Class CI_Input - echiong/testRepo GitHub Wiki
##Class CI_Input
Input Class
Pre-processes global input data for security
Package: [[CodeIgniter<a href="Package CodeIgniter.Libraries.md">Libraries]]
Category:
Input
Author:
ExpressionEngine Dev Team
Link:
http://codeigniter.com/user_guide/libraries/input.html
Located at system/core/Input.php
##Methods summary
public __construct ( )
Constructor
Sets whether to globally enable the XSS processing and whether to allow the $_GET array
public string _fetch_from_array ( array & $array, string $index = '', boolean $xss_clean = FALSE )
Fetch from array
This is a helper function to retrieve values from global arrays
Parameters
$array
array
$index
string
$xss_clean
boolean
Returns
string
public string get ( string $index = NULL, boolean $xss_clean = FALSE )
Fetch an item from the GET array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public string post ( string $index = NULL, boolean $xss_clean = FALSE )
Fetch an item from the POST array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public string get_post ( string $index = '', boolean $xss_clean = FALSE )
Fetch an item from either the GET array or the POST
Parameters
$index
string
The index key
$xss_clean
boolean
XSS cleaning
Returns
string
public string cookie ( string $index = '', boolean $xss_clean = FALSE )
Fetch an item from the COOKIE array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public set_cookie ( mixed $name = '', string $value = '', string $expire = '', string $domain = '', string $path = '/', string $prefix = '', boolean $secure = FALSE )
Set cookie
Accepts six parameter, or you can submit an associative array in the first parameter containing all the values.
Parameters
$name
mixed
$value
string
the value of the cookie
$expire
string
the number of seconds until expiration
$domain
string
the cookie domain. Usually: .yourdomain.com
$path
string
the cookie path
$prefix
string
the cookie prefix
$secure
boolean
true makes the cookie secure
public string server ( string $index = '', boolean $xss_clean = FALSE )
Fetch an item from the SERVER array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public string ip_address ( )
Fetch the IP Address
Returns
string
public string valid_ip ( string $ip )
Validate IP Address
Updated version suggested by Geert De Deckere
Parameters
$ip
string
Returns
string
public string user_agent ( )
User Agent
Returns
string
public _sanitize_globals ( )
Sanitize Globals
This function does the following:
Unsets $_GET data (if query strings are not enabled)
Unsets all globals if register_globals is enabled
Standardizes newline characters to \n
public string _clean_input_data ( string $str )
Clean Input Data
This is a helper function. It escapes data and standardizes newline characters to \n
Parameters
$str
string
Returns
string
public string _clean_input_keys ( string $str )
Clean Keys
This is a helper function. To prevent malicious users from trying to exploit keys we make sure that keys are only named with alpha-numeric text and a few other items.
Parameters
$str
string
Returns
string
public array request_headers ( boolean $xss_clean = FALSE )
Request Headers
In Apache, you can simply call apache_request_headers(), however for people running other webservers the function is undefined.
Parameters
$xss_clean
boolean
XSS cleaning
Returns
array
public mixed get_request_header ( string $index, boolean $xss_clean = FALSE )
Get Request Header
Returns the value of a single member of the headers class member
Parameters
$index
string
array key for $this->headers
$xss_clean
boolean
XSS Clean or not
Returns
mixed
FALSE on failure, string on success
public boolean is_ajax_request ( )
Is ajax Request?
Test to see if a request contains the HTTP_X_REQUESTED_WITH header
Returns
boolean
public boolean is_cli_request ( )
Is cli Request?
Test to see if a request was made from the command line
Returns
boolean
<table class="summary" id="properties">
<caption>Properties summary</caption>
<tr data-order="ip_address" id="$ip_address">
<td class="attributes"><code>
public
string
</code></td>
<td class="name">
$ip_address
FALSE
<div class="description detailed">
IP address of the current user
</div>
</div></td>
</tr>
<tr data-order="user_agent" id="$user_agent">
<td class="attributes"><code>
public
string
</code></td>
<td class="name">
$user_agent
FALSE
<div class="description detailed">
user agent (web browser) being used by the current user
</div>
</div></td>
</tr>
<tr data-order="_allow_get_array" id="$_allow_get_array">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_allow_get_array
TRUE
<div class="description detailed">
If FALSE, then $_GET will be set to an empty array
</div>
</div></td>
</tr>
<tr data-order="_standardize_newlines" id="$_standardize_newlines">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_standardize_newlines
TRUE
<div class="description detailed">
If TRUE, then newlines are standardized
</div>
</div></td>
</tr>
<tr data-order="_enable_xss" id="$_enable_xss">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_enable_xss
FALSE
<div class="description detailed">
Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered Set automatically based on config setting
</div>
</div></td>
</tr>
<tr data-order="_enable_csrf" id="$_enable_csrf">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_enable_csrf
FALSE
<div class="description detailed">
Enables a CSRF cookie token to be set. Set automatically based on config setting
</div>
</div></td>
</tr>
<tr data-order="headers" id="$headers">
<td class="attributes"><code>
protected
array
</code></td>
<td class="name">
$headers
array()
<div class="description detailed">
List of all HTTP request headers
</div>
</div></td>
</tr>
</table>