Skip to content

Adding custom limited-access pages and reports

In most applications, you might need to create additional customized pages besides the ones generated by AppGini. For example, you might want to add some reports, charts, switch boards, special forms, .. etc. In this article, we'll explain how you can create an additional page and limit access to it to authenticated users. We'll also explain how to integrate it as part of your AppGini application.

You probably want to achieve 3 goals while integrating new custom pages into your AppGini application:

  1. Control access to the page. You want only authenticated users (or maybe only some authenticated users) to be able to access the page, while others are redirected to the homepage or the login form.
  2. Integrate the page appearance into your application. That is, you want that custom page to display the same top navigation menu shown in the other pages of your application, and to have the same theme.
  3. Link to the page from other pages so that your application users can easily find it. You might want to link to it from the homepage and/or form the "Jump to" drop-down menu in the top navigation bar.

We'll cover all the above points in this article.

Control access to your custom page

AppGini supports a membership system that is based on user groups.

  1. You can grant some permissions to a group (or some groups), and all users under that group would automatically be granted those permissions.
  2. Alternatively, you can grant some permissions only to a specific user rather than an entire group.
  3. Another approach is to grant some permissions to any authenticated user regardless of which group they belong to.

Let's see how to apply any of these approaches to your custom page.

First of all, let's create a new file in the hooks folder inside your AppGini-generated application folder. Let's call it example.php. Now, open that file in your text editor and paste the code below then save it.

<?php
    define('PREPEND_PATH', '../');
    $hooks_dir = __DIR__;
    include("$hooks_dir/../lib.php");

The above code allows you to use the functions provided by AppGini in your custom page, including the function getMemberInfo() which you can use for checking permissions. Let's see how to implement each of the above access methods.

Where to place your custom pages

We highly recommend placing your custom pages in the hooks folder or a subfolder of it. Placing your custom files outside the hooks folder, in the main application folder, would make it harder to maintain your custom files when you regenerate your application using AppGini.

In some cases, however, you might need to place your custom files outside the main application folder. For example, you might want to create a public-facing page that doesn't require authentication, without exposing your entire application to the public. In this case, you should modify the session cookie path to include the folder containing your custom files. This is important to allow custom pages outside the main application folder to share the same session with the rest of the application. Otherwise, users accessing the custom pages would be considered as guest users.

Let's take an example to illustrate this. Suppose you have a custom page called custom-page.php that you want to place in the parent folder of your AppGini application. And the application is located in a folder called myapp. The folder structure would look something like this, assuming your application is located at /var/www/html/myapp:

/var/www/html/
    myapp/
        hooks/
        ...
    custom-page.php

To allow custom-page.php to share the same session with the rest of the application, you should create a file called __bootstrap.php in the myapp/hooks folder if it doesn't already exist. Add the following code to __bootstrap.php:

<?php // if you don't have this line already, add it at the top of the file

function session_options(&$options) {
    $cookie_path = '/' . trim(config('appURI'), '/');
    // remove the last subdir from the cookie path
    $cookie_path = substr($cookie_path, 0, strrpos($cookie_path, '/'));
    $options['cookie_path'] = $cookie_path;
}

The above code modifies the session cookie path to include the parent folder of your application. This way, the session cookie would be shared between your custom page and the rest of the application.

Grant access to one or more groups

In case you want all the users that belong to the "Admins" and "Data entry" groups (for example) to be able to access your custom page, let's edit the code to read like this

<?php
    define('PREPEND_PATH', '../');
    $hooks_dir = __DIR__;
    include("$hooks_dir/../lib.php");

    /* grant access to the groups 'Admins' and 'Data entry' */
    $mi = getMemberInfo();
    if(!in_array($mi['group'], ['Admins', 'Data entry'])) {
        echo "Access denied";
        exit;
    }

    echo "You can access this page!";

If you try accessing the above page from your browser while logged in as any user under the 'Admins' or 'Data entry' groups, you should see the message You can access this page! ... Otherwise, you should see the error Access denied.

Grant access to one or more users

Another case is when you want one or more specific users, rather than a whole group, to access the page. We'll still use the getMemberInfo() function but the check will be slightly different:

<?php
    define('PREPEND_PATH', '../');
    $hooks_dir = __DIR__;
    include("$hooks_dir/../lib.php");

    /* grant access to the groups 'Admins' and 'Data entry' */
    $mi = getMemberInfo();
    if(!in_array($mi['username'], ['john.doe', 'jane.doe'])) {
        echo "Access denied";
        exit;
    }

    echo "You can access this page!";

If you try accessing the above page from your browser while logged in as the user 'john.doe' or 'jane.doe', you should see the message You can access this page! ... Otherwise, you should see the error Access denied.

Grant access to any logged user

Another case is to grant access to your page to all logged users. Here is the code for this scenario.

<?php
    define('PREPEND_PATH', '../');
    $hooks_dir = __DIR__;
    include("$hooks_dir/../lib.php");

    /* grant access to all logged users */
    $mi = getMemberInfo();
    if(!$mi['username'] || $mi['username'] == 'guest') {
        echo "Access denied";
        exit;
    }

    echo "You can access this page!";

The above will deny access to anonymous users and allow access to any logged user. If you've changed the default anonymous username of 'guest' in the admin area, you should update it in line 9 above.

Integrate the page appearance into your AppGini application

After controlling access to your custom page, the next step is to customize its appearance so that it matches the rest of the application pages. This can be very easily achieved by including the header and footer files as follows.

<?php
    define('PREPEND_PATH', '../');
    $hooks_dir = __DIR__;
    include("$hooks_dir/../lib.php");

    include_once("$hooks_dir/../header.php");

    /* grant access to all logged users */
    $mi = getMemberInfo();
    if(!$mi['username'] || $mi['username'] == 'guest') {
        echo "Access denied";
        exit;
    }

    echo "You can access this page!";

    include_once("$hooks_dir/../footer.php");

Finally, you want users to be able to easily reach your page. AppGini makes it easy to add links to the homepage and/or to the navigation menu. To do so, all you need to do is add a few lines to the "hooks/links-home.php" and/or "hooks/links-navmenu.php" files.

Tip! If you plan to add many custom pages to your application, it might not be very practical to place links to all of them directly into the navigation menu or the homepage. A more organized approach in this case is to create a page listing the custom links and add a link to that page rather than to each custom page.

If you are using AppGini versions before 5.90

If you're using AppGini versions earlier than 5.90, you need to include language files when creating a custom page. In all of the above code snippets, change this part of the code:

include("$hooks_dir/../lib.php");

to:

include("$hooks_dir/../defaultLang.php");
include("$hooks_dir/../language.php");
include("$hooks_dir/../lib.php");