Packt+ | Advance your knowledge in tech

You're reading from Agile Web Application Development with Yii1.1 and PHP5 For PHP developers who know object-oriented programming, this book is the fast track to learning the Yii framework. It takes a step-by-step approach to building a complete real-world application ‚Äì teaching by practice rather than theory.

Product type Paperback

Published in Aug 2010

Publisher Packt

ISBN-13 9781847199584

Length 368 pages

Edition 1st Edition

Languages

PHP

Tools

Yii

Concepts

Front End Web Development

Table of Contents (19) Chapters

Agile Web Application Development with Yii 1.1 and PHP5

Credits

About the Author

About the Reviewers

Preface

1. Meet Yii FREE CHAPTER

2. Getting Started

3. The TrackStar Application

4. Iteration 1: Creating the Initial TrackStar Application

5. Iteration 2: Project CRUD

6. Iteration 3: Adding Tasks

7. Iteration 4: User Management and Authentication

8. Iteration 5: User Access Control

9. Iteration 6: Adding User Comments

10. Iteration 7: Adding an RSS Web Feed

11. Iteration 8: Making it Pretty - Design, Layout, Themes, and Internationalization(i18n)

12. Iteration 9: Modules - Adding Administration

13. Iteration 10: Production Readiness

Index

Chapter 8. Iteration 5: User Access Control

User based web applications, like our TrackStar application, typically need to control access to certain functionality based on who is making the request. When we speak of user access control, we are referring, at a high-level, to some questions the application needs to ask when requests are being made such as:

Who is making the request?
Does that user have the appropriate permission to access the requested functionality?

The answers to these questions help the application respond appropriately.

The work completed in the last iteration provides the application with the ability to answer the first question. Our implementation of basic user management extended the application user authentication process to use the database. The application now allows users to establish their own authentication credentials and validates the username and password against the database stored values upon user login. After a successful login, the application now knows exactly...