Tuesday, September 30, 2014

How To Show Select Box as Multiple, But Disable Multiple Selection?

I needed to display:
A html <select> box as a multiple enabled or vertically expanded box (not as dropdown list). So I set select box as multiple. Then it turn outs to be like this:
<select id="myName" multiple>
    <option>A</option>
    <option>B</option>
    <option>C</option>
</select>

Problem
But how to disable multiple selection? (i.e. to allow only 1 selection)

Solution
Do not use the multiple attribute instead set the size for it. It will enable you to select just one option in the list. And it displays as multiple select or expanded box.
<select id="myName" size="3">
    <option>A</option>
    <option>B</option>
    <option>C</option>
</select>
The size attribute specifies the number of visible options in a drop-down list. If the value of the size attribute is greater than 1, but lower than the total number of options in the list, the browser will add a scroll bar to indicate that there are more options to view.

Note: If you put multiple then user can select multiple items from the list.

source: http://stackoverflow.com/a/14155833

Thursday, September 25, 2014

How To Handle PHP Notice Error?

A notice means that while your code will work as expected, it isn't written "like it should be". It's like the compiler telling you "I know what you mean here and I can do it, but you shouldn't rely on this. Please write it differently so I don't have to make assumptions".
The following code generates a notice if $n is not set.
if($n==1)
{
   //do something
}
Therefore a notice by itself doesn't mean that something bad happens most of the time. However, fixing the notices is a pretty simple task.

A solution or suggestion would be something like this:
if (!empty($n) && $n == 1)
{
    //do something
}
empty checks for existence automatically (just like calling isset before it) but it also checks to make sure your value doesn't evaluate as false with values like false, 0, or '' (empty string).

Source: http://stackoverflow.com/a/5921010

Wednesday, September 24, 2014

How To Restrict Controllers Functions Based On User Roles in Codeigniter?

To restrict logged in users from an entire controller is fairly simple in Codeigniter.

   function __construct(){
 parent::__construct();

  // to protect the controller to be accessed only by registered users
   if(!$this->session->userdata('logged_in')){
                redirect('login', 'refresh');
           }
    }

This works great. The user is not allowed access to functions or methods within the controller unless they are authenticated or registered users.

If you want to restrict controllers functions/methods based on user roles, you can do the following way:

     function __construct(){
 parent::__construct();
     
 // to protect the controller to be accessed only by registered users
  if(!$this->session->userdata('logged_in')){
                redirect('login', 'refresh');
         }

         //list of protected methods to access (for example only by admin )
  $protected_methods = array('METHOD1', 'METHOD2', 'METHOD3');

          /*$this->session->userdata('logged_in') is the array containing user information such as name, email, user role etc.*/

          if($this->session->userdata('logged_in')['user_role'] == 'role1'){
                        
              //grab the controller/method name and compare with protected methods array
              if(in_array($this->router->method, $protected_methods)){      
          redirect('login', 'refresh');    
       }
               else {
               redirect('home', 'refresh');
              }
           }

      }

How it works:
You should simply do the check in the constructor of the class that you're calling.
Firstly, check if the user is authenticated or not. If user is not an authenticated, system redirect the user to Login page.
And use $this->router->method (it gives you the real controller/method names, even if you reroute them) to see what method the user is trying to access.
Check that against an array of methods that required some specific roles to access the methods/functions.
In this example, role1 is the user that is not allowed to access protected methods 1,2 and 3.
If the user has role i.e. role1, it will redirect to login page otherwise redirect to home page.