Zend ACL - how to handle request via ajax/jquery to pages that are protected_问答_开发者

Zend ACL - how to handle request via ajax/jquery to pages that are protected

开发者 https://www.devze.com 2023-01-25 15:19 出处：网络

I\'m kind of stuck here - I can write a hack to work around this but was wondering if there is a proper way to do this.

I'm kind of stuck here - I can write a hack to work around this but was wondering if there is a proper way to do this.

I am using Zend ACL to specify which pages are protected and require authentication. For example if the "UploadVideo.php" is a protected page - when a user clicks on a link to access that page - he is taken to the login page and after login is redirected back to UploadVideo.php page. So this all is taken care of and works fine.

Now on this other page - I have something like a "VOTE" button. A user can only cast vote if he is logged in.

Case 1 When the user is logged in - he clicks on the Vote button - I am using Jquery to call the action the following way: $.post('/video/vote', {video_id:video_id}, function(data) { if(data=="OK") ..... } Now /video/vote is a protected resource and since the user is logged in - the vote action gets called which increases the vote count and sends back an "OK" message and the page is dynamically updated with the new vote count.

Case 2 The user is not logged in - he clicks on the vote button - since the page is protected - the login page is returned thru the ajax call in variable "data" Ideally, when the user is not logged in - the ajax call should not happen - the user should be redirected to the login page - after login he shud be redirected to the /video/vot开发者_运维问答e action which will increment the vote count - and finally sent back to the page with the vote button

How do I handle this. I can write some hacks and check if user is logged in or not and depending upon that decide whether to make ajax call or redirect user but is that the best way to do this.

I dont know if I have clearly explained the problem.

Thanks for your time

There may be a Zend specific way for this I don't know about, but I can't think of anything simpler (and cleaner) than

Populate a Javascript variable logged_in depending on whether the user is logged in or not
Do a check for logged_in when the user clicks the vote button; offer to redirect if they aren't
Redirect to the login page with a target variable containing the current page's URL (for that, I'm sure, a Zend Framework specific way exists)
obviously, keep all server side checks in place. This is just for convenience.