I am using the yii framework and have different user accounts. When I want to have a look at the view page of user 4 I have to enter an url like www.mydomain.com/user/4 for update I have www.mydomain.com/user/update/4.
Is there a way so that I can hide the user id from the url line?
How can I set a route like www.mydomain.com/user/username and www.mydomain.com/user/update/username? Do I have to modify the routes?
What if the username contains an @ symbols?
If each user has a unique username, you can describe a route that doesn't show their user id by putting this custom routing rule in config/main:
'urlManager' => array(
'rules' => array(
'user/<username:\S+>' => 'users/view',
)
)
The \S+ should accept "@". Then pass that username to controllers/UsersController like so:
public function actionView($username) {...}
Instead of www.mydomain.com/user/update/username I would use www.mydomain.com/user/<username>/update and put this in the above urlManager rules array:
'user/<username:\S+>/update' => 'users/update',
and this in UsersController:
public function actionUpdate($username) {...}
You can also generate a unique, random number for each user before creation and route based on that number.
I think it's better to encrypt your id before passing it. And decrypt it when you reach there. There are many ways of generating such random/encrpted ids. For more security you should not give name like 'user', that you did. Try to modify that even. Hope you got the point...:)
来源:https://stackoverflow.com/questions/9507252/how-can-i-hide-user-id-from-url-using-yii-framework