What’s the difference between Authentication and Authorization?
These two terms are quite often misunderstood. Let’s put it this way, suppose you work in a 100-story office building, each floor has different offices of other companies. You are working on the 49th Floor, cubicle number 20. Authentication is when the security personnel at the building’s front door allows you to come in. Authorization on the other hand, is when you have permission to get to your cubicle, log in to your computer and perform the tasks that you are permitted to do.
So being Authenticated does not automatically mean Authorized, but being Authorized would have to mean you are Authenticated.
Using Basic CakePHP Authentication
The first step is to include the Auth component in your controller. If you are going to use Auth for the whole site, you would want to put this in your /app/app_controller.php.
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
//Configure Auth settings
$this->Auth->loginError = "No, you fool! That's not the right password!";
$this->Auth->authError = "Please sign in.";
//$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
//$this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'login');
//$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
if($this->Auth->user()) {
//Our user is logged in.
//User data is stored in $this->Session->read('Auth');
}
}
Then in your controllers, for example users_controller.php.
function beforeFilter() {
parent::beforeFilter(); //This line inherits beforeFilter() from app_controller.php
$this->Auth->deny('*'); //Disallow access to all actions
$this->Auth->allow('register','logout'); //Allow access to register() and logout()
}
Using CakePHP Authorization
Add the following code to /app/app_controller.php beforeFilter(). Auth->authorize accepts four types, “controller”, “model”, “actions”, “crud”. See the CakePHP manual on Authorization for details.
//Auth method. If set to controller,
$this->Auth->authorize = 'controller';
If Auth->authorize is set to “controller”, you’ll need to add a method called isAuthorized() to your controller. This method allows you to do some more authentication checks and then return either true or false. In this case, we put isAuthorized() into our users_controller.php
function isAuthorized() {
if( $this->action=='index' || $this->action=='view' || $this->action=='add' || $this->action=='edit' || $this->action=='delete') {
if($this->Auth->user('group_id')==4)
return true;
}
//Redirect to error notification page
$this->Session->setFlash('Sorry, you don\'t have permission to access that page.');
$this->redirect('/');
return false;
}
Using CakePHP ACL (Access Control Lists)
This topic is a wee bit more complicated. I did not proceed using ACL because CakePHP’s Authorization was enough for my needs. ACL is a lot more flexible in granting and denying permissions. Granting and denying access to our users using ACL is quite complicated, fortunately somebody created a CakePHP ACL Management Plugin. It might still take a little while for CakePHP’s ACL to get easier to implement.
I just burned 4 hours of my time trying to figure out why CakePHP wouldn’t write cookies.
Apparently there is a known problem with using $this->Cookie->domain = ‘localhost’ , thanks to Flxr from the IRC for pointing that out.
After making a virtual domain for the site, it worked wonderfuly!
Suppose you want to get news stories from CNN.com or other news site and put the live feed on your own website, what do you do?
Fortunately RSS (Really Simple Syndication) makes it easy to share content across the ether, and these 3 easy to use PHP RSS Parser Classes makes XML and RSS parsing easier for us.
So here they are:
Last RSS
Claims “Simple yet powerful PHP RSS parser”, to which I would say it really is easy to use, but I’m not sure if it is more powerful than SimplePie (below) which can handle domain internationalization.
SimplePie
SimplePie is a very fast and easy-to-use class, written in PHP, that puts the ‘simple’ back into ‘really simple syndication’. Flexible enough to suit beginners and veterans alike, SimplePie is focused on speed, ease of use, compatibility and standards compliance.
Magpie RSS
I haven’t bothered trying Magpie for the simple reason that their web page is very simple, (I judge a product by it’s website). So if any of you have tried, let me know how it fares with the other two!
Integrating your WordPress posts into your CakePHP website is easy.
WebDevKungFu has an excellent post, just follow the step by step instruction. [...]
One of our projects required highlighting of the current navigation tab. So naturally, I googled and here’s what I found:
- http://www.alistapart.com/articles/keepingcurrent
- http://www.hicksdesign.co.uk/journal/highlighting-current-page-with-css
- http://www.websiteoptimization.com/speed/tweak/current/
However, none of them was the solution to what we exactly needed because of our file structure. We had a unique sidebar navigation include (nav.inc.php) for every subdirectory.
The ALA solution was ugly, they inserted php snippets in every <li> entry. Hicksdesign’s solution was ok, but it required coding in a unique ID on every individual page, which was not a good idea for us.
So we came up with our own solution.
Here’s what we did:
- Get the Page’s name. In this case, our URL was structured in this way, http://website.com/category1/section1/page-name
- Set IDs to each of the sidebar navigation links, to match the page names.
- Invoke javascript to set class=”selected” to the navigation link where the current page is on.
Here’s the Javascript code that was used:
<script language="javascript">
function set_current_nav()
{
document.getElementById('<?=$current_page?>').setAttribute('class','selected');
}
set_current_nav();
</script>
I re-opened a dusty old script in my archives, one which uses IMAP. Decided that I would use PHP5 from now on, since PHP4 has been discontinued.
Installing PHP5 was pretty easy. Just unzip it into a folder, tweak PHP.INI settings, especially display_errors, enable extensions for imap, and don’t forget to set the extension_dir.
Include this in Apache httpd.conf
ScriptAlias /php/ “c:/php-5.2.5/”
AddType application/x-httpd-php .php
Action application/x-httpd-php “/php/php-cgi.exe”
IMAP also wasn’t working on Dreamhost. After a bit of Googling, found out that I needed to change the parameters for imap_open to:
imap_open(“{mail.domain.com:143/notls}INBOX”,’user’,'pass’);
Whew, those issues took an hour to do!