Reference Guide - The Trongate Administrators Module

__construct()

Constructor for the Trongate_administrators module. Calls parent constructor and initializes dashboard home URL and login URL.

Ensures that access is allowed for administrators by verifying the presence of a valid token. If the user is not logged in or lacks the required token, they are redirected to the Trongate administrators' login page.

account()

Redirects to the 'create' route for the Trongate administrators module based on the user's token. If a valid 'Trongate token' is authenticated, the method constructs a redirect URL to the 'create' route with the user's ID appended.

conf_delete()

Manages the confirmation process for deleting a Trongate administrator record. Validates the deletion request and loads the confirmation template if the record exists. Redirects to the (admin) management page if the record doesn't exist.

create()

Renders a page for the creation or updating of Trongate administrator records.

delete_conf()

Displays a confirmation page before deleting a record. Prevents users from deleting their own account. Requires a valid update ID in URL segment 3.

go_home()

Redirects to the designated dashboard home page.

log_user_in()

Logs a user in by generating an authentication token and storing it in the database. Handles both web and MX (Trongate MX/API) request types.

login()

Renders a login page for administrators.

login_check()

Validates the submitted username and password for login authentication against existing usernames and hashed passwords stored in the 'trongate_administrators' table.

logout()

Handles user logout by destroying tokens and redirects based on the existence of the secret login segment.

make_sure_allowed()

Ensures the current request is from an authenticated admin user (user level 1). Blocks direct URL access to this method for security.

manage()

Renders a page for the management of records within the 'trongate_administrators' table. Retrieves necessary data such as admin ID, username rows from the model, and loads the management view.

not_allowed()

Renders a "Access Temporarily Blocked" page when a user has exceeded the maximum number of login attempts. If the referring page was the login submission, a login link is provided.

not_found()

Renders a "Record Not Found" page with a descriptive message and a "Go Back" link. Called internally when a requested record doesn't exist or has been deleted.

police_secret_login_url()

Returns the login form submission URL, supporting an optional "secret login segment" feature. If a secret login segment is configured, accessing the module URL directly triggers a 404 to obscure the admin login path.

set_per_page()

Sets the number of records to display per page in the admin management view. Reads the selected index from URL segment 3, validates it against the available options, stores the preference in the session, and redirects to the manage page.

show()

Displays a single record's details. Requires a valid update ID in the URL (segment 3). If the record doesn't exist, renders a "not found" page instead.

submit()

Handles form submission for user data, validates input, updates existing records, or creates new ones accordingly. Redirects to management view or the creation form based on form submission.

submit_delete()

Handles the deletion of a specific user record and related entries based on the given update ID. Performs the deletion of related records from 'trongate_users' and 'trongate_administrators' tables. Redirects to the management page after successful deletion.

The Trongate Administrators Module

__construct()

make_sure_allowed()

account()

conf_delete()

create()

delete_conf()

go_home()

log_user_in()

login()

login_check()

logout()

make_sure_allowed()

manage()

not_allowed()

not_found()

police_secret_login_url()

set_per_page()

show()

submit()

submit_delete()

submit_login()

submit_update_password()

update_password()

update_your_details()

username_check()