Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

SS 2.4.7 _config.php permission check


Go to End


3 Posts   793 Views

Avatar
dacar

Community Member, 173 Posts

22 March 2013 at 3:08am

Hi,

does anybody know, how to do a permission check in _config.php to load differet database settings depending on the login status?

global $databaseConfig;
if (Member::isInGroup('Administratoren'))  {
	// temoräre DB
	$databaseConfig = array(
		"type" => 'MySQLDatabase',
		"server" => 'mysql5.xxx.net',
		"username" => 'yyy',
		"password" => 'yyy',
		"database" => 'yyy',
		"path" => '',
	);
} else {
	// orig DB
	$databaseConfig = array(
		"type" => 'MySQLDatabase',
		"server" => 'mysql5.xxx.net',
		"username" => 'xxx',
		"password" => 'xxx',
		"database" => 'xxx',
		"path" => '',
	);
}

Greetings, Carsten.

Avatar
martimiz

Forum Moderator, 1391 Posts

22 March 2013 at 4:58am

Edited: 22/03/2013 5:01am

OK - basically the user needs to login first, so that would mean his credentials are checked against database yyy - because at that point he hasn't logged in yet.

Once logged in however - even if the users status would already be known at the moment the config file is read, which it probably isn't, because SS would first have to check the user against the users credentials in, yes, the database, to make sure it's a valid login - SS would now have to check same users credentials against database xxx... or... From this point on I get too dizzy :-)

Every other way, like checking on a session cookie and logging the user onto the second database based on that, seems to me to be very unsafe...

Of course I don't know why you need to do this, but maybe there is another approach that would solve your problem?

Martine

Avatar
dacar

Community Member, 173 Posts

22 March 2013 at 9:13pm

Hi martimiz,

thanks for your fast reply. This one was absolutely project specific. I wanted to give the authors the possibility to change the content, images and DO's fundamentally while useres see the old content. After the work is done i wanted to change the DB No.2 to the leading DB.

I have solved the problem in an other way but i am still keen on knowing whether it is possible to solve it in the suggested way.

Thanks.