admin only pages

how do we create admin only pages?

how do we authenticate user login, checking credentials from database?


This link covers user authentication, if you want to use the same system for admins and users you’ll need to look into role based access control which is more complex.

If you want to look at dividing the site and admin areas you should take a look at modules, here.

Thanks a lot, for your reply!

In the basic start-up application that we create in Yii using command ‘yiic webapp path/to/application’ the login form takes admin/admin as username/password.I want the password for admin being authenticated from the database.but this default login form does not check in the database.somehow, it takes only admin/admin values for can I authenticate it from database.I have created a model ‘User’ and corresponding controller ‘userController’ and two forms for user login and registration.Through the register.php form , I am able to register and save users related data in the database.Now I want to authenticate the admin login through the database.

It does check the database but only the SQLite one found in /protected/data/, make sure your User model matches a database table with md5 hash passwords and you turn off that SQLite DB in the main.php config file, it’ll be listed under components.

The authentication that happens in the initial generated codes of Yii does not look at any database. It’s just looking in an array (see components/UserIdentity).

Luke Jurgs already gave you the link of the topic that describes authentication from the database.

You can use an RBAC extension like ‘Rights’ to check whether the user is an admin or not (of course there’s a need to declare which users will be considered as admin_. But if you want it to be just a simple checker if the user who logs in is an admin based on the database, then add a field to your ‘users’ table that you can use for checking (like ‘isAdmin’ or simple ‘admin’ will do, only expecting 1 or 0 as values).