Stop form validation callbacks from being accessible through the url |
[eluser]Lyon[/eluser]
Hi, I am not sure if this has been mentioned before (searching didn't bring anything up). Code: class Some_class extends Controller As this code stands http://example.com/index.php/username_check will call the username_check function, and http://example.com/index.php/username_check/some_name will call the function with some_name as the $username parameter. You cannot make the function private as then the form_validation library will not be able to access it. A way to stop people from being able to access your callback functions like this you can precede them with an underscore : e.g. function _username_check($username) This means renaming any refrences to the function as well as registering the callback in the validation as : callback__username_check (note the double underscore after callback) Even by using http://example.com/index.php/_username_check your function will not be called. Sorry if this is mentioned elsewhere but I came across this problem today and couldn't find any information regarding it. Maybe a little note on the form_validation user guide page is in order as us newbies manage to do all kinds of stupid things without realising the problems they can cause :-P Also if there is another way of hiding public functions from the browser I would be happy to hear it. I have tried searching for information on it but it seems I must be using the wrong keywords lol.
[eluser]Twisted1919[/eluser]
Code: private function _username_check($username='') Easy huh ? |
Welcome Guest, Not a member yet? Register Sign In |