Welcome Guest, Not a member yet? Register   Sign In
Good idea or Bad idea?
#1

[eluser]asmedrano[/eluser]
I might be over thinking this.
Simple form...' mysite/form' ----> submits to ---- >'mysite/processform' (w/e)
Whats the best way to keep people from stumbling to that page mysite/processform should they have that inclination?

What do you guys/gals think about this:

Code:
function processform ()
    {
        if($_SERVER['REQUEST_METHOD'] =='POST') {

                     //// do all form validation ect

                 }
                 else{

                    //// they came directly to this page for some reason so send user to another page.
                    
                }

    }

? Any thoughts?
#2

[eluser]Damien K.[/eluser]
If you're concerned about people accessing 'processform', you may want to submit the form to itself and then forward off to '_processform' for processing (note the rename of the function with an underscore to prevent access).
#3

[eluser]asmedrano[/eluser]
Interesting... got a quick sample?

Im curious to see if anyones got a CI best practice?

Either way, thanks for the reply!
#4

[eluser]Damien K.[/eluser]
Code:
function form()
{
    ...
    if ($this->form_validation->run() !== false)
    {
        $this->_processform();
    }
    ...
}

function _processform()
{
    ...
}
#5

[eluser]BrianDHall[/eluser]
I just do something like this, specific to one of the required form fields:

Code:
if ($this->input->post('login')
{
    ...
}

Or sometimes like Damien's example, depending on how I think I may wish to use the form.

The way any page is set there should never be a worry that someone will find it who shouldn't - there is no such thing as a truly hidden page on the internet Smile




Theme © iAndrew 2016 - Forum software by © MyBB