CodeIgniter Forums
url encode - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: url encode (/showthread.php?tid=39300)

url encode - El Forum - 03-07-2011

[eluser]Leonel Folmer[/eluser]
Hi all, I need a help to encode a url, how can I do this with CI? I'm trying to prevent a user from changing the profile of another, currently the url shows the user id at the end of a url like this: http://www.mydomain.com/area/change/1

Code:
<?php echo anchor("area/change/".$user_id, 'Edit profile'); ?>

Any help is welcome, thanks!

url encode - El Forum - 03-08-2011

[eluser]vikascoollives[/eluser]
There is no need to encode the url , what you are supposed to do is :

Check the session id or session username (or any unique parameter) you have insert in the session in every function in controller.

So that one user can not access the other account anyhow .

url encode - El Forum - 03-08-2011

[eluser]InsiteFX[/eluser]
PHP.net urlencode urlrawencode.

InsiteFX

url encode - El Forum - 03-08-2011

[eluser]Leonel Folmer[/eluser]
[quote author="vikascoollives" date="1299588106"]There is no need to encode the url , what you are supposed to do is :

Check the session id or session username (or any unique parameter) you have insert in the session in every function in controller.

So that one user can not access the other account anyhow .[/quote]


Thanks for your time, here is my controller:

Code:
function index()
    {
        if (!$this->authentication->is_logged_in()) {
            redirect('/authenticate/login/');
        } else {
            $data['user_id']     = $this->authentication->get_user_id();
            $data['user_name']   = $this->authentication->get_username();
            
            $this->load->model('area_model');
            $data['users'] = $this->area_model->view();        
            
            $dados['title'] = 'Login area';
            
            $this->db->where('status', 'Active');
            $query = $this->db->get('categories');
            $dados['categories'] = $query->result();
        
            $this->db->where('status', 'Active');
            $query = $this->db->get('users');
            $dados['users'] = $query->result();
        
            $this->load->view('elements/html_header',$dados);
            $this->load->view('area', $data);
            $this->load->view('elements/html_footer');            
        }
    }
    
        // here is the function to change/edit the user profile
    function change($id){
        $data['title'] = "Edit profile";
        $this->load->model('area_model');
        $data['dados_area'] = $this->area_model->change($id);        
        
        $this->db->where('status', 'Active');
        $query = $this->db->get('categories');
        $dados['categories'] = $query->result();
        
        $this->load->view('elements/html_header',$dados);
        $this->load->view('edit_profile',$data);
        $this->load->view('elements/html_footer');                
    }


url encode - El Forum - 03-08-2011

[eluser]danmontgomery[/eluser]
You can check the ID they are trying to change against the ID of the user:

Code:
function change($id) {
    if($id != $this->authentication->get_user_id()) {
        // Show some error
    }
}


url encode - El Forum - 03-08-2011

[eluser]Leonel Folmer[/eluser]
[quote author="noctrum" date="1299629649"]You can check the ID they are trying to change against the ID of the user:

Code:
function change($id) {
    if($id != $this->authentication->get_user_id()) {
        // Show some error
    }
}
[/quote]
Exactly, simple and easy solution. thank you!