La idea es tener un usuario y contraseña, que al momento en que validas que existe y entras, verifique que si es administrador, invitado u otro, cosa que ya esta definida en la base de datos y poner los permisos debidos, solo que me sale un error, de que la variable $acl no esta declarada etc, como puedo corregir esto? como llamó los valores que deberian ser guardados en ACL?
Aqui esta el codigo=
index.php
Código PHP:
<?php
//Error reporting
error_reporting(E_ALL | E_STRICT);
ini_set('display_errors','on');
//modify include path to include path to library
ini_set('include_path',ini_get('include_path') . PATH_SEPARATOR . '../library');
Zend_Loader::loadClass('Zend_Controller_Front');
Zend_Loader::loadClass('Zend_Config_Ini');
Zend_Loader::loadClass('Zend_Registry');
Zend_Loader::loadClass('Zend_Db');
Zend_Loader::loadClass('Zend_Db_Table');
//clase para auth
Zend_Loader::loadClass('Zend_Auth');
Zend_Loader::loadClass('Zend_Acl');
require_once ("Zend/Session.php");
Zend_Session::start();
// load configuration
$config = new Zend_Config_Ini('../application/config.ini','general');
$registry = Zend_Registry::getInstance();
$registry->set('config', $config);
// setup database
$db = Zend_Db::factory($config->db->adapter,$config->db->config->toArray());
Zend_Db_Table::setDefaultAdapter($db);
$dbAdapter = Zend_Db::factory($config->db->adapter,
$config->db->config->toArray());
Zend_Db_Table::setDefaultAdapter($dbAdapter);
Zend_Registry::set('dbAdapter', $dbAdapter);
//get the front controller instance
$front = Zend_Controller_Front::getInstance();
$front->setControllerDirectory('../application/controllers');
//$frontController->setBaseUrl('/localhost/noticias2');
$front->throwExceptions(true);
$configuracion = new Zend_Config_Ini('../application/config.ini','test');
if($configuracion->developer)
$front->throwExceptions(true); //true si quieres ver las excepeciones, false para darle tu los errores
else
$front->throwExceptions(false);
//run
$front->dispatch();
--------------------------------------------
IndexController.php
---------------
Código PHP:
<?php
class IndexController extends Zend_Controller_Action
{
function preDispatch()
{
$auth = Zend_Auth::getInstance();
if (!$auth->hasIdentity())
{
//$this->_redirect('auth/login');
$this->_redirect('index.php/auth/login');
}
}
function init()
{
$this->initView();
$this->view->baseUrl = $this->_request->getBaseUrl();
require_once('News.php');
$this->view->user = Zend_Auth::getInstance()->getIdentity();
}
function indexAction()
{
/*
//
//testing
$request = $this->getRequest();
$controllerName = $request->getControllerName();
$acl = new Zend_Acl();
if (!$acl->has($controllerName)) {
throw new Exception('Sorry, the requested controller does not exist as an ACL resource');
}
if (!$acl->isAllowed($role, $controllerName, $request->getActionName())) {
$request->setControllerName('index')
->setActionName('denied')
->setDispatched(false);
}
// */
$auth = Zend_Auth::getInstance(); //---------------------where it should go, in init? in index? i think it should go after the check for the identity in my DB, im i wrong?
if ($auth->hasIdentity()) {
//echo $auth->getIdentity()->username;
switch ($auth->getIdentity()->role_name) {
case 'administrador':
$role = 'administrador';
break;
default:
$role = 'editor';
break;
}
} else {
$role = 'guest';
}
require_once('MyAcl.php');
$acl = new MyAcl(); //deberia llevar parametros como auth? o role? como el de los ejemplos de los tutoriales? no veo el porque si
echo $this->$acl->isAllowed($role, 'delete') ? 'allowed' : 'denied'; //--------------como hago para funcionar este?? aqui?
$this->view->title = "Mis News";
$news = new News();
$this->view->newss = $news->fetchAll();
$this->render();
}
function addAction()
{
$this->view->title = "Agregar News";
if ($this->_request->isPost()) {
Zend_Loader::loadClass('Zend_Filter_StripTags');
$filter = new Zend_Filter_StripTags();
$content = $filter->filter($this->_request->getPost('content'));
$content = trim($content);
$title = trim($filter->filter($this->_request->getPost('title')));
if ($content != '' && $title != '') {
$data = array(
'title' => $title,
'content' => $content,
);
$news = new News();
$news->insert($data);
$this->_redirect('/');
return;
}
}
// set up an "empty" news
$this->view->news = new stdClass();
$this->view->news->id = null;
$this->view->news->title = '';
$this->view->news->content = '';
// additional view fields required by form
$this->view->action = 'add';
$this->view->buttonText = 'Add';
$this->render();
}
function editAction()
{ $news = new News(); //agregado no estaba en el manual
$this->view->title = "Editar News";
if ($this->_request->isPost()) {
Zend_Loader::loadClass('Zend_Filter_StripTags');
$filter = new Zend_Filter_StripTags();
$id = (int)$this->_request->getPost('id');
$content = $filter->filter($this->_request->getPost('content'));
$content = trim($content);
$title = trim($filter->filter($this->_request->getPost('title')));
if($id !== false) {
if ($content != '' && $title != '') {
$data = array(
'content' => $content,
'title' => $title,
);
$where = 'id = ' . $id;
$news->update($data, $where);
$this->_redirect('/');
return;
} else {
$this->view->news = $news->fetchRow('id='.$id);
}
}
}
else {
// news id should be $params['id']
$id = (int)$this->_request->getParam('id', 0);
if ($id > 0) {
// $this->view->news = $news->fetchRow('id='.$id);
$this->view->news = $news->fetchRow($news->select()->where('id = ?', $id));
}
}
// additional view fields required by form
$this->view->action = 'edit';
$this->view->buttonText = 'Update';
$this->render();
}
function deleteAction()
{
$this->view->title = "Delete news";
$news = new news();
if ($this->_request->isPost()) {
Zend_Loader::loadClass('Zend_Filter_Alpha');
$filter = new Zend_Filter_Alpha();
$id = (int)$this->_request->getPost('id');
$del = $filter->filter($this->_request->getPost('del'));
if ($del == 'Yes' && $id > 0) {
$where = 'id = ' . $id;
$rows_affected = $news->delete($where);
}
} else {
$id = (int)$this->_request->getParam('id');
if ($id > 0) {
// only render if we have an id and can find the news.
$this->view->news = $news->fetchRow('id='.$id);
if ($this->view->news->id > 0) {
$this->render();
return;
}
}
}
// redirect back to the news list unless we have rendered the view
$this->_redirect('/');
}
}
-----------------------------------------------------------------
MyAcl.php
---------------------------------
Código PHP:
<?php
class MyAcl extends Zend_Acl
{
public function __construct()
{
//parent::__construct();
//step by step
require_once 'Zend/Acl.php';
$acl = new Zend_Acl();
require_once 'Zend/Acl/Resource.php';
$acl->add(new Zend_Acl_Resource('index'));
$acl->add(new Zend_Acl_Resource('login'));
$acl->add(new Zend_Acl_Resource('view'));
$acl->add(new Zend_Acl_Resource('add'));
$acl->add(new Zend_Acl_Resource('edit'));
$acl->add(new Zend_Acl_Resource('delete'));
require_once 'Zend/Acl/Role.php';
$roleGuest = new Zend_Acl_Role('guest');
$acl->addRole($roleGuest);
$acl->addRole(new Zend_Acl_Role('editor'), $roleGuest);
$acl->addRole(new Zend_Acl_Role('administrador'));
// Guest may only view content
$acl->allow('guest', 'index',array('init', 'index'));
// Staff inherits view privilege from guest, but also needs additional privileges
$acl->allow('editor', 'index',array('edit', 'add'));
$acl->deny('editor', 'index',array('delete'));
// Administrator inherits nothing, but is allowed all privileges
$acl->allow('administrador');
//echo $acl->isAllowed($role, 'delete') ? 'allowed' : 'denied';
}
}
----------------------------
all with their views and the *.htaccess enable and working
-------------
la base de datos si funciona, la hice con phpmyadmin
solo contien por el momento 3 tablas
1-comments (comentarios a las noticias)
2.-news (noticias)
3.-user (usuario)
3.1-id
3.2-username (nombre de usuario)
3.3-password
3.4-role_name
3.4.1-editor
3.4.2-administrador
---------
De antemano muchas gracias.