[eluser]Michael Wales[/eluser]
Write your code in terms it doesn't trust the user - the user should be able to change anything in your URL and you will gracefully degrade for them:
Example URL: example.com/user/profile/walesmd
Code:
function profile($username = FALSE) {
if ($username === FALSE) {
redirect('users/all');
return;
}
$data['user'] = $this->user->get($username);
$this->load->view('users/profile', $data);
}
Model:
Code:
function get($username = FALSE) {
if ($username !== FALSE) {
$username = (str) $username;
$query = $this->db->get('users', array('username' => $username), 1, 0);
if ($query->num_rows() === 1) {
return $query->row_array();
}
}
return FALSE;
}
View file:
Code:
<?php if ($user !== FALSE): ?>
<?php // Echo out the user's profile information ?>
<?php else: ?>
<p>We couldn't find a user with that username!</p>
<?php endif; ?>