+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: How to secure the segment passed by the user? (/showthread.php?tid=48766)
How to secure the segment passed by the user? - El Forum - 01-27-2012
[eluser]FlyingCat[/eluser]
Hi guys. I was wondering what are the best practice before sending segment to the Model.
For example:
Get the segment1 from
base_url/controller/query_detail/segment1
on my controller
Code:
public function query_detail($segment1)
{
//what are the best practice before I send the segment1 to the Model?
$this->load->model('model');
$this->model->query($segment1);
......
}I hope I explain well. Thanks for the help.
How to secure the segment passed by the user? - El Forum - 01-27-2012
[eluser]Bhashkar Yadav[/eluser]
yes, in the same way ... a little change
Code:
$this->model->model_method($segment1);now you can access segment into model_method of model and also $segment1.
How to secure the segment passed by the user? - El Forum - 01-27-2012
[eluser]FlyingCat[/eluser]
[quote author="Bhashkar" date="1327718355"]yes, in the same way ... a little change
Code:
$this->model->model_method($segment1);now you can access segment into model_method of model and also $segment1.
[/quote]
I have the same thing you have. $this->model->query($segment1)
The 'query' is my model method. I thought people usually check the security before sending the segment to the Model? I just don't know what's the best practice in CI
How to secure the segment passed by the user? - El Forum - 01-27-2012
[eluser]InsiteFX[/eluser]
If you are retrieving the segment then you should know the type and length of it!
Check your segment for it's type and length...
Never never never trust your users input!!!