Postingan lainnya

gimana cara melakukan security di CI

gan ane kan bikin page pemabayaran dan itu berdasarkan id ya detailny pas muncul tp ketika user lain mengganti urlny itu mereka juga bisa melihat pembelian user lain jd gimana ya carany user lain itu ga bisa melakukan pembayaran punya user yang lainny?

ini kode fungsi pembayaranny

public function pembayaran($id)
    {
        $data['title'] = 'Pembayaran';

        $data['user'] = $this->db->get_where('user', ['id' => $this->session->userdata('email_id')])->row_array();
        $data['user'] = $this->db->get_where('user', ['firstName' => $this->session->userdata('author')])->row_array();
        $data['user'] = $this->db->get_where('user', ['email' => $this->session->userdata('email')])->row_array();
        $data['order_brg'] = $this->db->get_where('order_brg', ['id_order' => $this->session->userdata('id_order')])->row_array();

        $this->load->model('PostModel', 'post');
        $data['order'] = $this->post->getTotal($id);

        $data['nama_brg'] = $this->db->get('barang')->result_array();
        $data['kode'] = $this->db->get('stats')->row_array();

        $this->form_validation->set_rules('pelanggan', 'Nama Anda', 'required');
        $this->form_validation->set_rules('alamat', 'Alamat', 'required');
        $this->form_validation->set_rules('nm_barang', 'Nama Barang', 'required');
        $this->form_validation->set_rules('jumlah', 'Jumlah', 'required');

        if ($this->form_validation->run() == false) {

            $this->load->view('templates/user-header', $data);
            $this->load->view('templates/user-sidebar', $data);
            $this->load->view('templates/user-topbar', $data);
            $this->load->view('user/pembayaran', $data);
            $this->load->view('templates/user-footer');
        } else {

            $id = $this->input->post('id_order');
            $pelanggan = $this->input->post('pelanggan');
            $alamat = $this->input->post('alamat');
            $jumlah = $this->input->post('jumlah');
            $tgl = $this->input->post('tgl_kirim');
            $nm_barang = $this->input->post('nm_barang');
            $id_plg = $this->input->post('id_pelanggan');
            $status = $this->input->post('status');

            $data = [
                'pelanggan' => $pelanggan,
                'alamat' => $alamat,
                'jumlah' => $jumlah,
                'tgl_kirim' => $tgl,
                'nm_barang' => $nm_barang,
                'id_pelanggan' => $id_plg,
                'status' => $status,

            ];

            $this->db->insert('order_brg', $data);
            $this->session->set_flashdata('message', '<div class="alert alert-success" role="alert">Please wait admin approve your post</div>');
            redirect('user/order');
        }
    }

mysql codeigniter php

@werich1

89 Kontribusi 7 Poin

Diperbarui 4 tahun yang lalu

1 Jawaban:

Jawaban Terpilih

Validasi utk buka menu pembayarannya jangan hanya menggunakan id pembayaran aja, tapi tambahkan juga id usernya.

@jeffian

26 Kontribusi 17 Poin

Dipost 4 tahun yang lalu

Tanggapan

jd di sqlny gmna tuh gan?

@werich1

Tambahin where 1 lgi jadi where id_pembayaran = $id and id_user = $id_user

@jeffian