Hmm what is the best practice then to allow default everything? i
basically only need a login for the admin.
On Apr 20, 2:19 am, Joel Perras <[EMAIL PROTECTED]> wrote:
> By allowing all actions by default in your AppController, you
> effectively break theAuthcomponent, since it freaks out when you
> allow the login() function in your Users controller. I'd bet a shiny
> penny that this is at least part of your problem.
>
> -J.
>
> On Apr 19, 4:46 pm, Mech7 <[EMAIL PROTECTED]> wrote:
>
> > Yes but it's pretty much baiscauthsetup which i found on some of the
> > blogs. First it redirected always to the favicon.ico because i used a
> > base tag and just loaded the file as relative path. Without $this->webroot;
> > But the paths from outside the js it's not so easy to
>
> > configure especially if the app is in a subdirectory. So im wondering
> > if there is anyway around it.
>
> > One thing that is strange however is that this only happens in IE or
> > Safari. Opera and Firefox do not seem to be affected.
>
> > AppController
> > -------------------------------
> > /**
>
> > * Function to setup certain stuff before cotnroller logic is called
>
> > *
>
> > */
> > public function beforeFilter()
> > {
> > // Set the folder for default theme
> > $this->theme = 'default';
>
> > // Setup authentication
>
> > $this->Auth->authorize = 'controller';
>
> > $this->Auth->userScope = array('User.active' => 1); //user
> > needs to
> > be active.
>
> > $this->Auth->loginAction = array('controller' => 'users',
> > 'action'
> > => 'login');
>
> > $this->Auth->loginRedirect = array('controller' => 'pages',
> > 'display' => 'home');
>
> > $this->Auth->logoutRedirect = '/';
>
> > $this->Auth->allow("*");
>
> > if (isset($this->params['admin'])
>
> > OR isset($this->params['url']['url'])
>
> > AND $this->params['url']['url'] == 'admin'
>
> > OR isset($this->params['url']['url'])
>
> > AND $this->params['url']['url'] == 'admin/') {
>
> > $this->Auth->loginAction = array('admin' => true,
> > 'controller' =>
> > 'users', 'action' => 'login');
> > // Set the default layout
> > $this->layout = 'admin_default';
>
> > // Deny everything in the admin
>
> > $this->Auth->deny("*");
>
> > } else {
> > $this->layout = 'default';
> > }
>
> > }
>
> > /**
>
> > * Ensure user is authorized.
>
> > *
>
> > * In its purest form, this function MUST be present and return
> > true.
> > It works sort of like a prevalidation for additional criteria.
>
> > * I've done a little extra to make sure the user with admin routing
> > is the admin:
>
> > * If using admin route, ensure user is admin (group_id ==1). If
> > not,
> > don't authorize.
>
> > * @access public
>
> > */
>
> > function isAuthorized() {
>
> > if (isset($this->params[Configure::read('Routing.admin')]))
> > {
>
> > // Usage: $this->Auth->user('field_in_user_model');
>
> > if ($this->Auth->user('group_id') != 1) {
>
> > return false;
>
> > }
>
> > }
>
> > return true;
>
> > }
>
> > }
>
> > Layout
> > -----------------------
> > <script type="text/javascript" src="<?php echo $this->webroot;
> > ?>sifr/js/sifr.js"></script>
>
> > <script type="text/javascript" src="<?php echo $this->webroot;
> > ?>sifr/js/sifr-config.js"></script>
>
> > <script type="text/javascript" src="<?php echo $this->webroot; ?
>
> > >sifr/js/sifr-debug.js"></script>
>
> >sifr-config.js
> > ------------------------------
> > var tw_cent = {
> > src: 'sifr/tw_cen_mt.swf',
> > ratios:
> > [6,1.41,9,1.35,15,1.29,21,1.25,22,1.22,27,1.24,29,1.21,34,1.22,41,1.21,45,1
> > .2,46,1.21,59,1.2,68,1.19,69,1.2,96,1.19,97,1.18,102,1.19,103,1.18,107,1.19
> > ,108,1.18,112,1.19,114,1.18,116,1.19,120,1.18,121,1.19,1.18]
> > };
>
> > var myriad = {
> > src: 'sifr/myriad_pro.swf',
> > ratios:
> > [6,1.41,9,1.35,15,1.29,21,1.25,22,1.22,27,1.24,29,1.21,34,1.22,41,1.21,45,1
> > .2,46,1.21,59,1.2,68,1.19,69,1.2,96,1.19,97,1.18,102,1.19,103,1.18,107,1.19
> > ,108,1.18,112,1.19,114,1.18,116,1.19,120,1.18,121,1.19,1.18]};
>
> > //sIFR.domains = ['novemberborn.net'] // Don't check for domains in
> > this demo
> >sIFR.useStyleCheck = true;
> >sIFR.activate(tw_cent, myriad);
>
> >sIFR.replace(tw_cent, {
> > selector: 'h1',
> > css: [
> > '.sIFR-root { text-align: left; font-weight: normal; color:
> > #701d0c; font-size:40px; background-color: #EAEAEA;}'
> > ,'a { text-decoration: none; }'
> > ,'a:link { color: #000000; }'
> > ,'a:hover { color: #650b02; }'
> > ],
> > wmode: 'transparent'
>
> > });
>
> >sIFR.replace(tw_cent, {
> > selector: 'h2',
> > css: [
> > '.sIFR-root { text-align: left; font-weight: normal; color:
> > #252525; font-size:25px; background-color:#CFC7C5;}'
> > ,'a { text-decoration: none; }'
> > ,'a:link { color: #000000; }'
> > ,'a:hover { color: #650b02; }'
> > ],
> > wmode: 'transparent'
>
> > });
>
> > On Apr 19, 6:32 pm, simonb <[EMAIL PROTECTED]> wrote:
>
> > > On Apr 19, 5:03 pm, Mech7 <[EMAIL PROTECTED]> wrote:
>
> > > > I am usingsifr, and some other javascripts which call othr files but
> > > > then the login does not work anymore correctly for example it goes to:
>
> > > >http://localhost/scms/admin/users/sifr/myriad_pro.swf
>
> > > > Does anybody know a proper way to fix this, instead of changeing the
> > > > paths in the javascript files ?
>
> > > Do you have any code?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
