如何禁用直接访问回调函数?

时间:2012-10-02 01:02:38

标签: codeigniter codeigniter-2 

<? if ( ! defined('BASEPATH')) exit();

    class Registration extends CI_Controller {

        public function __construct() {
            parent::__construct();
            $this->load->model('registration_model');
        }

        public function index() {
            $this->load->library('form_validation');

            $this->form_validation->set_rules('email', 'E-mail', 'trim|required|valid_email|callback_email_available');

            if($this->form_validation->run() == FALSE) {
                $this->load->view('registration');
            } else {
                $this->registration_model->add_user();
            }
        }

        # Check E-mail
        public function email_available($email) {
            $this->db->select('email');
            $this->db->where('email', $email);
            $query = $this->db->get('users');
            $result = $query->row();

            if(!empty($result)) {
                $this->form_validation->set_message('email_available', 'This e-mail belongs to another user.');
                return FALSE;
            } else {
                return TRUE;
            }
        }

    }
    ?>

我有一份表格验证的注册表格。 我有一个回调函数来验证电子邮件的唯一性。

所有代码都可以正常工作,但我可以直接访问带错误的回调函数

examle.com/registration/email_available 

A PHP Error was encountered
Severity: Warning
Message: Missing argument 1 for Registration::email_available()
Filename: controllers/registration.php

A PHP Error was encountered
Severity: Notice
Message: Undefined variable: email
Filename: controllers/registration.php

如何拒绝直接访问回调函数?

2 个答案:

答案 0 :(得分:6)

您可以使用_为方法名称添加前缀,以拒绝通过HTTP请求进行访问。

答案 1 :(得分:1)

我的建议是将验证规则放入单独的文件中。 CodeIgniter允许您在config/form_validation.php中保存验证配置,从而支持此功能。请查看Form Validation Documentation,特别是标有将验证规则集保存到配置文件的部分。

您的控制器索引:

public function index() {
    $this->load->library('form_validation');
    if($this->form_validation->run('submit_registration') == FALSE) {
        $this->load->view('registration');
    } 
    else{
        $this->registration_model->add_user();
    }
}

配置/ form_validation.php 

$config = array
(   
    'submit_registration' => array
    (
        array(
            'field' => 'email',
            'label' => 'Email',
            'rules' => 'trim|required|valid_email|email_available'
        ),
        array(
            'field' => 'username',
            'label' => 'Username',
            'rules' => 'required|alpha_numeric|etc'
        )
    ),
    'some_other_submission' => array(
        array(
            'field' => 'somefield',
            'label' => 'SomeField',
            'rules' => 'some|rules'
        ),
        array(
            'field' => 'getit',
            'label' => 'Get The Point?',
            'rules' => 'trim'
        )
    )
);

库/ MY_Form_validation.php 

class MY_Form_validation extends CI_Form_validation
{   
    function __construct($config = array()){
        parent::__construct($config);
    }

    function email_available($email){
        $CI =& get_instance();
        //check your database with the $CI variable...
       if(email_exists) return TRUE;
       else return FALSE;
    }
}
相关问题
最新问题