securing the functions in the controller

[eluser]emrah[/eluser]
I'm thinking about securing the specific functions which are inside of controllers.

Think about we have two functions in a controller

index.php/controllerphp/function1

index.php/controllerphp/function2

Whenever I write these functions in the URL area of the browser they both run.

I'm looking for something to prevent directly access to function1. I only want it to call from the code.

But function2 needs to run from wherever I call it.

Thanks

[eluser]Buso[/eluser]
name it '_function1'

[eluser]emrah[/eluser]
If I use ajax private functions give errors

[eluser]cahva[/eluser]
So actually you need to check if its an ajax call. Then use something like this(or create a helper from it if you need it more than once )

Code:

if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH']=="XMLHttpRequest")
{
    // ajax headers sent.. proceed
}
else
{
    // not an ajax request so stop
    return FALSE;
}

[eluser]CI_avatar[/eluser]
Note: You cannot call a private controller function directly in your request (Ajax or non ajax request), because they are private. As an alternative, let your public function call the private functions in your controller.

I hope it will works.

[eluser]CI_avatar[/eluser]
Buso is right, private function must have <_> + <variable name>. And you cannot call them directly. Let the public functions call your private function.

[eluser]WanWizard[/eluser]
Note that methods starting with an underscore are private from a CI URI point of view (i.e. you can't use them in a URI request), but not from a PHP point of view (you can call them from other classes and/or methods).