问题
I am trying to build a Search with Pagination in Codeigniter and would love some help with it.
So far, I've realized that I can not use BOTH url segments and query strings together. Using only query strings produces very ugly URLs.
I understand that Codeigniter destroys the GET and I'm trying to put it back in. Ergo... if I place this in the constructor of the search controller, will my problems be solved?
parse_str(substr(strrchr($_SERVER['REQUEST_URI'], "?"), 1), $_GET);
As in, if it works for me, is there anything I need to be aware of security wise?
回答1:
So far, I've realized that I can not use BOTH url segments and query strings together.
Sure you can. Try this in your config:
$config['uri_protocol'] = "PATH_INFO";
That should get things started. Now, since CI abandons and empties the $_GET variable, you need to repopulate it like this:
parse_str($_SERVER['QUERY_STRING'],$_GET);
Now the only real concern here is that, if you have global XSS filtering on, you should know that you just manually parsed the query string into the global $_GET variable. This means you haven't passed it through any XSS filters. In CI 1.x you can access the filter through the input library like this:
$myvar = $this->input->xss_clean($_GET['myvar']);
In CI 2.x you do it through the security library like this:
$myvar = $this->security->xss_clean($_GET['myvar']);
Of course, it goes without saying that you can extend the Controller class to have a get() method that does all this automatically such that you can do this:
$myvar = $this->get('myvar');
来源:https://stackoverflow.com/questions/4073257/codeigniter-and-pagination-with-query-strings