防止在Codeigniter中直接访问表单发布功能
[英]prevent direct access to form post function in codeigniter
问题描述
I am using Codeigniter to create a web application. 
我正在使用Codeigniter创建一个Web应用程序。 The problem I am having is with the function for submitting the form. 我遇到的问题是提交表单的功能。 What I want to do is to prevent direct access from URL by using the function in the form, So if anyone copy the action method from the form and enter access it by the URL, it will deny the access. 我想做的是通过使用表单中的函数来防止从URL直接访问,因此,如果有人从表单复制操作方法并通过URL输入访问权限,它将拒绝访问。
Please guide me through this. 请指导我。
Thanks you. 谢谢。
3 个解决方案
解决方案1
3 已采纳 2013-09-04 15:35:21
Strictly speaking, doing something like if($_POST) or if($this->input->post()) will work in 90% of cases, they aren't 100% correct. 严格来说,执行if($_POST)或if($this->input->post())在90%的情况下都有效,但并非100%正确。 Why not? 为什么不? Well, if you have a post where the person has triggered the form without actually filling anything out, they will still POST . 好吧,如果你有,而该人已触发形式实际上不填写任何东西出来后,他们仍然会POST 。
If you really want to make sure that someone is POST ing to your controller, you need to check the REQUEST_METHOD . 如果你真的想确保有人POST荷兰国际集团到您的控制器,您需要检查REQUEST_METHOD 。
if($_SERVER['REQUEST_METHOD'] === 'POST')
{
// this is a POST
}
else
{
show_404('not-a-POST!');
}
All of that said, there are very few times when limiting to POST is the best option. 所有这一切都表示, 很少有时间的时候限制POST是最好的选择。 Realistically you should be handling GET and POST gracefully. 实际上,您应该优雅地处理GET和POST 。
解决方案2
1 2013-09-04 15:31:33
Try: 尝试:
if( $this->input->post(null)){
//your form submit code here
}
解决方案3
0 2013-09-04 15:31:39
You simply check the $_POST variable to do this, 您只需检查$ _POST变量即可执行此操作,
if(!is_array($_POST) || count($_POST)==0)
{
die('You have no access');
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.