I am developing a website with many pages whose content will be fetched from database. The whole website is done in codeigniter.
I do not want to have url's like www.mywebsite.com/pages/1 or something.
Rather I would like to have url name (FURL) asked by the administrator at the time of entering the contents of the page. Suppose the admin enters FURL as : study-programs/animation
then the path should be shown as www.mywebsity.com/study-programs/animation
Any suggestions?
1) Foreach page store the page name (could use uri_title())
2) In the routes (application/config/routes) add something like;
$route['page/(:any)'] = "pages/page_lookup";
3) In the pages controller;
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Pages extends CI_Controller {
public function __construct() {
parent::__construct();
}
public function page_lookup($page) {
// do your database query getting page id where page name = $page
$result = $this->page_model->get_page_by_name($page);
// $result could hold the page html
// if so, then just do
$this->load->view($result);
}
}
For more details look at the examples in the Codeigniter manual.
Related
I have used several codes for restricting direct access of controller page from url, but its not happening.
The below code in controller page is not preventing from direct url access. Is there any proper way to prevent from direct access from url?
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Cont extends CI_Controller
{
public function __construct()
{
parent ::__construct();
$this->load->model('test');
}
public function handle($function){
if($function=='abcd'){
$this->load->view('testpage');
}
}
}
You can use HTTP_REFERER which holds the information(address) about the page that referred you to the current page, if it's empty you can redirect it to your 404 page. Also, you should always check for $_SESSION and redirect if not set.
if( !isset($_SERVER['HTTP_REFERER'])) {
$this->load->helper('url');
redirect('/page404');
}
Alternatively, you can also use HTTP_X_FORWARDED_FOR, but it won't help you in AJAX request. Read more about it here and here.
You can use _remap() function inside your Controller, where we can define where to route the method.
The following code blocks all method call to that controller.
function _remap($method)
{
return false;
}
See the DOC here
From documentation
For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible via a browser. By default, .htaccess files are included in each folder to help prevent direct access, but it is best to remove them from public access entirely in case the web server configuration changes or doesn’t abide by the .htaccess.
If you want to prevent direct access to specific methods then you can try
public function _handle(){ //adding _ before the method name
}
Or
private function handle(){ //private functions cannot access by url
}
I have this error when i am trying to access a website from wamp, it is done in codeigniter.
Error:
localhost is currently unable to handle this request. HTTP ERROR 500
homeindex controller
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class HomeIndex extends CI_Controller {
public function __construct(){
parent:: __construct();
$this->load->helper('html');
$this->load->helper('form','url','file');
$this->load->library('session','upload');
}
public function index()
{
//$this->load->view('coming_soon');
$this->load->view('homeIndex');
}
}
route
$route['default_controller'] = 'HomeIndex';
$route['404_override'] = '';
$route['translate_uri_dashes'] = FALSE;
I am able to access other website which are not done using any frameworks.
This website is done using codeigniter. I am not able to access the website.
Can anyone tell me what is the problem?
Multiple loads with one call are done using an array:
$this->load->helper(array('form','url','file'));
$this->load->library(array('session','upload'));
https://www.codeigniter.com/user_guide/libraries/loader.html#CI_Loader::helper
if that doesn't work turn on error reporting (switch to development mode in index.php) and see what the actual error is. 500 error can be many things...
i need to access the admin controller in codeigniter using the url mywebsite.com/admin
but it returns "The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again" error
my code is
routes.php
$route['admin'] = 'admin/adminmain';
adminmain.php (admincontroller)
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Adminmain extends CI_Controller {
public function index()
{
$this->load->view('admin/adminhome');
}
}
In Codeigniter 3 or above controllers name should be capitalized.
The controller file name should be Adminmain.php
controller file name should be Adminmain.php and try to define route like: $route['admin'] = 'admin/Adminmain'; and also check r u defining admin folder under controller folder
I am working with CodeIgniter (V:2.2.6) and I have a simple class User with some basic methods like create, update, edit, delete and index. For the index function, I am using an argument $user (which is the second URI segment) in order to display some information regarding that user. So the default URL looks like:
/user/index/john
to display some information about the user 'john'.
Now, I want to remove the term 'index' from the URL, so that it looks like:
/user/john
For that purpose I have added the following rule in routes.php.
$route['user/(:any)'] = "user/index/$1";
It serves the purpose, but it prevents accessing other functions like /user/create and goes inside /user/index automatically. To solve this problem, I can not see any other way except manually adding routing rules like
$route['user/create'] = "user/create";
for each method of the User class, which is not cool at all. So, please can anyone suggest me a better way of routing under the current circumstances?
Here are my codes:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class User extends CI_Controller {
public function index($user = '') {
echo "index!";
}
public function create() {
echo 'create!';
}
}
Note: I have gone through the CodeIgniter documentation for URI Routing and another similar question here, but could not figure out a promising solution. And please don't suggest for CodeIgniter version update.
I'm not sure, if this is the answer you like, but i think it should work.
Just put this function in your user controller.
public function _remap($method)
{
if (method_exists($this, $method))
{
$this->$method();
}
else
{
$this->index($method);
}
}
I am trying to build a web application with codeigniter. I have installed Ion Auth as my authentication model.
The default Auth.php controller authenticates the user and sets up the session.
<?php defined('BASEPATH') OR exit('No direct script access allowed');
class Auth extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->library('ion_auth');
$this->load->library('session');
$this->load->library('form_validation');
$this->load->helper('url');
$data['title']="Login Page";
$this->load->view("view_site_header",$data);
// Load MongoDB library instead of native db driver if required
$this->config->item('use_mongodb', 'ion_auth') ?
$this->load->library('mongo_db') :
$this->load->database();
$this->form_validation->set_error_delimiters($this->config->item('error_start_delimiter', 'ion_auth'), $this->config->item('error_end_delimiter', 'ion_auth'));
}
//redirect if needed, otherwise display the user list
function index()
{
// if not logged in - go to home page
if (!$this->ion_auth->logged_in())
{
//redirect them to the login page
redirect('auth/login', 'refresh');
}
// if user is an admin go to this page
elseif ($this->ion_auth->is_admin())
{
// if an admin, go to admin area
//set the flash data error message if there is one
$this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
//list the users
$this->data['users'] = $this->ion_auth->users()->result();
foreach ($this->data['users'] as $k => $user)
{
$this->data['users'][$k]->groups = $this->ion_auth->get_users_groups($user->id)->result();
}
$this->_render_page('auth/view_users', $this->data);
} else
{
//redirect them to the default home page
$data['title']="IMS Home Page";
$this->load->view("generic/view_site_header",$data);
$this->load->view("generic/view_generic_nav");
$this->load->view("generic/view_content_generic");
$this->load->view("view_site_footer");
}
}
what I want to do is create a new controller for my application logic and leave the auth controller for authentication.
How can I make use of the auth controller to ensure my user is logged in when accessing my new controller? in addition I need the ession information to be available to the new controller.
my new controller, master_data has the following code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Masterdata extends CI_Controller{
function index ()
{
$data['title']="Master Data Home Page";
$this->load->view("master_data/view_master_data_header",$data);
$this->load->view("master_data/view_master_data_nav");
$this->load->view("master_data/view_content_master_data_home");
$this->load->view("master_data/view_master_data_footer");
echo $this->session->userdata('username');
}
}
obviously the echo $this->session->userdata('username'); does not work as the new controller has no knowledge of the auth controller session.
any help appreciated as always.
Kind Regards,
First autoload the ion_auth library.
If u simply want to check if the user is logged-in, just check it in every controller's constructor u load
public function __construct() {
parent::__construct();
if (!$this->ion_auth->logged_in()) {
// redirect to login view
}
}
If u happen to have multiple groups , u can create a new controller inside application/core/MY_controller.This controller will check whether user is logged in.You can extend this base controller to create new controller.A very good explanation on this is given by David john.Check this link .
obviously the echo $this->session->userdata('username'); does not work as the new controller has no knowledge of the auth controller session.
Eh...if the session library is loaded, then yes...the controller calling it will be able to access the session variable $username.
The way we handle this is to create a new controller parent class like MY_Controller in the application/core directory. This class loads common libraries/packages (like session and ion_auth). You could also autoload the libraries and helpers.
Since ion_auth stores all of the user profile data in a session var, all you need (on subsequent, non-authenticated) pages is the session lib to retrieve session data about the logged in user.
You really should check for their auth status though, and fail gracefully:
if (!$this->ion_auth->logged_in()) {
// echo a login link
} else {
// echo session var for username
}
Something like that...
jcorrys approach should work. An alternative approach (which will give your entire application a great deal more flexibility is to use a modular layout - https://bitbucket.org/wiredesignz/codeigniter-modular-extensions-hmvc
You will have to do a bit of fiddling to get it to play nicely with ion auth, but following the instructions in this question worked for me: Using Ion Auth as a separate module in the HMVC structure (have a look at the forks of ion auth on git hub - I think someone may have already done it for you)
This approach will allow you to access any method in any controller from anywhere in your application (even from a view if you need to) using this kind of syntax: modules::run('module/controller/method', $params);
This will essentially allow you to develop the existing ion auth controller into a user management controller which you can access from any other controllers you create (nice and dry).