There is no problem in my code it's running fine but i want some suggestion.I have edit profile page for user when user is login he can click on edit profile button to edit his profile but i have what i we generally see is when user click on edit profile url must have like or something similar like where in url there is always user id is present.I developed a edit page it has url like http://localhost/ko/Update_profile/get_user_data when log in user is has this url it can edit his profile so i have doubt is i am doing something wrong ??

I am using Codeigniter

Recommended Answers

All 6 Replies

Hi shany0786,
i think you are going in right way but your saying that you were using codeigniter framework right
so please have a lok at your code in get_user_data.php[file something like this in your project ] like how that page accessing the inputs from ui by using post parameters or some other way.

if you go this way you will find the answer

all the best

correct me if i am wrong.

Member Avatar

You can certainly do it like this, however, you MUST check that the user_id in the url is the same as that held in the session user_id, otherwise a miscreant would be able to edit anybody's profile just ny changing the url and pressing enter!
Most modern sites use mod_rewriting / RESTful API to do this type of thing, so profiles/1/edit would be a suitable url.
In addition:


Could also work for you, but there you will be taking the user_id directly from the session data, not the url. I haven't used CI for a few years and I can't remember using pretty urls like Laravel does (via routing file). Think about all the pages you have and formulate a url strategy - i.e. are they all going to be custom or are you going to develop a CRUD-type system,e.g.


where 34 = the user's id.

commented: yeah i will be developing crud later will this url will create problem while developing CRUD +0

this is my Controller Update_profile.php

if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Update_profile extends CI_Controller {

public  function __construct()
          // Call the Model constructor
        // Load validation library
public function get_user_data() {
if($this->session->userdata['sessiondata']['user_id'] !=null) {
else {




my Model

if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Edit_profile extends CI_Model {

public function get_user_data($id) {

      SELECT * FROM tbl_usrs where user_id='{$id}' "; 
$query = $this->db->query($sql);
$result = $query->result_array();
return $result;

} //class ends
Member Avatar

Ok, so what do you need now?

Is my approach right or something is wrong with that can i have some links how to do it in correct way??

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.