如何防止控制器直接访问? [英] How to protect controller against direct access?
问题描述
我正在将jign与codeigniter一起使用,如果您向我解释如何保护控制器免于直接访问,那将是很好的. 例如, 我已经查看了该标准的jquery行:
I'm using codeigniter with jquery and it would be nice if you explain me how to protect the controller from direct access. For example, I have view with that standard jquery line:
$('#handler').load('tools/get_stats');
工具,这是我的控制器,具有加载统计信息的功能.如果我在浏览器中直接编写脚本 http://site.com/tools/get_stats 的完整地址,打开,当然,这些数据. 如何保护浏览器直接访问控制器?我希望仅在视图中加载数据,而不在控制器直接访问中加载数据.
Tools it is my controller with function for loading statistics. If I write direct in browser full address of script http://site.com/tools/get_stats, browser open, of course, that data. How to protect direct controller access from browser ? I want my data were loaded only in view, not on controller direct access.
推荐答案
为此,CodeIgniter输入类具有一个名为is_ajax_request()的方法.
The CodeIgniter Input Class has a method called is_ajax_request() for this purpose.
if ($this->input->is_ajax_request())
{
//do something
}
else
{
show_error("No direct access allowed");
//or redirect
}
如果您有专用的Ajax控制器,您当然可以在__construct()方法中包含此逻辑,否则可以在控制器中逐个方法地实现它.
If you have a dedicated Ajax Controller, you can of course include this logic in the __construct() method, otherwise it may be implemented on a method by method basis within your controllers.
请参阅:
这篇关于如何防止控制器直接访问?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
