bzr branch
http://gegoxaren.bato24.eu/bzr/lenasys/trunk
|
20.1.1
by galaxyAbstractor
* Added an simple admin panel to the codeviewer-cmssy stuff |
1 |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
2 |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
|
3 |
<head> |
|
4 |
||
5 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
|
6 |
<title>Input Class : CodeIgniter User Guide</title> |
|
7 |
||
8 |
<style type='text/css' media='all'>@import url('../userguide.css');</style> |
|
9 |
<link rel='stylesheet' type='text/css' media='all' href='../userguide.css' /> |
|
10 |
||
11 |
<script type="text/javascript" src="../nav/nav.js"></script> |
|
12 |
<script type="text/javascript" src="../nav/prototype.lite.js"></script> |
|
13 |
<script type="text/javascript" src="../nav/moo.fx.js"></script> |
|
14 |
<script type="text/javascript" src="../nav/user_guide_menu.js"></script> |
|
15 |
||
16 |
<meta http-equiv='expires' content='-1' /> |
|
17 |
<meta http-equiv= 'pragma' content='no-cache' /> |
|
18 |
<meta name='robots' content='all' /> |
|
19 |
<meta name='author' content='ExpressionEngine Dev Team' /> |
|
20 |
<meta name='description' content='CodeIgniter User Guide' /> |
|
21 |
||
22 |
</head> |
|
23 |
<body> |
|
24 |
||
25 |
<!-- START NAVIGATION -->
|
|
26 |
<div id="nav"><div id="nav_inner"><script type="text/javascript">create_menu('../');</script></div></div> |
|
27 |
<div id="nav2"><a name="top"></a><a href="javascript:void(0);" onclick="myHeight.toggle();"><img src="../images/nav_toggle_darker.jpg" width="154" height="43" border="0" title="Toggle Table of Contents" alt="Toggle Table of Contents" /></a></div> |
|
28 |
<div id="masthead"> |
|
29 |
<table cellpadding="0" cellspacing="0" border="0" style="width:100%"> |
|
30 |
<tr> |
|
31 |
<td><h1>CodeIgniter User Guide Version 2.1.3</h1></td> |
|
32 |
<td id="breadcrumb_right"><a href="../toc.html">Table of Contents Page</a></td> |
|
33 |
</tr> |
|
34 |
</table> |
|
35 |
</div> |
|
36 |
<!-- END NAVIGATION -->
|
|
37 |
||
38 |
||
39 |
<!-- START BREADCRUMB -->
|
|
40 |
<table cellpadding="0" cellspacing="0" border="0" style="width:100%"> |
|
41 |
<tr> |
|
42 |
<td id="breadcrumb"> |
|
43 |
<a href="http://codeigniter.com/">CodeIgniter Home</a> › |
|
44 |
<a href="../index.html">User Guide Home</a> › |
|
45 |
Input Class |
|
46 |
</td> |
|
47 |
<td id="searchbox"><form method="get" action="http://www.google.com/search"><input type="hidden" name="as_sitesearch" id="as_sitesearch" value="codeigniter.com/user_guide/" />Search User Guide <input type="text" class="input" style="width:200px;" name="q" id="q" size="31" maxlength="255" value="" /> <input type="submit" class="submit" name="sa" value="Go" /></form></td> |
|
48 |
</tr> |
|
49 |
</table> |
|
50 |
<!-- END BREADCRUMB -->
|
|
51 |
||
52 |
<br clear="all" /> |
|
53 |
||
54 |
||
55 |
<!-- START CONTENT -->
|
|
56 |
<div id="content"> |
|
57 |
||
58 |
||
59 |
<h1>Input Class</h1> |
|
60 |
||
61 |
<p>The Input Class serves two purposes:</p> |
|
62 |
||
63 |
<ol> |
|
64 |
<li>It pre-processes global input data for security.</li> |
|
65 |
<li>It provides some helper functions for fetching input data and pre-processing it.</li> |
|
66 |
</ol> |
|
67 |
||
68 |
<p class="important"><strong>Note:</strong> This class is initialized automatically by the system so there is no need to do it manually.</p> |
|
69 |
||
70 |
||
71 |
<h2>Security Filtering</h2> |
|
72 |
||
73 |
<p>The security filtering function is called automatically when a new <a href="../general/controllers.html">controller</a> is invoked. It does the following:</p> |
|
74 |
||
75 |
<ul> |
|
76 |
<li>If $config['allow_get_array'] is FALSE(default is TRUE), destroys the global GET array.</li> |
|
77 |
<li>Destroys all global variables in the event register_globals is turned on.</li> |
|
78 |
<li>Filters the GET/POST/COOKIE array keys, permitting only alpha-numeric (and a few other) characters.</li> |
|
79 |
<li>Provides XSS (Cross-site Scripting Hacks) filtering. This can be enabled globally, or upon request.</li> |
|
80 |
<li>Standardizes newline characters to \n(In Windows \r\n)</li> |
|
81 |
</ul> |
|
82 |
||
83 |
||
84 |
<h2>XSS Filtering</h2> |
|
85 |
||
86 |
<p>The Input class has the ability to filter input automatically to prevent cross-site scripting attacks. If you want the filter to run automatically every time it encounters POST or COOKIE data you can enable it by opening your |
|
87 |
<kbd>application/config/config.php</kbd> file and setting this:</p> |
|
88 |
||
89 |
<code>$config['global_xss_filtering'] = TRUE;</code> |
|
90 |
||
91 |
<p>Please refer to the <a href="security.html">Security class</a> documentation for information on using XSS Filtering in your application.</p> |
|
92 |
||
93 |
||
94 |
<h2>Using POST, COOKIE, or SERVER Data</h2> |
|
95 |
||
96 |
<p>CodeIgniter comes with three helper functions that let you fetch POST, COOKIE or SERVER items. The main advantage of using the provided |
|
97 |
functions rather than fetching an item directly ($_POST['something']) is that the functions will check to see if the item is set and |
|
98 |
return false (boolean) if not. This lets you conveniently use data without having to test whether an item exists first. |
|
99 |
In other words, normally you might do something like this:</p> |
|
100 |
||
101 |
<code> |
|
102 |
if ( ! isset($_POST['something']))<br /> |
|
103 |
{<br />
|
|
104 |
$something = FALSE;<br /> |
|
105 |
}<br /> |
|
106 |
else<br /> |
|
107 |
{<br />
|
|
108 |
$something = $_POST['something'];<br /> |
|
109 |
}</code> |
|
110 |
||
111 |
<p>With CodeIgniter's built in functions you can simply do this:</p> |
|
112 |
||
113 |
<code>$something = $this->input->post('something');</code> |
|
114 |
||
115 |
<p>The three functions are:</p> |
|
116 |
||
117 |
<ul> |
|
118 |
<li>$this->input->post()</li> |
|
119 |
<li>$this->input->cookie()</li> |
|
120 |
<li>$this->input->server()</li> |
|
121 |
</ul> |
|
122 |
||
123 |
<h2>$this->input->post()</h2> |
|
124 |
||
125 |
<p>The first parameter will contain the name of the POST item you are looking for:</p> |
|
126 |
||
127 |
<code>$this->input->post('some_data');</code> |
|
128 |
||
129 |
<p>The function returns FALSE (boolean) if the item you are attempting to retrieve does not exist.</p> |
|
130 |
||
131 |
<p>The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;</p> |
|
132 |
||
133 |
<code>$this->input->post('some_data', TRUE);</code> |
|
134 |
||
135 |
<p>To return an array of all POST items call without any parameters.</p> |
|
136 |
<p>To return all POST items and pass them through the XSS filter set the first parameter NULL while setting the second parameter to boolean;</p> |
|
137 |
<p>The function returns FALSE (boolean) if there are no items in the POST.</p> |
|
138 |
||
139 |
<code> |
|
140 |
$this->input->post(NULL, TRUE); // returns all POST items with XSS filter |
|
141 |
<br /> |
|
142 |
$this->input->post(); // returns all POST items without XSS filter |
|
143 |
</code> |
|
144 |
||
145 |
<h2>$this->input->get()</h2> |
|
146 |
||
147 |
<p>This function is identical to the post function, only it fetches get data:</p> |
|
148 |
||
149 |
<code>$this->input->get('some_data', TRUE);</code> |
|
150 |
||
151 |
<p>To return an array of all GET items call without any parameters.</p> |
|
152 |
<p>To return all GET items and pass them through the XSS filter set the first parameter NULL while setting the second parameter to boolean;</p> |
|
153 |
<p>The function returns FALSE (boolean) if there are no items in the GET.</p> |
|
154 |
||
155 |
<code> |
|
156 |
$this->input->get(NULL, TRUE); // returns all GET items with XSS filter |
|
157 |
<br /> |
|
158 |
$this->input->get(); // returns all GET items without XSS filtering |
|
159 |
</code> |
|
160 |
||
161 |
<h2>$this->input->get_post()</h2> |
|
162 |
||
163 |
<p>This function will search through both the post and get streams for data, looking first in post, and then in get:</p> |
|
164 |
||
165 |
<code>$this->input->get_post('some_data', TRUE);</code> |
|
166 |
||
167 |
<h2>$this->input->cookie()</h2> |
|
168 |
||
169 |
<p>This function is identical to the post function, only it fetches cookie data:</p> |
|
170 |
||
171 |
<code>$this->input->cookie('some_data', TRUE);</code> |
|
172 |
||
173 |
<h2>$this->input->server()</h2> |
|
174 |
||
175 |
<p>This function is identical to the above functions, only it fetches server data:</p> |
|
176 |
||
177 |
<code>$this->input->server('some_data');</code> |
|
178 |
||
179 |
||
180 |
<h2>$this->input->set_cookie()</h2> |
|
181 |
||
182 |
<p>Sets a cookie containing the values you specify. There are two ways to pass information to this function so that a cookie can be set: |
|
183 |
Array Method, and Discrete Parameters:</p> |
|
184 |
||
185 |
<h4>Array Method</h4> |
|
186 |
||
187 |
<p>Using this method, an associative array is passed to the first parameter:</p> |
|
188 |
||
189 |
<code>$cookie = array(<br /> |
|
190 |
'name' => 'The Cookie Name',<br /> |
|
191 |
'value' => 'The Value',<br /> |
|
192 |
'expire' => '86500',<br /> |
|
193 |
'domain' => '.some-domain.com',<br /> |
|
194 |
'path' => '/',<br /> |
|
195 |
'prefix' => 'myprefix_',<br /> |
|
196 |
'secure' => TRUE<br /> |
|
197 |
);<br /> |
|
198 |
<br /> |
|
199 |
$this->input->set_cookie($cookie); |
|
200 |
</code> |
|
201 |
||
202 |
<p><strong>Notes:</strong></p> |
|
203 |
||
204 |
<p>Only the name and value are required. To delete a cookie set it with the expiration blank.</p> |
|
205 |
||
206 |
<p>The expiration is set in <strong>seconds</strong>, which will be added to the current time. Do not include the time, but rather only the |
|
207 |
number of seconds from <em>now</em> that you wish the cookie to be valid. If the expiration is set to |
|
208 |
zero the cookie will only last as long as the browser is open.</p> |
|
209 |
<p>For site-wide cookies regardless of how your site is requested, add your URL to the <strong>domain</strong> starting with a period, like this: .your-domain.com</p> |
|
210 |
<p>The path is usually not needed since the function sets a root path.</p> |
|
211 |
<p>The prefix is only needed if you need to avoid name collisions with other identically named cookies for your server.</p> |
|
212 |
<p>The secure boolean is only needed if you want to make it a secure cookie by setting it to TRUE.</p> |
|
213 |
||
214 |
<h4>Discrete Parameters</h4> |
|
215 |
||
216 |
<p>If you prefer, you can set the cookie by passing data using individual parameters:</p> |
|
217 |
||
218 |
<code>$this->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure);</code> |
|
219 |
||
220 |
<h2>$this->input->cookie()</h2> |
|
221 |
||
222 |
<p>Lets you fetch a cookie. The first parameter will contain the name of the cookie you are looking for (including any prefixes):</p> |
|
223 |
||
224 |
<code>cookie('some_cookie');</code> |
|
225 |
||
226 |
<p>The function returns FALSE (boolean) if the item you are attempting to retrieve does not exist.</p> |
|
227 |
||
228 |
<p>The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;</p> |
|
229 |
||
230 |
<p><code>cookie('some_cookie', TRUE);</code></p> |
|
231 |
||
232 |
||
233 |
<h2>$this->input->ip_address()</h2> |
|
234 |
<p>Returns the IP address for the current user. If the IP address is not valid, the function will return an IP of: 0.0.0.0</p> |
|
235 |
<code>echo $this->input->ip_address();</code> |
|
236 |
||
237 |
||
238 |
<h2>$this->input->valid_ip(<var>$ip</var>)</h2> |
|
239 |
||
240 |
<p>Takes an IP address as input and returns TRUE or FALSE (boolean) if it is valid or not. Note: The $this->input->ip_address() function above |
|
241 |
validates the IP automatically.</p> |
|
242 |
||
243 |
<code>if ( ! $this->input->valid_ip($ip))<br /> |
|
244 |
{<br />
|
|
245 |
echo 'Not Valid';<br /> |
|
246 |
}<br /> |
|
247 |
else<br /> |
|
248 |
{<br />
|
|
249 |
echo 'Valid';<br /> |
|
250 |
}</code> |
|
251 |
<p>Accepts an optional second string parameter of "IPv4" or "IPv6" to specify an IP format. The default checks for both formats.</p> |
|
252 |
||
253 |
<h2>$this->input->user_agent()</h2> |
|
254 |
<p>Returns the user agent (web browser) being used by the current user. Returns FALSE if it's not available.</p> |
|
255 |
<code>echo $this->input->user_agent();</code> |
|
256 |
<p>See the <a href="user_agent.html">User Agent Class</a> for methods which extract information from the user agent string.</p> |
|
257 |
||
258 |
<h2>$this->input->request_headers()</h2> |
|
259 |
<p>Useful if running in a non-Apache environment where <a href="http://php.net/apache_request_headers">apache_request_headers()</a> will not be supported. Returns an array of headers.</p> |
|
260 |
||
261 |
<code>$headers = $this->input->request_headers();</code> |
|
262 |
||
263 |
<h2>$this->input->get_request_header();</h2> |
|
264 |
<p>Returns a single member of the request headers array.</p> |
|
265 |
||
266 |
<code>$this->input->get_request_header('some-header', TRUE);</code> |
|
267 |
||
268 |
||
269 |
<h2>$this->input->is_ajax_request()</h2> |
|
270 |
<p>Checks to see if the <var>HTTP_X_REQUESTED_WITH</var> server header has been set, and returns a boolean response.</p> |
|
271 |
||
272 |
||
273 |
<h2>$this->input->is_cli_request()</h2> |
|
274 |
<p>Checks to see if the <var>STDIN</var> constant is set, which is a failsafe way to see if PHP is being run on the command line.</p> |
|
275 |
||
276 |
<code>$this->input->is_cli_request()</code> |
|
277 |
||
278 |
||
279 |
</div> |
|
280 |
<!-- END CONTENT -->
|
|
281 |
||
282 |
||
283 |
<div id="footer"> |
|
284 |
<p> |
|
285 |
Previous Topic: <a href="image_lib.html">Image Manipulation Class</a> |
|
286 |
·
|
|
287 |
<a href="#top">Top of Page</a> · |
|
288 |
<a href="../index.html">User Guide Home</a> · |
|
289 |
Next Topic: <a href="loader.html">Loader Class</a> |
|
290 |
</p> |
|
291 |
<p><a href="http://codeigniter.com">CodeIgniter</a> · Copyright © 2006 - 2012 · <a href="http://ellislab.com/">EllisLab, Inc.</a></p> |
|
292 |
</div> |
|
293 |
||
294 |
</body> |
|
295 |
</html> |