Adding custom limited-access pages and reports
In most applications, you might need to create additional customized pages besides the ones generated by AppGini. For example, you might want to add some reports, charts, switch boards, special forms, .. etc. In this article, we'll explain how you can create an additional page and limit access to it to authenticated users. We'll also explain how to integrate it as part of your AppGini application.
You probably want to achieve 3 goals while integrating new custom pages into your AppGini application:
- Control access to the page. You want only authenticated users (or maybe only some authenticated users) to be able to access the page, while others are redirected to the homepage or the login form.
- Integrate the page appearance into your application. That is, you want that custom page to display the same top navigation menu shown in the other pages of your application, and to have the same theme.
- Link to the page from other pages so that your application users can easily find it. You might want to link to it from the homepage and/or form the "Jump to" drop-down menu in the top navigation bar.
We'll cover all the above points in this article.
Control access to your custom page
AppGini supports a membership system that is based on user groups.
- You can grant some permissions to a group (or some groups), and all users under that group would automatically be granted those permissions.
- Alternatively, you can grant some permissions only to a specific user rather than an entire group.
- Another approach is to grant some permissions to any authenticated user regardless of which group they belong to.
Let's see how to apply any of these approaches to your custom page.
First of all, let's create a new file in the 'hooks' folder inside your AppGini-generated application folder. Let's call it "example.php". Now, open that file in your text editor and paste the code below then save it.
<?php
define('PREPEND_PATH', '../');
$hooks_dir = __DIR__;
include("$hooks_dir/../lib.php");
The above code allows you to use the functions provided by AppGini in your custom page, including the function getMemberInfo() which you can use for checking permissions. Let's see how to implement each of the above access methods.
Grant access to one or more groups
In case you want all the users that belong to the "Admins" and "Data entry" groups (for example) to be able to access your custom page, let's edit the code to read like this
<?php
define('PREPEND_PATH', '../');
$hooks_dir = __DIR__;
include("$hooks_dir/../lib.php");
/* grant access to the groups 'Admins' and 'Data entry' */
$mi = getMemberInfo();
if(!in_array($mi['group'], ['Admins', 'Data entry'])) {
echo "Access denied";
exit;
}
echo "You can access this page!";
If you try accessing the above page from your browser while logged in as any user under the 'Admins' or 'Data entry' groups, you should see the message You can access this page! ... Otherwise, you should see the error Access denied.
Grant access to one or more users
Another case is when you want one or more specific users, rather than a whole group, to access the page. We'll still use the getMemberInfo() function but the check will be slightly different:
<?php
define('PREPEND_PATH', '../');
$hooks_dir = __DIR__;
include("$hooks_dir/../lib.php");
/* grant access to the groups 'Admins' and 'Data entry' */
$mi = getMemberInfo();
if(!in_array($mi['username'], ['john.doe', 'jane.doe'])) {
echo "Access denied";
exit;
}
echo "You can access this page!";
If you try accessing the above page from your browser while logged in as the user 'john.doe' or 'jane.doe', you should see the message You can access this page! ... Otherwise, you should see the error Access denied.
Grant access to any logged user
Another case is to grant access to your page to all logged users. Here is the code for this scenario.
<?php
define('PREPEND_PATH', '../');
$hooks_dir = __DIR__;
include("$hooks_dir/../lib.php");
/* grant access to all logged users */
$mi = getMemberInfo();
if(!$mi['username'] || $mi['username'] == 'guest') {
echo "Access denied";
exit;
}
echo "You can access this page!";
The above will deny access to anonymous users and allow access to any logged user. If you've changed the default anonymous username of 'guest' in the admin area, you should update it in line 9 above.
Integrate the page appearance into your AppGini application
After controlling access to your custom page, the next step is to customize its appearance so that it matches the rest of the application pages. This can be very easily achieved by including the header and footer files as follows.
<?php
define('PREPEND_PATH', '../');
$hooks_dir = __DIR__;
include("$hooks_dir/../lib.php");
include_once("$hooks_dir/../header.php");
/* grant access to all logged users */
$mi = getMemberInfo();
if(!$mi['username'] || $mi['username'] == 'guest') {
echo "Access denied";
exit;
}
echo "You can access this page!";
include_once("$hooks_dir/../footer.php");
Link to the page from other pages
Finally, you want users to be able to easily reach your page. AppGini makes it easy to add links to the homepage and/or to the navigation menu. To do so, all you need to do is add a few lines to the "hooks/links-home.php" and/or "hooks/links-navmenu.php" files.
Tip! If you plan to add many custom pages to your application, it might not be very practical to place links to all of them directly into the navigation menu or the homepage. A more organized approach in this case is to create a page listing the custom links and add a link to that page rather than to each custom page.
If you are using AppGini versions before 5.90
If you're using AppGini versions earlier than 5.90, you need to include language files when creating a custom page. In all of the above code snippets, change this part of the code:
include("$hooks_dir/../lib.php");
to:
include("$hooks_dir/../defaultLang.php");
include("$hooks_dir/../language.php");
include("$hooks_dir/../lib.php");