Crisoft Ricette

This week I started on the user registration. At the moment, new users can register themselves with Crisoft, providing information like username and password and (if available) and email address, url and description. The email will become mandatory soon, because I want to build a email-based activation to prevent spam users to register. At the moment new users are marked as “inactive” in the database and they can not login yet.

I added a simple pagination component, that builds an alphabetical navigation for all the recipes in the database. It’s written by myself, because I had no access to the official pagination helper, but it does its job. Maybe I replace it with the official version soon.

Finally, I added the model Role that hopefully helps to give users a role and access rights. I don’t have a feeling how to code that yet, but I think having models like Role and Right will help with the setup.

In CakePHP it is really easy to force users to login before executing actions. I inserted this functionality today and I’m very happy that it is so flawless.

The class app_controller.php has a function now that checks the current session. The function is used in important actions to functions to protect the content from unregistered users. This content is the user list or the “add recipe” functionality. I consider actions that change content or reveal too much information as important and try to protect them.

The mechanism used to redirect a user to the login has a nice feature now: it allows the redirect target to be specified when checking the session information. So, after login the user will be redirected to the proper page again and continues it’s journey without being interrupted. I think this is important for the usability and the experience of Crisoft. I try to figure out how to manage those things with PHP and CakePHP, and maybe I find a new way to solve this in a few weeks. Until then, you can go check out the files in the CVS and maybe you have some comments and feedback on it. I’ll be happy to hear about your opinion!

This week I was able to add the first stub functionality for the login. I use a simple User model and a password that’s MD5ed. I need to secure the important Actions now. I hope to finish the login next week.

And I changed some of the relations between the models. I think I did a great mess when I created the model. Slowly, I get into the whole hasMany, belongsTo and hasAndBelongsToMany thing.