I'm working with codeigniter, I'm doing an auth system - user can log in, he can see all pages, after he can log out. The problem is next: why logged out user can see all pages without to be logged in. how can I correct it? This is my controller:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class User extends CI_Controller {
public function __construct() {
parent::__construct();
$this->load->helper(array('url', 'form'));
$this->load->model("usermodel");
$this->load->library('session');
}
private function view($page, $data=false) {
if($page == "auth/login" ){
$this->load->view("auth/header_auth.php");
}else{
$this->load->view("header.php");
}
$this->load->view($page, $data);
$this->load->view("footer.php");
}
public function index() {
if ($this->session->userdata("user")) {
redirect("dashboard", "refresh");
return;
}
$this->view("auth/login");
}
public function fail() {
$this->view("auth/login");
}
public function dashboard() {
$this->view("auth/dashboard");
}
public function login() {
$login = $this->input->post("login");
$password = $this->input->post("password");
if ($this->usermodel->login($login, $password)) {
$this->session->set_userdata("user", $login);
redirect("dashboard", "refresh");
} else {
redirect("fail", "refresh");
}
}
public function logout() {
$this->session->unset_userdata('user');
session_destroy();
redirect('index', 'refresh');
}
}
