Search the Community

I have simple app built on yii2 basic. The data gathered through yii forms and models is used in another web service, and apart from the admin, no one needs to view or access the yii environment. Never the less I want to ensure the admin has to login to do anything, including view. The Site controller seems logical place to do this, but I am not finding this scenario obvious. Does access control have to be added to all affected controllers, or can I configure it once in sitecontroller and meet the objective? Mike B

Hi all! I started using Yii and I'm trying to authenticate users by db table from login form, but i'm getting in trouble with find() function. This is my UserIdentity's class: private $_id; public function authenticate() { $username = strtolower($this->username); $record=User::model()->find('LOWER(username)=?',array($username)); if($record===null) $this->errorCode=self::ERROR_USERNAME_INVALID; else if($record->password!==md5($this->password)) $this->errorCode=self::ERROR_PASSWORD_INVALID; else { $this->_id=$record->id; $this->setState('title', $record->title); $this->errorCode=self::ERROR_NONE; } return !$this->errorCode; } public function getId() { return $this->_id; } I'm running the project in xdebug-mode (under Netbeans IDE) and i check $username is correct. ($username contains the same value i insert on the browser) I go step by step and i see that, immediately after find() line, $record has 'username' and 'password' validated as void string and then that errorCode is equals to 2. I tried using findByAttributes() function too, but there's the same problem. No exception, just 'Incorrect username or password.' message. DB Connection works because i created 3 users using webapp. Moreover if there was a db connection error i would assume that there should be an error in logs. I'm not really understanding: that find() is one of the first operation that i do in a Login Form. I'm sorry for my english, thanks! PS. i'm using SQL Server 2008