Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

Change layout and dispatch loop

Hello, I'm not sure about the category, please change it if necessary.

For one of my actions, (IndexController::loginAction), I would like to change the layout script to more basic one than the standard admin layout and it works great with:

public function loginAction()
{
    $this->view->setRenderLevel(View::LEVEL_LAYOUT)->setLayout('login');
}

Well, now I have the Security plugin, which needs to redirect the user to the login page if not logged in and works perfect with this code:

$di['dispatcher'] = function() {
    //.......
    $eventsManager->attach('dispatch', $adminSecurity);
    //.......
    return $dispatcher;
};

But the problem is - it still use the main layout and not my login layout. It seems the setRenderLevel call have no effect anymore. In the Security plugin, I'm using beforeExecuteRoute method and I've tried to change to other dispatch events. I also tried to change the event to which it is attached to dispatch:beforeDispatch with no effect.

Any help is welcome!



1.6k
Accepted
answer

Solved:

$eventsManager->attach('dispatch:afterDispatch', $adminSecurity);


9.5k
edited Apr '14

I think you should do your security checks before dispatch, not after. http://docs.phalconphp.com/en/latest/reference/dispatching.html

In your current situation, I can still post any malicious data to your admin, which will successfuly process it and only then check if I'm logged in or not.

Remember that you can use 'View picking' from your controllers to change the view / layout.

        // Pick "views-dir/products/search" as view to render
        $this->view->pick("products/search");

http://docs.phalconphp.com/en/latest/reference/views.html#picking-views