How to make more secure login system with codeigniter?
Question
I want to make more secure login system with codeigniter. I can make simple one with this example.
http://www.codefactorycr.com/login-with-codeigniter-php.html
But problem here is that with the example I can have direct access to "check_database" method from url address. But I want to prevent it. So if user tries to get access to the method he will be redirected to login or welcome page. Please note that I might have more than 10 methods. I don't want to configure them one by one. Do you have any solution?
3 answers
solution1
2 ACCPTED 2014-02-27 08:09:30
Using a private function won't work.
If you read the manual you can see you need to write the function with an _ before the function name.
So function check_database() becomes function _check_database()
read here http://ellislab.com/codeigniter/user-guide/general/controllers.html#private
solution2
1 2014-02-28 03:32:53
Include just after the method opening:
if (!$this->input->post())
redirect('somewherelse!');
So if there is nothing as POST request, someone trying to access it directly from URL.
If might have more than 10 methods...
If all methods should just receive POST requests, then put it on __construct(), something like:
function __construct(){
parent::__construct();
if (!$this->input->post())
redirect('somewherelse!');
}
Alternatively you could make a custom library , which could have a CodeIgniter reference to use database, and there make all the login business, returning just true or false on logged status.
solution3
0 2014-02-27 08:05:15
Use Private Functions. These wont be accessible via URL & will be hidden from public access
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.