view raw
Sanks Sanks - 6 months ago 38
PHP Question

Codeigniter - Restricting direct access to controller functions from URL call

I want to know if there is any way through which I can restrict access to my controller functions through URL. But I want to give them a call through my link in the site. For example if I have a link in my site which points to a controller function:

<a href='test/function'>Call me</a>

But I don't want the controller function to be called when I place the above URL in my browser address bar. Can anyone help with this?


As you stated in the comment, that if you want to load the link via AJAX:

Your markup:

<a href="test/function" data-key="abc">

Your jquery:

    var data = $(this).data('key');
    $('#result').load($(this).attr("href") + '?key=' + data);

Then in you CodeIgniter controller, you check to see if your key is present and matches ("abc"), else you return a 403 or something simillar.

Also, you could of course check the $_SERVER['HTTP_REFERER'] to see where the user came from (this is however quite easily spoofed) and only allow access when the GET-request is made from your own site.