hello yii masters…
I have created my own login page and using database for authentication (not ‘admin’ and ‘demo’ anymore), my login page will read from ‘user’ table. in user table there is ‘role’ attribute which only contained ‘administrator’ or ‘super administrator’. The problem is, how can I manage the page after those 2 different roles logging in. For example, administrator will go to ‘site/adminCMS’ while superadministrator will go to ‘site/superCMS’ after successful login.
i will suggest you to read the guide so you will understand whats been going in the login process,
anyway, in siteController in actionLogin() you will see something like
if($model->validate() && $model->login()) $this->redirect(Yii::app()->user->returnUrl);
so instead for just redirect to the returnUrl check the role if its admin redirect to site/adminCMS
and if its superadmin redirect to site/superCMS
Your UserIdentity class should contain a method like this (note the setState() calls):
public function authenticate()
{
$user = User::model()->find('login = ?', array($this->username));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else if (!$user->validatePassword($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
// valid user and login
$this->errorCode = self::ERROR_NONE;
$this->_id = $user->id;
// add all fields as persistent attributes of Yii::app()->user
foreach ($user->attributes as $field => $value) {
if ($field !== 'id') {
$this->setState($field, $value);
}
}
}
return ($this->errorCode == self::ERROR_NONE);
}
Now if your User class has an attribute "role", your site controller should contain (note the getState() call):
public function actionLogin()
{
$model = new LoginForm;
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
if (Yii::app()->user->getState('role') == 'admin') {
$this->redirect('over/there');
} else {
$this->redirect(Yii::app()->user->returnUrl);
}
}
}
$this->render('login', array('model' => $model));
}
You will be able to access your user attributes everywhere with “Yii::app()->user->myattribute” or “Yii::app()->user->getState(‘myattribute’)”. IIRC, you need to use the later for the “role” attribute.
Read http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#defining-identity-class for details. You should for example disable "CWebUser::allowAutoLogin" in your configuration (enabling it is almost always a bad idea).
François Gannaz
i dont understand why to use the setstate?
i think this will be better:
public function actionLogin() {
$model = new LoginForm;
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
if ($model->role == 'administrator') {
$this->redirect('site/adminCMS');
} else if ($model->role == 'super administrator') {
$this->redirect('site/superCMS');
} else {
$this->redirect(Yii::app()->user->returnUrl);
}
}
}
$this->render('login', array('model' => $model));
}
As I wrote, this will make the useful info (mainly the value of "role") available on every page of the application (through a PHP session).
Your solution is wrong. Here the model is "LoginForm", so you are trying to read the "role" attribute of this form. But the form do not (and should not) contain this.
What you probably wanted to do was:
if (User::model()->findByPk(Yii::app()->user->id)->role === 'admin') {
This is much heavier than the solution I suggested. It also has 2 drawbacks: it makes an unnecessary DB query, and does not provide the "role" data on other pages (which would probably be handy).
oh i got it. thank you 
thanks a lot brothers and sisters in yii 
that line above. Does the role and admin comes from the database? or what?