Codeigniter - 限制从URL调用直接访问控制器函数 [英] Codeigniter - Restricting direct access to controller functions from URL call

问题描述

我想知道是否有任何方式可以通过URL限制对控制器功能的访问。但我想通过我的链接在网站给他们打电话。例如，如果我的网站中有一个指向控制器函数的链接：

 < a href ='test / function '>给我打电话< / a> 
  

但是我不想在我的浏览器中放置上述URL时调用控制器函数地址栏。

解决方案

正如你在注释中所说，如果你想通过AJAX加载链接：

您的标记：

 < a href =test / function data-key =abc> 
  

您的jquery：

  $（'a'）。on（'click'，function（）{
 var data = $（this）.data（'key'）; 
 $（'结果'）。load（$（this）.attr（href）+'？key ='+ data）; 
}）;然后在你的CodeIgniter控制器，你检查你的密钥是否存在和匹配（abc ）
 
 
 
另外，你也可以检查 $ _ SERVER ['HTTP_REFERER'] 查看用户来自哪里（这是很容易欺骗），并且只有当GET请求是从您自己的网站发出时才允许访问。
 
I want to know if there is any way through which I can restrict access to my controller functions through URL. But I want to give them a call through my link in the site. For example if I have a link in my site which points to a controller function:
<a href='test/function'>Call me</a>
But I don't want the controller function to be called when I place the above URL in my browser address bar. Can anyone help with this?
解决方案
As you stated in the comment, that if you want to load the link via AJAX:

Your markup:
<a href="test/function" data-key="abc">
Your jquery:
$('a').on('click',function(){
    var data = $(this).data('key');
    $('#result').load($(this).attr("href") + '?key=' + data);
});
Then in you CodeIgniter controller, you check to see if your key is present and matches ("abc"), else you return a 403 or something simillar.

Also, you could of course check the $_SERVER['HTTP_REFERER'] to see where the user came from (this is however quite easily spoofed) and only allow access when the GET-request is made from your own site.

                        
这篇关于Codeigniter  - 限制从URL调用直接访问控制器函数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！