CODEWITHSUNDEEP
phpcodeignitercodeigniter-2
user3653474
user3653474

Reputation: 3852

Cannot restrict direct access to views and functions in Codeigniter using basepath

I want to stop direct access to controller functions or views in Codeigniter for that i am using following code, I have seen other similar links on stackoverflow but they are not working, i am able to load the view by hitting url:

Controller: abc.php

<?php 

if (!defined('BASEPATH')) exit('No direct script access allowed');

Class Abc extends CI_Controller {

  public function __construct() {
     parent::__construct();
  }

  public function Create_Course() {
     $this->load->view('abc');
  }
}

?>

View: abc.php

<?php if (!defined('BASEPATH')) exit('No direct script access allowed'); ?>
<html>
  <head>
    <title>ABC</title>
  </head>
  <body>
    <h1>Whatever</h1>
  </body>
</html>

Upvotes: 2

Views: 1702

Answers (2)

mm_foley
mm_foley

Reputation: 78

Per Codeigniters documentation you need to put an underscore before the function name in your controller, like this:

private function _utility()
{
  // some code
}

This is perfect for custom rules for say form validation or anything else you want in the controller but not available via the browser url. Which I think is what you are looking for.

Upvotes: 0

Abdulla Nilam
Abdulla Nilam

Reputation: 38672

NO. You are completely wrong. We newer use this in view

<?php if (!defined('BASEPATH')) exit('No direct script access allowed'); ?>

Every one can see your controller/method(abc/Create_Course ) name but no one knows about your view name without viewing your project. So there is no any purpose to hide or restrict view from others.

There is no way to access view folder from URL. if assume some how some one access this then also no one knows your folder names. so this warning message shows in browser.

<html>
<head>
    <title>403 Forbidden</title>
</head>
<body>

<p>Directory access is forbidden.</p>

</body>
</html>

Upvotes: 1

Related Questions