How can I hide user_id from URL using yii framewor

2019-05-22 15:28发布

I am using the yii framework and have different user accounts. When I want to have a look at the view page of user 4 I have to enter an url like www.mydomain.com/user/4 for update I have www.mydomain.com/user/update/4.

Is there a way so that I can hide the user id from the url line?

How can I set a route like www.mydomain.com/user/username and www.mydomain.com/user/update/username? Do I have to modify the routes?

What if the username contains an @ symbols?

标签： php yii url-routing

2条回答

在下西门庆

2楼-- · 2019-05-22 16:14

I think it's better to encrypt your id before passing it. And decrypt it when you reach there. There are many ways of generating such random/encrpted ids. For more security you should not give name like 'user', that you did. Try to modify that even. Hope you got the point...:)

0人赞添加讨论(0) 举报

Root（大扎）

3楼-- · 2019-05-22 16:19

If each user has a unique username, you can describe a route that doesn't show their user id by putting this custom routing rule in config/main:

'urlManager' => array(
    'rules' => array(
        'user/<username:\S+>' => 'users/view',
    )
)

The \S+ should accept "@". Then pass that username to controllers/UsersController like so:

public function actionView($username) {...}

Instead of www.mydomain.com/user/update/username I would use www.mydomain.com/user/<username>/update and put this in the above urlManager rules array:

'user/<username:\S+>/update' => 'users/update',

and this in UsersController:

public function actionUpdate($username) {...}

You can also generate a unique, random number for each user before creation and route based on that number.

0人赞添加讨论(0) 举报

How can I hide user_id from URL using yii framewor

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间