Документация InstantCMS

для администраторов и разработчиков

Инструменты пользователя

Инструменты сайта


Working With Users

Current User

The cmsUser system class is responsible for working with the current user (client). This class is globally available and you can use it in any component part – in a controller, hooks, models, templates.

The majority of the cmsUser class properties are available via static methods. However, you can use an instance of this class:

$user = cmsUser::getInstance();

This option is preferable, if properties are requested several times in one code block. The examples below show both request options (static and via an instance). These examples assume that the $user object has already been initialized as shown above.

Authorization checking

if (cmsUser::isLogged()){ ...a user is authorized... }
if ($user->is_logged){ ...a user is authorized... }

User info

If a user is authorized, you can get any field value from the users table for this user. For example, ID or nickname


For an unauthorized user (guest), the only field available is the «ID» field containing 0 (null). Always check if a user is authorized before you request user data.

Mandatory authorization

You can force redirect a user to the authorization page with the help of the goToLogin([$back_url]) method:

//if a user is not authorized
if (!cmsUser::isLogged()){
    //we redirect him/her to the authorization page

You can pass the page URL as an optional incoming parameter to redirect a user to after authorization. If not specified, a user will be redirected to the current URL (from which authorization is requested).

$back_url = href_to('my_controller', 'my_action');

In this example, a user will get to the /my_controller/my_action page after authorization.

Administrator checking

if (cmsUser::isAdmin()){ ...this is an administrator... }
if ($user->is_admin){ ...this is an administrator... }

:!: In InstantCMS 2, an administrator status is assigned to Each User individually. Membership in the «Administrators» group does not give a user administrator privileges.

Group membership checking

Receiving an array with a list of IDs of all groups in which a user a member is


Checking membership in a certain group:

if ($user->isInGroup($group_id)) { ... }

Checking membership in any of the specified groups:

if ($user->isInGroups($groups_ids_array)) { ... };

Checking friends

Receiving an array with a list of all IDs of user’s friends:


Checking friend availability:

if ($user->hasFriends()) { ... }

Checking certain friend availability:

if ($user->isFriend($friend_user_id)) { ... }


Recording data into session

Recording the $key parameter with the $value value into the current user session:

cmsUser::sessionSet($key, $value);

Reading session data

Checking the $key parameter availability and reading it:

//if the parameter exists,
if(cmsUser::isSessionSet($key)) {
    //we extract the value from the session
    $value = cmsUser::sessionGet($key);

If you try to extract a nonexistent parameter from a session, the false value will be returned.

You can delete it from the session while reading the parameter:

//we put the parameter into the session
cmsUser::sessionSet('my_key', 'my_value');
//we read the parameter and delete it
$value = cmsUser::sessionGet('my_key', true); //=> my_value
//we check if the parameter does not exist
cmsUser::isSessionSet('my_key'); //=> false

Arrays in a session

You can read and replace certain elements by keys if an array has been recorded into the session.

//we put an array into the session
cmsUser::sessionSet('my_array', array('first'=>1, 'second'=>2));
//we extract only the second element of the array
//we replace only the first element
cmsUser::sessionSet('my_array:first', 'New value');

Deleting from a session



Writing data into cookies

Setting the $key cookies with the $value value to the current user:

cmsUser::setCookie($key, $value, $time, $path, $http_only)

the last 3 parameters are optional:

Parameter Value By default
$time Lifetime, in seconds 3600
$path A path to the directory on the server from which cookies will be available /
$http_only Unavailability of cookies for Javascript and other client languages true

An alternative:

cmsUser::setCookiePublic($key, $value, $time, $path)

Works similar to the first option, however, $http_only is set to false.

Reading from cookies

Checking the user $key cookies availability and reading it:

//if cookies exists
if(cmsUser::hasCookie($key)) {
    //we extract the value from cookies
    $value = cmsUser::getCookie($key);

If you try to extract non-existant cookies, the false value will be returned.

Deleting cookies


Cookies are deleted when cookies’ lifetime is turned one hour backward.

Back to Contents

en/dev/controllers/user.txt · Последнее изменение: 24.05.2017 11:30 — murlysja