CodeIgniter URL Security And URL Routes


CodeIgniter URI Security

CodeIgniter is fairly restrictive regarding which characters it allows in your URI strings in order to help minimize the possibility that malicious data can be passed to your application. URIs may only contain the following:

  • Alpha-numeric text
  • Tilde: ~
  • Period: .
  • Colon: :
  • Underscore: _
  • Dash: –

How To Routes

The application/config/routes.php file lets you remap URI requests to specific controller functions. For example, you may have a controller named site with a function named index .

1. The URI for this controller/function combination might be :

2. if your site controller had a pages function that accepted a numeric ID for database lookup, the URI might look like this:

3. In some cases, you might want to remap one or more of these default routes. For example, the second example might be better displayed as this:

In that case, your routes.php file would contain a rule like this:

$route['about_us'] = 'site/pages/4';

4. Set the default controller using below code

$route['default_controller'] = 'welcome';

The default_controller route tells CodeIgniter which controller should be loaded if no controller is identified.