B. Example: Simple User Authentication
B.3. Access Checking in your Application
}
?>
Not too bad: the contents of the login() action could be less than 20 lines if you were con-cise. The result of this action is either 1: the user information is entered into the session and forwarded to the landing page of the app, or 2: kicked back to the login screen and presented the login form (with an additional error message).
B.3. Access Checking in your Application
Now that we can authenticate users, let's make it so the application will kick out users who try to enter the system from points other than the login screen and the "basic" client direct-ory we detailed earlier.
One way to do this is to create a function in the AppController that will do the session checking and kicking for you.
Example B.4. /app/app_controller.php
<?php
class AppController extends Controller {
function checkSession() {
// If the session info hasn't been set...
if (!$this->Session->check('User')) {
// Force the user to login
$this->redirect('/users/login');
exit();
} } }
?>
Now you have a function you can use in any controller to make sure users aren't trying to access controller actions without logging in first. Once this is in place you can check ac-cess at any level - here are some examples:
Example B.5. Forcing authentication before all actions in a controller
<?php
class NotesController extends AppController {
// Don't want non-authenticated users looking at any of the actions
// in this controller? Use a beforeFilter to have Cake run
checkSession
// before any action logic.
function beforeFilter() {
$this->checkSession();
} }
?>
Example B.6. Forcing authentication before a single controller action
<?php
class NotesController extends AppController {
function publicNotes($clientID) {
// Public access to this action is okay...
}
function edit($noteId) {
// But you only want authenticated users to access this action.
$this->checkSession();
} }
?>
Now that you have the basics down, you might want to venture out on your own and imple-ment some advanced or customized features past what has been outlined here. Integration with Cake's ACL component might be a good first step.
C.1. Conventions, eh ?
Yes, conventions. According to thefreedictionary
[ht-tp://www.thefreedictionary.com/convention]:
• General agreement on or acceptance of certain practices or attitudes: By convention, north is at the top of most maps.
• A practice or procedure widely observed in a group, especially to facilitate social interac-tion; a custom: the convention of shaking hands.
• A widely used and accepted device or technique, as in drama, literature, or painting: the theatrical convention of the aside.
Conventions in cake are what make the magic happen, read it automagic. Needless to say by favorizing convention over configuration, Cake makes your productivity increase to a scary level without any loss to flexibility. Conventions in cake are really simple and intuitive.
They were extracted from the best practices good web developers have used throughout the years in the field of web developement.
C.2. Filenames
Filenames are underscore. As a general rule, if you have a class MyNiftyClass, then in Cake, its file should be named my_nifty_class.php.
So if you find a snippet [http://cakeforge.org/snippet/] you automatically know that:
• If it's a Controller named KissesAndHugsController, then its filename must be kisses_and_hugs_controller.php(notice _controller in the filename)
• If it's a Model named OptionValue, then its filename must be option_value.php
• If it's a Component named MyHandyComponent, then its filename must be my_handy.php(no need for _component in the filename)
• If it's a Helper named BestHelperEver, then its filename must be best_helper_ever.php
C.3. Models
• Model class names are singular.
• Model class names are Capitalized for single-word models, and UpperCamelCased for multi-word models.
• Examples: Person, Monkey, GlassDoor, LineItem, ReallyNiftyThing
• many-to-many join tables should be named:
alphabetic-ally_first_table_plural_alphabetically_second_table_plural ie: tags_users
• Model filenames use a lower-case underscored syntax.
• Examples: person.php, monkey.php, glass_door.php, line_item.php, really_nifty_thing.php
• Database tables related to models also use a lower-case underscored syntax - but they are plural.
• Examples: people, monkeys, glass_doors, line_items, really_nifty_things
Note
CakePHP naming conventions are meant to streamline code creation and make code more readable. If you find it getting in your way, you can override it.
• Model name: Setvar $namein your model definition.
• Model-related database tables: Setvar $useTablein your model definition.
C.4. Controllers
• Controller class names are plural.
• Controller class names are Capitalized for single-word controllers, and UpperCamel-Cased for multi-word controllers. Controller class names also end with 'Controller'.
• Examples: PeopleController, MonkeysController, GlassDoorsController, LineItem-sController, ReallyNiftyThingsController
• Controller file names use a lower-case underscored syntax. Controller file names also end with '_controller'. So if you have a controller class called PostsController, the control-ler file name should be posts_controlcontrol-ler.php
• Examples: people_controller.php, monkeys_controller.php,
glass_doors_controller.php, line_items_controller.php,
really_nifty_things_controller.php
• For protected member visibility, controller action names should be prepended with '-'.
• For private member visibility, controller action names should be prepended with '--'.
C.5. Views
• Views are named after actions they display.
• Name the view file after action name, in lowercase.
• Examples: PeopleController::worldPeace() expects a view in / app/views/people/world_peace.thtml; MonkeysController::banana() expects a view in/app/views/monkeys/banana.thtml.
Note
You can force an action to render a specific view by calling
$this->render('name_of_view_file_without_dot_thtml'); at the end of your action.
C.6. Helpers
• Helper classname is CamelCased and ends in "Helper", the filename is underscored.
• Example: class MyHelperHelper extends Helper is in /
app/views/helpers/my_helper.php.
Note
Include in the controller with var $helpers = array('Html','MyHelper'); in the view you can ac-cess with $myHelper->method().
C.7. Components
• Component classname is CamelCased and ends in "Component", the filename is under-scored.
• Example: class MyComponentComponent extends Object is in / app/controllers/components/my_component.php.
Note
Include in the controller with var $components = array('MyComponent'); in the controller you can access with $this->MyComponent->method().
C.8. Vendors
Vendors don't follow any convention for obvious reasons: they are thirdparty pieces of code, Cake has no control over them.