CodeIgniter Forums

Full Version: Good idea or Bad idea?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

El Forum

[eluser]asmedrano[/eluser]
I might be over thinking this.
Simple form...' mysite/form' ----> submits to ---- >'mysite/processform' (w/e)
Whats the best way to keep people from stumbling to that page mysite/processform should they have that inclination?

What do you guys/gals think about this:

Code:
function processform ()
    {
        if($_SERVER['REQUEST_METHOD'] =='POST') {

                     //// do all form validation ect

                 }
                 else{

                    //// they came directly to this page for some reason so send user to another page.
                    
                }

    }

? Any thoughts?

El Forum

[eluser]Damien K.[/eluser]
If you're concerned about people accessing 'processform', you may want to submit the form to itself and then forward off to '_processform' for processing (note the rename of the function with an underscore to prevent access).

El Forum

[eluser]asmedrano[/eluser]
Interesting... got a quick sample?

Im curious to see if anyones got a CI best practice?

Either way, thanks for the reply!

El Forum

[eluser]Damien K.[/eluser]
Code:
function form()
{
    ...
    if ($this->form_validation->run() !== false)
    {
        $this->_processform();
    }
    ...
}

function _processform()
{
    ...
}

El Forum

[eluser]BrianDHall[/eluser]
I just do something like this, specific to one of the required form fields:

Code:
if ($this->input->post('login')
{
    ...
}

Or sometimes like Damien's example, depending on how I think I may wish to use the form.

The way any page is set there should never be a worry that someone will find it who shouldn't - there is no such thing as a truly hidden page on the internet Smile