CodeIgniter Forums
Need help on query string - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: Need help on query string (/thread-10434.html)



Need help on query string - El Forum - 07-31-2008

[eluser]nandish[/eluser]
Hi

I need to stop entering data in url

example

http://se.unoserv1.com/index.php/csubscript?uname='nandish'


if the user enter the data in the query string like uname='raj' and hit enter it will shows the data, but i need to stop this

I tryed to set register_globals is off and register_argc_envc is off but it wont't work

thanks






Need help on query string - El Forum - 07-31-2008

[eluser]andreagam[/eluser]
Don't get the user name via the query string. Use POST variables.

Just a little advice for the forum: if you color your posts, people reading it will focus on the ugliness of the colour instead of reading and understanding you question... use the default. :-P


Need help on query string - El Forum - 07-31-2008

[eluser]Sumon[/eluser]
You may have a try with changing config\config.php file

Code:
$config['enable_query_strings'] = FALSE;    // Turn it to FALSE



Need help on query string - El Forum - 07-31-2008

[eluser]nandish[/eluser]
I checked out in confing.php file, its already FALSE

Is there any other way to avoid..


Need help on query string - El Forum - 07-31-2008

[eluser]Michael Wales[/eluser]
Could you please paste the code that uses that specific variable (I assume it's within a SQL WHERE statement).


Need help on query string - El Forum - 07-31-2008

[eluser]Sumon[/eluser]
would you please post your controller(csubscript) here.


Need help on query string - El Forum - 08-02-2008

[eluser]nandish[/eluser]
[size=1]<?php
/* Created By Nandish on 13th June 2008 */
Class Csubscript extends Controller{

function Csubscript(){
parent::Controller();
$this->load->model('Msubscript');
$this->load->library('SEHelper');
}
//-----------------------------------------------------------------------------------------------------------------
function index(){
if(!$this->sehelper->checkSession()) return;
$roleid = $this->sehelper->getUserRole();
$schname = $this->sehelper->getUserShortSchoolName();
$year = date('Y'); //initially assigning year , state and school when the page loads
$state = '';
$schName = '';
$this->showData($state,$schName,$year);
}
//-------------------------------------------------------------------------------------------------------------------
// get the schools dropdown according to the particular value of state
function schoolDdown(){
if(!$this->sehelper->checkSession()) return;
$state = $this->uri->segment(3);
$result = $this->Msubscript->getschool($state);
echo "School:<select id='lschl' name='lschl'>";
if(count($result)>0){
echo "<option value='Select a School'>Select a School</option>";
foreach($result as $item){
echo "<option value='".$item['s_school_name']."'>".$item['s_school_name']."</option>";
}
"</select>";
}else {
echo "There is No SCHOOLS to display";
}
}
//-------------------------------------------------------------------------------------------------------------------
// get the year dropdown according to the particular value of school
function yearDdown(){
if(!$this->sehelper->checkSession()) return;
$school = $this->uri->segment(3);
if($school == 'ALL'){ //if the user select All (school name)
$school = '%';
}
$result = $this->Msubscript->getyear($school);
if(count($result)>0){
echo "Year:<select name='lyear' id='lyear'>";
foreach($result as $item){
echo "<option value='".$item['s_year']."'>".$item['s_year']."</option>";
}
echo "</select>";
}else {
echo "There is No YEAR to display";
}
}
//-------------------------------------------------------------------------------------------------------------------
function showData($state,$schName,$year){
if(!$this->sehelper->checkSession()) return;

// Checking User Role Privilage
$privId = "WEBUSER_SUBSCRIPTION";
$userRole = $this->sehelper->getUserRole();
if ($this->SEModel->checkRolePrivileges($privId, $userRole) == "0"){
redirect('');
}
$data['sres'] = $this->Msubscript->getAllstate(); //initially loading all states in state dropdown
$allSchools = $this->Msubscript->getAllschools(); //initially loading all schools in school dropdown
$data['yres'] = $this->Msubscript->getAllyear(); //initially loading all year in year dropdown
$data['Aroles'] = $this->Msubscript->getAllroles();
$data['Aplans'] = $this->Msubscript->getAllplans();

// Check if State has valid value
if ($state == '') {
$state = 'MI';
}

// Check if School Name is passed in or not.
// If so, pick the first school in the array.
if ($schName == '') {
foreach ($allSchools as $rec) {
$schName = $rec['s_school_name'];
break;
}
}

// For safety, just initialize to Troy Athens High
if ($schName == ''){
$schName = 'Troy Athens High';
}
$data['schres'] = $allSchools; //storing all schools in an array
$data['res'] = $this->Msubscript->getAlldata($state,$schName,$year); //get user information
$data['gstate'] = $state;
$data['schname'] = $schName;
$data['Year'] = $year;
$this->load->view('vsubscript',$data);
}
//--------------------------------------------------------------------------------------------------------------------
function usreload(){ //reloading the user subscription page with different values;
if(!$this->sehelper->checkSession()) return;
error_reporting(0);
if(isset($_REQUEST['ustate'])){
$ustate = $_REQUEST['ustate'];
}
if(isset($_REQUEST['lschl'])){
$uschl = $_REQUEST['lschl'];
if($uschl == 'ALL'){
$uschl = '%';
}
}
if(isset($_REQUEST['lyear'])){
$uyear = $_REQUEST['lyear'];
}
$this->showData($ustate,$uschl,$uyear);
}
[/size]


Need help on query string - El Forum - 08-02-2008

[eluser]nandish[/eluser]
function updateUsdata(){
if(!$this->sehelper->checkSession()) return; //updating user information
error_reporting(0);
if(isset($_REQUEST['uName'])){
$Name = $_REQUEST['uName']; // fullname of user ex; firstname+lastname
$spName = explode(" ",$Name); // spliting
$firstName = $spName[0]; // assiginig value for firstName and lastName
if($spName[1] == ""){ // if the user enter only first like Kumar,Instead of Kumar Bhograju.
$lastName = $spName[0];
}else{
$lastName = $spName[1];
}
}
if(isset($_REQUEST['ustate'])){
$state = $_REQUEST['ustate']; //Note: we are using two forms submit
} // 1)reloading view page
else{ // 2)updating data
$state = $this->uri->segment(3); //getting state value(submit form value) with the help of javascript -
} //when we submit update form
if(isset($_REQUEST['uRole'])){
$Role = $_REQUEST['uRole'];
}
if(isset($_REQUEST['uPlan'])){
$Plan = $_REQUEST['uPlan'];
}
if(isset($_REQUEST['lyear'])){
$year = $_REQUEST['lyear'];
}else {
$year = $this->uri->segment(5); //getting year value (submit form value) with the help of javascript -
} //when we submit update form
if(isset($_REQUEST['lschl'])){
$schName = $_REQUEST['lschl'];
}else{
$schName = $this->uri->segment(4); //getting year value (submit form value) with the help of javascript -
} //when we submit update form
if(isset($_REQUEST['uId'])){
$userId = $_REQUEST['uId']; //Accroding the userID,Updating userInformation in //tbl_user_subscriptions and
//tbl_users.
}
$this->Msubscript->updateUserInfo($Plan,$Role,$firstName,$lastName,$userId); //updating
if($schName == 'ALL'){
$schName = '%';
}
$this->showData($state,$schName,$year); //reloading the page after updating
}
//---------------------------------------------------------------------------------------------------------------
}
?&gt;