Welcome Guest, Not a member yet? Register   Sign In
to be sure
#1

[eluser]bas_vdl[/eluser]
i know you can write CI applications in a lot of different ways. i just want some feed-back on my code? it's early in the project so it is easy to change the way of coding.

Controller - add:
Code:
function insert_record($data)
    {
        $query = $this->db->insert($this->table, $data);
        
        return (1 == $this->db->affected_rows()) ? TRUE : FALSE;
    }

Model - add:
Code:
function add()
    {
        if ($this->form_validation->run() == FALSE)
        {
            $this->form_validation->set_error_delimiters('<li class="error">', '</li>');

            //get groups
            $query = $this->db->get('groups');
            $data['groups'] = $query->result();

            $this->load->view('users/add', $data);
        }
        else
        {
            $data->GroupId = $this->input->post('group');
            $data->FirstName = $this->input->post('firstname');
            $data->LastName = $this->input->post('lastname');
            $data->Email = $this->input->post('email');
            $data->Username = $this->input->post('username');
            $data->Password = $this->input->post('password');
            
            if ($this->users->insert_record($data))
            {
                $this->session->set_flashdata('confirm', 'Gebruiker succesvol opgeslagen');
            }
            else
            {
                $this->session->set_flashdata('error', 'Er ging iets mis');
            }
            
            redirect('/users/index', 'refresh');
        }
    }
#2

[eluser]n0xie[/eluser]
I believe you have your model and controller mixed up Smile

Apart from the lack of form_validation rules, it seems fine by me (well obviously you would also want to do some data validation and sanitizing).

One thing I would do is load the error and confirm message from a language file, if there is even the slightest chance the site/application will oneday be multi language. It's very annoying to change those later...
#3

[eluser]bas_vdl[/eluser]
[quote author="n0xie" date="1253740459"]I believe you have your model and controller mixed up Smile

Apart from the lack of form_validation rules, it seems fine by me (well obviously you would also want to do some data validation and sanitizing).

One thing I would do is load the error and confirm message from a language file, if there is even the slightest chance the site/application will oneday be multi language. It's very annoying to change those later...[/quote]

i'm using the form_validation.php config file to load the validation rules like valid_email, qequired etc. language file is a good idea! just looking into that!

what do you mean with: sanitizing?
#4

[eluser]n0xie[/eluser]
Data sanitizing means to filter any unwanted piece of input from any resource (for example an user filling in a form). CodeIgniter has some basic security measures in place but it's always a good thing to double check.

This will explain a lot: http://mavrck.com/blog/2009/04/05/keepin...te-secure/




Theme © iAndrew 2016 - Forum software by © MyBB