How to do HTTP GET within CodeIgniter?
Question
Let's say I have a table called user
I want to make a HTTP call roughly like this http://my.awesome.server/dev_api/index.php/login/get_user.php?user=steven&password=12345
Which checks the database if there's a user 'steve' with the password '12345'. These are my codes.
controller
<?php
if(!defined("BASEPATH")) exit("No direct script access allowed");
class login extends CI_Controller
{
public function index()
{
$this->load->model("login_model");
$data["users"]=$this->login_model->get_user();
$this->load->view("login_view", $data);
}
}
model
class Login_model extends CI_Model {
function get_user(){
// get username, like $_GET['user']
$user = $this->input->get('user');
// get the password and MD5-ed it, like md5($_GET['password'])
$md5_pass = md5($this->get('password'));
// the where condition
$this->db->where(array('userName' => $user, 'password' => $md5_pass));
// ok, now let's query the db
$q = $this->db->get('user');
if($q->num_rows() > 0){
foreach ($q->result() as $row){
$data[] = $row;
}
}
return $data;
}
}
?>
view
<?php
if (!empty($users)){
foreach ($users as $u){
echo $u->userId .' '. $u->userName.' '.$u->password.' ';
}
}
?>
Then I opened this on browser: http://my.awesome.server/dev_api/index.php/login/ . The result is
How to properly make a HTTP call, then?
3 answers
solution1
2 2018-03-21 16:28:26
The method in your model is name as get_user() while you call it as login_model->get()
More over you should use POST instead of GET for username and password.
Also use bcrypt or another hashing algorithm instead of MD5 it's more secure. DO NOT USE MD5
solution2
1 ACCPTED 2018-03-22 13:22:23
You are trying to work against the framework you are using.
CodeIgniter abstract working with GET parameters by proposing you to use URL segments .
The URI scheme in CodeIgniter is as follow ( see docs ): controller/method/params...
It is divided in segments :
- the controller (mandatory)
- the method (mandatory, but may be implied in case of
index, see below) - the first param (optional)
- the second param (optional)
- ... and so on
You want to use the method index() of the controller Login , it translates to
Also, with mode_rewrite activated with htaccess, it could be simplified in
Now, index() is a special method as it is the one called by default in a controller. Hence the final URL would be:
Now, if you want to pass parameters to your function, CodeIgniter does this through subsequent segments.
But you need to declare them in the controller method.
class login extends CI_Controller
{
public function index($user = null, $password = null)
{
// Check for $user / $password emptiness
// ...
// Use $user / $password as needed
$data["users"]=$this->login_model->get_user($user , $password);
// use the results...
}
}
And now you could call with:
Notice that I've put index in the URL? It's because when passing parameters, the method is mandatory.
That said, I will reiterate what other people have said:
- Avoid passing login/password through GET. Prefer POST.
- Use an encrypted connection ( HTTPS )
- Do NOT hash your password with md5 or even sha1. You need a strong algorithm. You also need to salt. Anyway, PHP got you covered with
password_hash. Don't reinvent the wheel.
Good luck.
solution3
0 2018-03-21 17:35:20
if you are passing data via url http://my.awesome.server/dev_api/index.php/login/get_user.php?user=steven&password=12345
You can retrieve it via URI segment
$user= $this->uri->segment(3);
$password= $this->uri->segment(4);
Sorce: https://www.codeigniter.com/userguide3/libraries/uri.html
It is posible that this line $md5_pass = md5($this->get('password')); is setting the error if $this->get('password') is empty.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.