DAO - Refreshing session object

Dear All,

Please suggest if any thing is wrong with the approach I am taking . I am using DAO in all the places

I have user object


class MyUser

{

  public $user_name;

  public $user_id;

  public $first_name;

  public $last_name;

  public $gender;

  public $country_code;

}

In user identity class , I am getting the above object after successful authentication , assigning it to the _id field ( the whole object I am assigning )

$this->_id=$user;

So to refer user id in the object I am using


Yii::app()->user->id->user_id

this approach is working fine and no issues . But when user modifies … for example his gender

I am updating database field and I am modifying the session object by giving below statement


Yii::app()->user->id->gender='M'

This is working fine ( until user closes his browser), But if the user selects " Remember me " option when he logs in … Next time when user comes to the site he is seeing the old gender code and not the one modified last time . So for that next time when user comes I want to refresh the full session object from database

for this

I am just passing the user_id from the existing session to database , getting the above object and refreshing the whole session object . No other checks I am doing .

Any thing wrong with the approach I am doing …?

Thanks for reading this …

Regards

Yii Fan

Hello All,

I just noticed in browser cookie , the user Object whatever I am storing is in readable format ( It just in URL encoded format , I can decode it easily )

Any suggestions the object I am storing in session in non readable format ? Or the above approach I am following wrong …?

Thanks for your help .

Regards

Kiran

IMHO I think you are doing the wrong approach, what i would do is to modify the CWebUser and then refresh the user from the DDBB. Here is an example:




/**

 * Custom Webuser class

 */

class WebUser extends CWebUser

{


	private $_dbUser = false;


	/**

	 * @return User the user record associated with the currently logged in user. 

	 * Null if there is no such user record (user not logged).

	 */

	public function getDbUser()

	{

		if($this->_dbUser === false)

			$this->_dbUser = $this->isGuest ? null : User::model()->findByPk($this->id);

		return $this->_dbUser;

	}


	protected function beforeLogin($id,$states,$fromCookie)

	{

		if($fromCookie)

		{

			$user = User::model()->findByPk($id);

			if($user && isset($states['vkey']) && $user->validation_key === $states['vkey'])

			{

				$this->_dbUser = $user;

				return true;

			}

			else

				return false;

		}

		return true;

	}


	protected function afterLogin($fromCookie)

	{

		if(($user = $this->getDbUser()) !== null)

		{

                       /* should we set login attributes? -- remove them if you dont have these fields as this is an example */

			$user->saveAttributes(array(

				'login_time' => time(),

				'login_ip' => Yii::app->request->userHostAddress

			));

		}

	}

}




Thanks a lot for Antonio for your nice explanation and for your help.

If you don’t mind could you please clarify what is use of extending CWebUser and dealing with it when we have direct methods … I mean when we have direct way of setting it using Yii::app()->session[‘var’] or $this->setState methods .

Thanks again

Regards

Yii Fan

[size="3"][color=#333333][font=arial, sans-serif]Also[/font][/color][color=#333333][font=arial, sans-serif] [/font][/color][color=#333333][font=arial, sans-serif]see[/font][/color][color=#333333][font=arial, sans-serif] [/font][/color][color=#333333][font=arial, sans-serif]this example[/font][/color][color=#333333][font=arial, sans-serif]:[/font][/color][/size]

[color=#333333][font=arial, sans-serif][size="3"]http://www.yiiframework.com/wiki/60/[/size][/font][/color]