Secured URL format in Yii Application to display

Question

I think this is not new thing but yet to be discussed. I have been trying to get the best way to change the display URL format of Yii application. Simply to show the content, we need to pass the content id to the controller.

If the content is protected for specific set of users, it is uneasy to secure the content. Users randomly give the content id value and get the view of the protected content.

Example:

Normal URL display is Content/View/45. But I wanna display the URL in a secured way that either it should be like "Content/View" where the content id is hidden but it should be passed some other way or "Content/View/(encrypted string)".

Please give some good suggestion or examples to do it. I want my app should be highly secured as it is having payment based content display.

Answer 1

When someone will click on a link such as Content/View/ you cannot hide id 45 or something else.

you can hide Ids by using SEO friendly Urls.

Like you can have Content/View/about-us where about-us is permalink to that page content in DB or in some array.

and in you action you can get id based on this permalink (This permalink should be created / generated when adding new content in backend admin panel)

second thought is to save these permalink in an array like $links = array('about-us'=>45) and you can validate as

if(array_key_exists('about-us', $links)){
      $id = $links['about-us'];  
  }

May be this can give you some idea.