CodeIgniter Forums
help with uri segment and 404 pages - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: help with uri segment and 404 pages (/thread-42802.html)



help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]kev[/eluser]
Hi everybody,

Let's i have my site with the following URL

Quote:http://www.mysite.com/products/product_info/1

products is the Class and product_info is the method. If I add a single quote next to product_info like below:

Quote:http://www.mysite.com/products/product_info'/1

I get some errors like this :

Quote:A PHP Error was encountered
Severity: Notice
Message: Undefined index: product_info'
Filename: controllers/products.php
Line Number: 258

is there some kind of fix to prevent this from happening?


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]osci[/eluser]
Basically with default setup (not allowing the ' char) and error reporting to 0, like in a production environment you'll get a "The URI you submitted has dissallowed characters" error which is 400 Bad Request error, which is good for such a scenario. They shouldn't type such a uri, and since they did a 400 is ok.

I think you are troubled because you are seeing informative error which in development machine should anyway be visible. But as I said in a production environment there would not be an error displayed and you would normally get the 400.


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]kev[/eluser]
the problem is, event if I add it in the permitted uri chars, it doesn't work Confused consider this example

http://www.mysite.com/products/[email protected]/194

As you can see, there is an @ sign in the URI, it should give send me to the page not found or something similar.. but that doesn't work :S


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]kev[/eluser]
I think i misunderstood the concept -____- ... I will come back if everything work


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]kev[/eluser]
Ok this is my config for URI

$config['permitted_uri_chars'] = 'a-z [email protected]%.:_\-&';

http://www.mysite.com/products/product-info/194'

I believe the URL above should send me to page not found or dissallowed characters?


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]adityamenon[/eluser]
What is the error message you are receiving when you type in http://www.mysite.com/products/product-info/194

Ideally, it should be a "Product not found" error page that you redirect the customer to. Your code in the product-info function should check for invalid characters and react.


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]kkristo[/eluser]
This is CI 2.x.x bug. I have same thing, but this mean, you have custom 404 controller defined from router.php config

like this.
$route['404_override'] = 'error/index/';

if i set $route['404_override'] = '' empty, then all thinks works fine.


help with uri segment and 404 pages - El Forum - 06-20-2011

[eluser]osci[/eluser]
Basically its a 400 error not a 404.
I don't know if it should be grabbed by 404_override

In such a scenario you would set allow uri chars to empty string so that everything is allowed and you get your 404. But won't you have allowed "malicious" character to pass to your server? Just to get a 404? Would a user type /products/product-info/194 ? And if he did and he made a mistake wouldn't he go to his address bar and correct his mistake?

You would compromise security in favor of a 404?