could someone explain what is happening here?


so Yii:app() returns the current CApplication object. but where does user comes from? it isnt a property cause then it should have a $ in front. but not a method cause it lacks the ().

user is the CWebUser instace

Properties of an object usually don’t have an $ in fornt of them except when they are defined in the class or when called statically. For example:

class SomeClass {

  public $someVar;



$object = new SomeClass;

echo $object->someVar;

See also here:

but how could you possibly jump from a CApplication object to a CWebUser object in


i dont understand the app()->user

what it actually means.

The static method Yii::app() returns an instance of CApplication (though by default in a webapp it returns one of its subclasses, CWebApplication). This class has a property named user, which is an object of class CWebUser, representing information about the current user. This class in turn has a returnUrl property. So the code Yii::app()->user->returnUrl references the returnUrl property of a CWebUser object that is in itself a property of CWebApplication.

Does that make things a bit more clear?


It’s just a shortcut for:

$user = Yii::app()->user;

$returnUrl = $user->returnUrl;

Yii is a OOP framework, so to understand all constructions, you have to know PHP + OOP pretty well.

how change the returnUrl?

public $returnUrl = array("/user/profile");

And how does returnUrl knew where to redirect ? I can’t find anywhere that path is predefined.

I am asking because I will have to create log in system where I have members and admin. And if member is logging in I have to redirect him to members cms, and if it is admin then to admin cms. So how can I redirect them then ?

And how can I set different session variables like "isMember" and "isAdmin" for example to make sure that only admin is visiting his own pages ?

I’m new to Yii.

returnUrl is defined in CWebUser, when it checks to see if login is required for a specific action:


For your situation, you can probably just add the redirect into the generic user login method, so that given a certain user type, the correct redirection will take place (maybe you even want to check that returnUrl is empty - otherwise you’ll interfere with the above behavior).

For setting isAdmin…etc, you should check out some existing extensions to see how they manage it. Some set it as a model variable (yii-user-management) and some as a method of the WebUser model (yii-user). If you want to store it as a session variable, you can do so in the login method as well. Use setState and getState for that.



The return URL is set when you call Yii::app()->user->loginRequired() ([size=2]see [/size]here) [size=2]in a controller action or use [/size]access rules[size=2] which require logged in users[/size][size=2]. You should always use one of these two methods to protect your pages from anonymous users. Then Yii will do everything automatically: Redirect the user to the login page, whenever a protected URL is called and go back to that URL after the login was successful.[/size]