The best practice to pass database data to a form and url?

For programming and general questions on Zend Framework

The best practice to pass database data to a form and url?

Postby abdolreza on Sat Dec 01, 2012 8:11 am

Hi everyone!
I would be really thankful if anyone can shed some light on this. I searched a bit but it seems I just don't know the keyword to find it.
I'm new to zend and have been using it for a while. Here is my question:
I have a table which is called "student". For the sake of simplicity let's say I have only "student_id" and "name" in addition to a foreign key from other table and the name of this field is "user_id".
====================================================================================
When using forms:
I would like to pass the fetched rows from my database to a form and populate it. I just don't know what is the best practice?
I need a secure method to hide the column names and (kind of) encrypt the primary key of my table when I'm passing it to the form (I'm using jqgrid). So that the table structure is not visible to the client.
I was thinking to do a mapping on the server side and pass the mapped data to the client.
Is there a better way of doing it?
====================================================================================
When I want to pass parameters to the url:
//DomainName/Student/index/modify-activities/id/59
In the above Url if I change the id to 60, the client is able to modify someone's else activity which is wrong.
Here is the current workflow: I have a form which when the user selects an activity on that form, he/she can modify it. When the user submits the activity, I get the aforementioned link in the server side.
-First of all I don't want to display id/59 in the url address. I was thinking to add this id to the auth class when I get the submitted form.
-Second what is the best approach for not letting the user modify id 60 here?

Thank you so much for your time and help :)
abdolreza
 
Posts: 12
Joined: Mon Dec 12, 2011 10:08 pm

Return to Zend Framework

Who is online

Users browsing this forum: No registered users and 4 guests