Bin will be removed on June 1, 2014 in favor of http://gist.github.com. Please save all your pastes before then. So long, and thanks for all the fish!×
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
class UsersController extends AppController {
 
    var $name = 'Users';
    var $helpers = array('Html', 'Form', 'Javascript' );
 
    function login()
    {
        //Don't show the error message if no data has been submitted.
        $this->set('error', false);
 
        // If a user has submitted form data:
        if (!empty($this->data))
        {
            // First, let's see if there are any users in the database
            // with the username supplied by the user using the form:
 
            $someone = $this->User->findByUsername($this->data['User']['username']);
 
            // At this point, $someone is full of user data, or its empty.
            // Let's compare the form-submitted password with the one in
            // the database.
 
            if(!empty($someone['User']['password']) && $someone['User']['password'] == md5($this->data['User']['password']))
            {
                // Note: hopefully your password in the DB is hashed,
                // so your comparison might look more like:
                // md5($this->data['User']['password']) == ...
 
                // This means they were the same. We can now build some basic
                // session information to remember this user as 'logged-in'.
 
                $this->Session->write('User', $someone['User']);
 
                // Now that we have them stored in a session, forward them on
                // to a landing page for the application.
               
                $path=$this->Session->read('returnPath');
                if (isset($path) && !empty($path) ){
                    $this->redirect($path);
                    $this->Session->del('returnPath');
                }else{
                    $this->redirect('/admin/actors/');
                }  
            }
            // Else, they supplied incorrect data:
            else
            {
                // Remember the $error var in the view? Let's set that to true:
                $this->set('error', true);
            }
        }
    }
 
    function logout()
    {
        // Redirect users to this action if they click on a Logout button.
        // All we need to do here is trash the session information:
 
        $this->Session->delete('User');
 
        // And we should probably forward them somewhere, too...
     
        $this->redirect('/');
    }
}
?>