5
<? if ( ! defined('BASEPATH')) exit();

    class Registration extends CI_Controller {

        public function __construct() {
            parent::__construct();
            $this->load->model('registration_model');
        }

        public function index() {
            $this->load->library('form_validation');

            $this->form_validation->set_rules('email', 'E-mail', 'trim|required|valid_email|callback_email_available');

            if($this->form_validation->run() == FALSE) {
                $this->load->view('registration');
            } else {
                $this->registration_model->add_user();
            }
        }

        # Check E-mail
        public function email_available($email) {
            $this->db->select('email');
            $this->db->where('email', $email);
            $query = $this->db->get('users');
            $result = $query->row();

            if(!empty($result)) {
                $this->form_validation->set_message('email_available', 'This e-mail belongs to another user.');
                return FALSE;
            } else {
                return TRUE;
            }
        }

    }
    ?>

我有一个带有表单验证的注册表单。我有一个回调函数来验证电子邮件的唯一性。

所有代码都可以正常工作,但我可以直接访问有错误的回调函数

examle.com/registration/email_available

A PHP Error was encountered
Severity: Warning
Message: Missing argument 1 for Registration::email_available()
Filename: controllers/registration.php

A PHP Error was encountered
Severity: Notice
Message: Undefined variable: email
Filename: controllers/registration.php

如何拒绝直接访问回调函数?

4

2 回答 2

6

您可以在方法名称前面加上一个前缀,_以拒绝通过 HTTP 请求进行访问。

于 2012-10-02T03:06:13.233 回答
1

我的建议是将您的验证规则放入一个单独的文件中。CodeIgniter 通过允许您将验证配置保存在config/form_validation.php. 查看表单验证文档,特别是标记为将验证规则集保存到配置文件的部分。

您的控制器的索引:

public function index() {
    $this->load->library('form_validation');
    if($this->form_validation->run('submit_registration') == FALSE) {
        $this->load->view('registration');
    } 
    else{
        $this->registration_model->add_user();
    }
}

配置/form_validation.php

$config = array
(   
    'submit_registration' => array
    (
        array(
            'field' => 'email',
            'label' => 'Email',
            'rules' => 'trim|required|valid_email|email_available'
        ),
        array(
            'field' => 'username',
            'label' => 'Username',
            'rules' => 'required|alpha_numeric|etc'
        )
    ),
    'some_other_submission' => array(
        array(
            'field' => 'somefield',
            'label' => 'SomeField',
            'rules' => 'some|rules'
        ),
        array(
            'field' => 'getit',
            'label' => 'Get The Point?',
            'rules' => 'trim'
        )
    )
);

库/MY_Form_validation.php

class MY_Form_validation extends CI_Form_validation
{   
    function __construct($config = array()){
        parent::__construct($config);
    }

    function email_available($email){
        $CI =& get_instance();
        //check your database with the $CI variable...
       if(email_exists) return TRUE;
       else return FALSE;
    }
}
于 2012-10-02T02:48:06.090 回答