Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming How do I prevent general users from accessing the callback function for the form_validation class?
How do I prevent general users from accessing the callback function for the form_validation class?
  • El Forum
    Guest
  •  
#1
05-30-2012, 09:49 AM

[eluser]adityamenon[/eluser]
In my controller, I have:

Code:
controller Some_controller extends CI_Controller {
  function some_page() {
    if($this->input->post()) {
      $this->form_validation->set_rules('some_field', 'Some Field', 'callback_some_field_verifier');
      $this->form_validation->run();
    }
  }

  function some_field_verifier($str) {
    if($str !== 'some sort of verification') {
      return false;
    } else {
      return true;
    }
  }
}

I want to prevent people from visiting mysite.com/some_controller/some_field_verifier/test_var, even if they just come up an empty page. I could add a condition that checks if a variable was supplied, and it's somewhat far-fetched to think someone would think to submit an additional string in the URL, but it's semantically wrong... and might be good hunting for bots looking at site vulnerabilities.

An htaccess redirect comes to mind, but is there an in-framework way to verify that the function is being called only from form_validation class and not by itself? private and protected callback methods don't do the trick because Form validation class cannot call them out of my controller...


Messages In This Thread
How do I prevent general users from accessing the callback function for the form_validation class? - by El Forum - 05-30-2012, 09:49 AM



Theme © iAndrew 2016 - Forum software by © MyBB