Stop form validation callbacks from being accessible through the url - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Stop form validation callbacks from being accessible through the url (/showthread.php?tid=31259) |
Stop form validation callbacks from being accessible through the url - El Forum - 06-11-2010 [eluser]Lyon[/eluser] Hi, I am not sure if this has been mentioned before (searching didn't bring anything up). Code: class Some_class extends Controller As this code stands http://example.com/index.php/username_check will call the username_check function, and http://example.com/index.php/username_check/some_name will call the function with some_name as the $username parameter. You cannot make the function private as then the form_validation library will not be able to access it. A way to stop people from being able to access your callback functions like this you can precede them with an underscore : e.g. function _username_check($username) This means renaming any refrences to the function as well as registering the callback in the validation as : callback__username_check (note the double underscore after callback) Even by using http://example.com/index.php/_username_check your function will not be called. Sorry if this is mentioned elsewhere but I came across this problem today and couldn't find any information regarding it. Maybe a little note on the form_validation user guide page is in order as us newbies manage to do all kinds of stupid things without realising the problems they can cause :-P Also if there is another way of hiding public functions from the browser I would be happy to hear it. I have tried searching for information on it but it seems I must be using the wrong keywords lol. Stop form validation callbacks from being accessible through the url - El Forum - 06-11-2010 [eluser]Twisted1919[/eluser] Code: private function _username_check($username='') Easy huh ? |