Let's say I have a table called user
I want to make a HTTP call roughly like this http://my.awesome.server/dev_api/index.php/login/get_user.php?user=steven&password=12345
Which checks the database if there's a user 'steve' with the password '12345'. These are my codes.
controller
<?php
if(!defined("BASEPATH")) exit("No direct script access allowed");
class login extends CI_Controller
{
public function index()
{
$this->load->model("login_model");
$data["users"]=$this->login_model->get_user();
$this->load->view("login_view", $data);
}
}
model
class Login_model extends CI_Model {
function get_user(){
// get username, like $_GET['user']
$user = $this->input->get('user');
// get the password and MD5-ed it, like md5($_GET['password'])
$md5_pass = md5($this->get('password'));
// the where condition
$this->db->where(array('userName' => $user, 'password' => $md5_pass));
// ok, now let's query the db
$q = $this->db->get('user');
if($q->num_rows() > 0){
foreach ($q->result() as $row){
$data[] = $row;
}
}
return $data;
}
}
?>
view
<?php
if (!empty($users)){
foreach ($users as $u){
echo $u->userId .' '. $u->userName.' '.$u->password.' ';
}
}
?>
Then I opened this on browser: http://my.awesome.server/dev_api/index.php/login/ . The result is
How to properly make a HTTP call, then?
The method in your model is name as get_user()
while you call it as login_model->get()
More over you should use POST instead of GET for username and password.
Also use bcrypt or another hashing algorithm instead of MD5 it's more secure. DO NOT USE MD5
You are trying to work against the framework you are using.
CodeIgniter abstract working with GET parameters by proposing you to use URL segments .
The URI scheme in CodeIgniter is as follow ( see docs ): controller/method/params...
It is divided in segments :
index
, see below) You want to use the method index()
of the controller Login
, it translates to
Also, with mode_rewrite activated with htaccess, it could be simplified in
Now, index()
is a special method as it is the one called by default in a controller. Hence the final URL would be:
Now, if you want to pass parameters to your function, CodeIgniter does this through subsequent segments.
But you need to declare them in the controller method.
class login extends CI_Controller
{
public function index($user = null, $password = null)
{
// Check for $user / $password emptiness
// ...
// Use $user / $password as needed
$data["users"]=$this->login_model->get_user($user , $password);
// use the results...
}
}
And now you could call with:
Notice that I've put index
in the URL? It's because when passing parameters, the method is mandatory.
That said, I will reiterate what other people have said:
password_hash
. Don't reinvent the wheel. Good luck.
if you are passing data via url http://my.awesome.server/dev_api/index.php/login/get_user.php?user=steven&password=12345
You can retrieve it via URI segment
$user= $this->uri->segment(3);
$password= $this->uri->segment(4);
Sorce: https://www.codeigniter.com/userguide3/libraries/uri.html
It is posible that this line $md5_pass = md5($this->get('password'));
is setting the error if $this->get('password') is empty.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.