hide passed IDs in URL - laravel

noob question. when I pass an id in the route to query my DB, is there a way to prevent the actual id from showing in the URL in browser.
If not, is there a way to prevent the user from changing the id in the URL and access other information?
Some sort of validation you get from clicking the link on the previous page or something.
I hope this make sense.

You could retrieve your record with an hash instead of the id directly.
You can use package like https://github.com/mitchellvanw/hashids (there must be some others)
Also, if you just want to hide it, you can POST it to your page. Don't forget that users can still change the form informations.

U can use base64_encode() and base64_decode to hide url from users and preventing them to change.

Related

What code should I add (and where) on my website to track events/identify users on my website using segment.com?

I want to configure segment.com properly on my site and use it to manage all other apps/tools. I already installed the segment javascript on my site and used it as the source. Now, I am pushing these to MixPanel, Facebook, Google Analytics, etc.
What code should I add if I want to track an event and/or identify a user?
For simplicity's sake, i have a landing page (site.com/landing-page) with a form. After a successful submission, it redirects to a thank you page (site.com/thank-you-page).
The default settings already track the page views, and are pushing that same event to the different tools (FB: PageView, MixPanel: Loaded a Page, etc).
But in this case, i want to track the event and capture the person's information. And i don't know what to code to add and where.
My research so far
According to this article:
The best way to track new users is in client-side javascript on the welcome page after they signup, below we’ll explain why.
So, based on that, I add the code to my thank you page. But where? Header like adding GA scripts? body tag? I can add it anywhere, but i don't know where.
Next is what code should I add?
The example from the same article above:
When a new visitor goes to their site that visitor is anonymous. As soon as the visitor connects their Facebook account, Rdio knows who they are and creates a user record.
As part of that new user record the person is assigned a userId. Let’s say the new userId is 12345. Rdio will then need to fire the following calls on the welcome page:
analytics.identify('12345',{ name:'Jake Peterson', email:'friends#segment.com'});
analytics.track('Account Created',{ authentication:'Facebook'})
This gives me two problems: track and identify.
Track Problem
I'll start with the track. Based on how I understood this, assuming the event name i want to be added is "Downloaded PDF" then I want to store the title of it as well. It should look like this, right?
<script>
analytics.track('Downloaded PDF', {
title: 'Awesome Title'
});
</script>
Am I correct to enclose them inside <script> tags?
The tracking of an event seems a bit easier to understand that the identify part. But would love to know if i got that part right.
Identify Problem
Here, i have two questions:
where does userId come from? Is it automatically generated? For example, inside my MixPanel account, i see them. Is that what i use?
How do i reference to the userId? or any of the other traits I want to track in my code?
Taking from the same example above:
analytics.identify('12345',{ name:'Jake Peterson', email:'friends#segment.com'});
If i add this exact code on my thank you page, every signup will be assigned those values: '12345', 'Jake Peterson', and 'friends#segment.com', right?
What code should I add to (1) assign them the right userId (2) and get the name and email traits from the form of the previous page.
Let's say i'm only collecting first name and email.
analytics.identify("userId"{ firstName:"firstName", email:"email"});
If I add this code to my thank you page, will it automatically assign the userId, firstName, email values of the form that was submitted? That's the part I don't understand. What code to add to dynamically push the correct data.
And i know i'm not even adding the Alias part for MixPanel yet, but i just want to understand this part and the rest (hopefully) will be easier to understand.

CodeIgniter Pagination is not working with routing

I want to show all users page wise initially. So if I browse http://mydomain/user it will redirect to http://mydomain/user/page/1 and so on. But if I browse http://mydomain/user/1 it will show only single user with id of user.
http://mydomain/user/1 >> it works fine. But as I want pagination so I want to redirect http://mydomain/user to http://mydomain/user/page/1 always
My Routing Info is:
$route['user/(:num)'] = 'user/index/$1';
$route['user'] = 'user/page/$1';
But when I pressed to http://mydomain/user it does not rout to user/page/$1. I have index() method which output to single user information if I give slug. so get a page wise list I used routing and page method. But it is not working. it gives 404 Page not found
Could anybody have solution please..
I think you need to look at the manual for routing:
http://ellislab.com/codeigniter/user-guide/general/routing.html
As far as i can see your second route doesn´t make much sense, you are calling the method page() of your User class - and trying to pass in $1 which does not exist. I think you need to explain better what you want to achieve with your second route - I don´t really see why you need it at all at the moment.

CakePHP session data cleared on paginator sort

My session data is being saved in my form as expected.
However, when I run a sort on any column of my results, my form session values are cleared.
I am calling in my search form through en element as it's used on specific locations of the site.
Does anyone know why pagination is clearing out my session? Is this standard Cake?
The paginator sort elements are simply a link generated by the paginator and won't consider any of your form data. The first thing you need to make sure that you're doing is tell the paginator to include any URL paramters for the current page in the url it generates. Put this anywhere in the view before you call any of the $paginator functions.
$paginator->options(array('url' => $this->passedArgs));
Secondly, make sure that your search parameters are being included in the URL. It sounds like they probably aren't. I just answered another question on the best practices of search result URLs here: CakePHP Search Results Best Practices
I solved this:
CakePHP session ID path or other method to share the results of a url - recommendations welcome

How to convert a Blogger user name to numeric ID

When working with the Blogger API the user ID is expected to be numeric. I found out my numeric ID by looking at the URL for my Blogger profile page. However, I want my users to be able to use their usual Blogger user name. So:
Is there a way to convert Blogger
user names to numeric user IDs?
Is there a way to pass in user names
instead of IDs to the Blogger API?
Thanks!
It depends on what you are trying to do, but in most use cases you don't need to explicitly know this information because the authToken will take care of resolving these issues for you if you use the default URLs with the API. But, in the interest of providing an answer in case you really do need to know this:
After the user authenticates, just request some information, like the list of blogs, and you'll be able to extract the ID number from your choice of several places in the response.
Not really, except that during login you use the username. Otherwise you need to use either default, assuming an active authToken, or the ID to reference a particular user's Blogger content.

Automating filling Forms

Renting houses can be nasty so I need to automate it. Please, have a look at here. If you make a mistake, all of your changes are gone. I tried to insert the values in the url like:
https://www.hoas.fi/web/hak_inet.nsf/WebHakemus?OpenForm&02.07?PersonFirstName=Alex?PersonLastName=Smith
but it does not work. What is the problem?
Firstly, your query string is incorrect. It should be:
https://www.hoas.fi/web/hak_inet.nsf/WebHakemus?OpenForm&02.07&PersonFirstName=Alex&PersonLastName=Smith
Secondly, in order to pre-populate the page with the results of the query string, the developer of the page would have had to added logic to extract the query string values and pre-populate the page with those values. In this case, it does not appear that they have done that.
You could try saving the page locally as HTML. Then you could modify the HTML to include your default values. You would also need to update any relative paths to point to the server as a full URL. Then you could open the page on your machine and hopefully post to the server. This assumes that they are not injecting any session or other temporary information in the page that they validate.

Resources