html - How should I edit a model entry in mvc? -

-

i working on small app using phalcon php framework. have implemented multiple controllers , models, far when want edit user example, use link links

localhost/myappname/user/edit/11 "user's id"

i told not best way this, , trying without passing id through url, using post method in forms without success far. correct way edit or delete entry or there better? tried search problem couldn't figure how name question yet find answered question.

if don't want let access edit page can in few ways.

solution #1

you can use phalcon acl block user's has no permission edit page allowed people managers can edit user or whatever.

see access control lists acl

solution #2

you can crypt/decrypt user id in url not readable humans , in edit method try dectypt id , if not valid echo error.

<?php      use phalcon\crypt;      // create instance     $crypt   = new crypt();      $key     = 'le password';     $user_id = 5;      $encrypt = $crypt->encryptbase64($user_id, $key);     // use $encrypt url <a href="/user/edit/{{encrypt}}">edit</a>      // use decrypt real id of user     $crypt->decryptbase64($encrypt, $key);  ?>

in way users see url like

localhost/myappname/user/edit/nomgppxd+gaeazap8erf2umtrfl9ghdw1lxvvf39sgkf34afnzok31vdat/owadppj4xgaunclqkrlc/2mfaxq==

for more info see encryption/decryption

but personal opinion is better go acl. after acl made kind of things.

note! if want use encrypt/decript remember wrap decryption in edit method in try/catch block , catch exception don't error if tries guess sone id.

solution #3

if still want using post don't use <a href="...">edit</a> instead can try like:

<form method="post">     <input type="hidden" name="uid" value="{{ user_id }}"/>     <button type="submit">edit</button> </form>

and in edit method catch id like:

<?php     $user_id = $this->request->getpost("uid"); ?>

note! in way url not contain user id still can post uid can try hide real user id input type hidden. can use again crypt/decrypt input hidden uid can crypted , decrypt post data in method.


Comments

Post a Comment

Popular posts from this blog

html - Firefox flex bug applied to buttons? -

-
i'm trying apply flex button on firefox i'm having problem on chrome doesn't happens. this css: .button { display: inline-flex; align-items: center; } as can see in fiddle, "caret" word moved new line, happens if element <button> tag, <div> works expected. http://codepen.io/anon/pen/xblmgx is firefox bug or there css i'm missing? nevermind, looks "mr firefox" doesn't idea... <button> not implementable (by browsers) in pure css, bit of black box, perspective of css. means don't react in same way e.g. <div> would. this isn't specific flexbox -- e.g. don't render scrollbars if put "overflow:scroll" on button, , don't render table if put "display:table" on it. stepping further, isn't specific <button> . consider <fieldset> , <table> have special rendering behavior: data:text/html,<fieldset style="d
Read more

html - Missing border-right in select on Firefox -

-
Image
when put select div width , padding-left, options have no border on right. more, happend if select have width 118px , parent have 15px of padding left! have idea, going on? my code: <!doctype html> <html> <head lang="en"> </head> <body> <div style="width: 1000px; padding-left: 15px;"> <select style="width: 118px;"> <option>a</option> <option>b</option> <option>c</option> </select> </div> </body> </html> and result: here plunker: click it happend on firefox on windows. tested on 40.0.2 version -webkit-box-sizing: border-box; -moz-box-sizing: border-box; -ms-box-sizing: border-box; box-sizing: border-box; source: https://stackoverflow.com/a/11390432/4431269 source of problem: https://bugzilla.mozilla.org/show_bug.cgi?id=924068 and use of google ! edit: (source of problem, explained) after rea
Read more

c# - two queries in same method -

-
i trying execute 2 queries in same method gives me exception. can red of exception declaring new command there way use same command? string id="hi"; connection.open(); oledbcommand command1 = new oledbcommand(); command1.connection = connection; string query1 = "select * products category='" + combobox1.text + "' , subcategory = '" + combobox2.text + "' , sizes='" + combobox3.text + "'"; command1.commandtext = query1; oledbdatareader reader = command1.executereader(); while (reader.read()) { id = reader[0].tostring(); } textbox1.text = id; string query = "insert category_in (category_id,amount,amount_in) values ('"+ id+"' ,500,300)"; command1.commandtext = query; command1.executenonquery(); messagebox.show("saved"); connection.close();
Read more