial, good job congratulations continue so…
Shawn,
I am an Oracle Pl/SQL and Java developer by trade. I’ve never touched PHP or MySQL until now as a friend needed some work done for his company. I did some research into PHP frameworks, found Code Igniter and then found your site. These screencasts are absolutely fantastic and provide solid fundamentals to a new language that are essential for everyone, even for a seasoned developer like me. I look forward to the next cast and thank you for taking the time to make these, they are appreciated.
Thank you so much for this great tutorial series.
You clearly know your stuff, and you are an excellent teacher as well.
I’m psyched for the next installment!
Hi, Shawn!
This is the greatest video so far!
I noticed that, when you hit ’save changes’ for an user without changing any field, you are redirected to the users page with the database error message. That is because there are no affected rows. Can you take this in consideration before posting the 5th video?
Thanks!
really a great job!
what about the idea to put the app. files available for download as in previous one?
Thanks for the tutorials. Will you be continuing the series?
@Juul
I’ll absolutely be continuing the series.
Just wanted to take time to say thanks for taking the time to make tutorials like these. I’m doing a project based on CI for the first time and you gave me a solid place to start (coming from RoR and decent PHP background).
When payday comes, I’ll be sure to remember you. Thanks.
@Shawn
awesome tutorial, i am QA engineer but love to work in codeigniter and while exploring found this tutorial, simple great.
but there are some bugs like as erlier mentioned by Juan point 2
and one more if you look at your user_model.php method line 82 and you are passing userEmail to md5 method instead of userPassword.
but still i am anxiously waiting for screen cast 5.
have a great day.
Hi Shawn,
I enjoyed all the tutorials in this series so far. I have a couple of questions/notes:
1. When a logged-in user is deleted, the user stays logged in! An easy solution to this is checking upon each page load that the userId (stored in session data) still points to a valid user in the database, but what’s the best way to do this with CodeIgniter? (Wouldn’t it be better to only store the ID in session anyway, instead of all the user’s data, in case the database changes between page loads?)
2. I tried adding a “Confirm” field to the Edit User view, but form validation doesn’t quite work on it. I can’t use the “required” rule on the field, because changing the password is optional; but if “required” is not set, then the form validation class ignores the “matches[password]” rule if the Confirm field is blank. Do you have any suggestions on how to work around this?
3. Are there any best practices for moving all English text out of the controller and model code and into views or even separate files? I’m particularly thinking of the flash messages here; on my site, I simply set a different key for each flash message, but this is quickly getting messy.
Thanks for your quality work.
Henry Merriam
Heh… Hi again, Shawn.
I worked some of the above-mentioned issues myself and made some progress.
1. I created a new library (user_auth) and set it to autoload. The constructor checks if a user ID is stored in session, and if it is, it checks it with the user model for a valid user. If there is one, it sets a class variable with an object reference to the user; if there isn’t, it clears the ID in session and sets the class variable to NULL. The class only considers a user valid if its status is “active”, so it’s not possible for an active session to remain logged in if the user is deleted.
2. My “solution” was to simply remove the Confirm field, but I’d love a better way. I was thinking of overriding the form validation class, but what I’d need to change is buried pretty far in there. Maybe a clever callback could do it?
3. Language class. Duh. My assignment of flash messages and displaying them is quite elegant now.
Henry Merriam
Hi Shawn,
I have been following along with your tutorials, and have run into a strange issue. When I load the login form it is not rendering the actual form fields. If I view source it’s as if the source code is passing right through without being processed by php. I thought maybe it was just a typo on my part, but after downloading your code I get the same thing. Is this an issue with my CI installation perhaps?
Thanks
Chris
Hello Again,
I resolved the issue from my previous post. I just had to set short_open_tag = On in the php.ini. This was not the default in XAMPP apparantly.
Thanks Again
Chris
@Chris
That’s right, PHP is moving away from short tags as default, and there’s a fairly good reason for it. You might use < ?php echo form_input()?> instead.
Hi Shaun thank you for the casts. Is there a screen cast 5. As mentioned earlier.
Hi!
Thank you for these great tutorials! I’ve learned many things from you! Keep up the good work mate