CakePHP: Restrict DebugKit to An IP Address

Posted Sep 20, 2014

I've been playing around with CakePHP and using the DebugKit Toolbar component. It's great to have while I'm developing, and sometimes in production, but I of course don't want everyone to see it, except for me.
 
I looked up how to unload components in the documentation:
http://book.cakephp.org/2.0/en/core-libraries/collections.html#loading-and-unloading-objects
which shows this example
$this->Components->unload('Cookie');
 
I applied it to the DebugKit Toolbar like so:
$this->Components->unload('DebugKit.Toolbar');
 

Restricting IP Address In A CFWheels Database Table

I also wanted to restrict it on my IP address. Since my IP address can change, I added a new field to a settings table I created for my Blog, written in CFWheels, called adminsettings. The structure looks like this:
 
 
I inserted a new name and value called debugIPAddress in my blogs database using CF Wheels conventions:
INSERT INTO `cvazquezblog`.`adminsettings` (`name`, `value`, `createdAt`)
VALUES ('debugIPAddress', '[your computer's ip address]',now());
 
 

CakePHP View to Access CFWheels Table

For CakePHP, I have a view setup, using CakePHP's conventions, like so:
DROP VIEW IF EXISTS cvazquezblogcake.admin_settings;
CREATE DEFINER = `blog_view_user`@`localhost`
SQL SECURITY DEFINER
VIEW cvazquezblogcake.admin_settings (`id`, name, value, deletedAt)
AS
SELECT id, name, value, deletedAt
FROM cvazquezblog.adminsettings
WITH CHECK OPTION;
 
And with the proper permissions:
GRANT SELECT ON cvazquezblogcake.admin_settings TO 'cakeUser'@'localhost';
GRANT SELECT ON cvazquezblog.adminsettings TO blog_view_user@localhost;
 

Checking the IP Address in CakePHP

Now that I have my IP address stored in the database, I figured I could add the IP address check in the file
/admin/app/Controller/AppController.php
and in the method beforeFilter()
 
Here's how the function looks:
 
 
That's it. Whenever I have a new IP address, I can update it in the table. For a future upgrade, I can allow multiple debugIPAddress records, then perform a loop for a valid one, but I really want to control only one IP address at a time.

Discussions

New Comment














Latest Discussions

  • Carlos: Thank you!
    May 16, 2014 | Replies (0)
  • Jessica: Great info, thanks!
    May 15, 2014 | Replies (1)
  • Walter: Thanks, you totally saved me a bunch of searching around just now. I was setting up a percona xtradb...
    Feb 25, 2014 | Replies (0)
  • Avi: I've found the reason of the problem in my case. It's a bug as described here :http://bugs.mysql.com/bug.php?id=68892Shortly:...
    Dec 12, 2013 | Replies (0)
  • Avi: I've also met that behavior twice on 5.6.12 slaves. However, i didn't find the root cause of that....
    Dec 12, 2013 | Replies (0)