Prevent direct action request
Hey guys, I have this setup: Controller C has two actions A1 and A2. In the view of A1, in a loop I am doing requestAction(A2). My problem is that A2 can also be requested directly, by writing in the address bar of the browser: C/A2. Is there anyway of preventing the execution of A2 directly? PS: Don't argue with the current code structure, because I am not willing to change it. I just want to disable direct access to A2, if possible; so that it will only be accessible from A1's view via the requestAction. Thanks a lot --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Prevent direct action request
class ControllerC extends AppController {
function A1() {
// blablabla
}
function A2() {
if (empty($this-params['requested']) || ($this-params
['requested']!=1)) {
$this-redirect('http://www.milinkito.com/swf/bart.php?texto=I
+will+not+call+this+action+directly');
}
// blablabla
}
}
hth
grigri
On Feb 11, 12:39 pm, Bogdan Ursu bogdanvu...@gmail.com wrote:
Hey guys,
I have this setup: Controller C has two actions A1 and A2. In the view
of A1, in a loop I am doing requestAction(A2). My problem is that A2
can also be requested directly, by writing in the address bar of the
browser: C/A2.
Is there anyway of preventing the execution of A2 directly?
PS: Don't argue with the current code structure, because I am not
willing to change it. I just want to disable direct access to A2, if
possible; so that it will only be accessible from A1's view via the
requestAction.
Thanks a lot
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Prevent direct action request
On Feb 11, 1:39 pm, Bogdan Ursu bogdanvu...@gmail.com wrote: Hey guys, I have this setup: Controller C has two actions A1 and A2. In the view of A1, in a loop I am doing requestAction(A2). My problem is that A2 can also be requested directly, by writing in the address bar of the browser: C/A2. Is there anyway of preventing the execution of A2 directly? PS: Don't argue with the current code structure, because I am not willing to change it. I just want to disable direct access to A2, if possible; so that it will only be accessible from A1's view via the requestAction. Is that because you already realize it's a silly design? Leaving aside the usual logic/objections regarding requestAction, using it to get to a function on the *same controller*? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Prevent direct action request
Check if function A2 couldn't be in the model.
You can always prepend your function names with _ to make them
private. function _A2() { } for example.
On 11 fev, 11:22, AD7six andydawso...@gmail.com wrote:
On Feb 11, 1:39 pm, Bogdan Ursu bogdanvu...@gmail.com wrote:
Hey guys,
I have this setup: Controller C has two actions A1 and A2. In the view
of A1, in a loop I am doing requestAction(A2). My problem is that A2
can also be requested directly, by writing in the address bar of the
browser: C/A2.
Is there anyway of preventing the execution of A2 directly?
PS: Don't argue with the current code structure, because I am not
willing to change it. I just want to disable direct access to A2, if
possible; so that it will only be accessible from A1's view via the
requestAction.
Is that because you already realize it's a silly design? Leaving aside
the usual logic/objections regarding requestAction, using it to get to
a function on the *same controller*?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
