Security related to controller URL |
Hi Php_rocks
my controller code is function getQualDetailsHTML(){ $personId = $this->session->userdata('ADMIN_SESSION_PERSONID_VAR'); $qualDetails = $this->qualificationModel->getQualData($personId); $output = ''; $output = '<table class="table table-striped"> <thead> <tr> <th scope="col">#</th> <th scope="col">Graduation Year</th> <th scope="col">Institution Name</th> <th scope="col">Course Name</th> <th scope="col">Operation</th> </tr> </thead> <tbody>'; for ($getDet =0; $getDet < count($qualDetails);$getDet++) { $counter = $getDet+1; $output = $output .'<tr><td scope="row">'; $output = $output . $counter .'</td><td>'.$qualDetails[$getDet]->PASS_YEAR; $output = $output . '</td><td>'.$qualDetails[$getDet]->UNIVERTSITY_NAME; $output = $output . '</td><td>'.$qualDetails[$getDet]->COURSE_NAME; $output = $output . '</td><td><a href="#" class="fa fa-pencil"></a><a href="#" class="fa fa-times" onclick="deleteQual('.$qualDetails[$getDet]->QUALIFICATION_ID.')"></a></td></tr>'; } $output = $output .'</tbody></table>'; $output = $output .'<div class="col-md-12 text-center"><button type="submit" id="addQualButton" class="btn btn-danger mb-10">Add Qualification</button></div>'; //echo $output1.$output.$output2.$output3; echo $output; } in the view i have the code like <script> function getQualDets() { $.ajax({ url: "<?php echo base_url().'qualification';?>", success: function(data) { console.log(data); $('#qualification-list').html(data); }, dataType: "html" }); }; </script> In the config file of routes i have $route['qualification'] ='qualification/getQualDetailsHTML'; For security reasons i am currently thinking the check of the session variable ie if the session is set it will html else no html. But a problem is there that if the session is set and user copy pastes the url in a different window then the out from the controller will be shown . Thanks |
Messages In This Thread |
Security related to controller URL - by ppuhan1389 - 06-21-2018, 04:40 PM
RE: Security related to controller URL - by php_rocs - 06-21-2018, 08:17 PM
RE: Security related to controller URL - by ppuhan1389 - 06-22-2018, 01:55 PM
RE: Security related to controller URL - by InsiteFX - 06-22-2018, 04:02 AM
RE: Security related to controller URL - by ppuhan1389 - 06-22-2018, 04:08 AM
RE: Security related to controller URL - by dave friend - 06-22-2018, 04:24 AM
RE: Security related to controller URL - by ppuhan1389 - 06-22-2018, 04:06 AM
RE: Security related to controller URL - by dmyers - 06-22-2018, 02:04 PM
RE: Security related to controller URL - by JohnYork - 09-01-2020, 03:57 AM
|