PHP Class CI_Input, ci-phpunit-test

Pre-processes global input data for security

See link: http://codeigniter.com/user_guide/libraries/input.html

Author: ExpressionEngine Dev Team

Mostra file Open project: kenjis/ci-phpunit-test Class Usage Examples

Protected Properties

Property	Type	Description
$_allow_get_array	boolean	If set to FALSE, then $_GET will be set to an empty array.
$_enable_csrf	boolean	Enables a CSRF cookie token to be set. Set automatically based on config setting.
$_enable_xss	boolean	Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered. Set automatically based on config setting.
$_input_stream	array	Parsed from php://input at runtime
$_raw_input_stream	string	Holds a cache of php://input contents
$_standardize_newlines	boolean	If set to TRUE, then newlines are standardized.
$headers	array	List of all HTTP request headers
$ip_address	string	IP address of the current user
$security
$uni

Public Methods

Method	Description
__construct ( ) : void	Class constructor
__get ( string $name ) : mixed	Magic __get()
cookie ( mixed $index = NULL, boolean $xss_clean = NULL ) : mixed	Fetch an item from the COOKIE array
get ( mixed $index = NULL, boolean $xss_clean = NULL ) : mixed	Fetch an item from the GET array
get_post ( string $index, boolean $xss_clean = NULL ) : mixed	Fetch an item from GET data with fallback to POST
get_request_header ( string $index, boolean $xss_clean = FALSE ) : string \| null	Get Request Header
input_stream ( string $index = NULL, boolean $xss_clean = NULL ) : mixed	Fetch an item from the php://input stream
ip_address ( ) : string	Fetch the IP Address
is_ajax_request ( ) : boolean	Is AJAX request?
is_cli_request ( ) : boolean	Is CLI request?
method ( boolean $upper = FALSE ) : string	Get Request Method
post ( mixed $index = NULL, boolean $xss_clean = NULL ) : mixed	Fetch an item from the POST array
post_get ( string $index, boolean $xss_clean = NULL ) : mixed	Fetch an item from POST data with fallback to GET
request_headers ( boolean $xss_clean = FALSE ) : array	Request Headers
server ( mixed $index, boolean $xss_clean = NULL ) : mixed	Fetch an item from the SERVER array
set_cookie ( string \| mixed[] $name, string $value = '', integer $expire = '', string $domain = '', string $path = '/', string $prefix = '', boolean $secure = FALSE, boolean $httponly = FALSE ) : void	Set cookie
user_agent ( $xss_clean = NULL ) : string \| null	Fetch User Agent string
valid_ip ( string $ip, string $which = '' ) : boolean	Validate IP Address

Protected Methods

Method	Description
_clean_input_data ( string \| string[] $str ) : string	Clean Input Data
_clean_input_keys ( string $str, boolean $fatal = TRUE ) : string \| boolean	Clean Keys
_fetch_from_array ( &$array, mixed $index = NULL, boolean $xss_clean = NULL ) : mixed	Fetch from array
_sanitize_globals ( ) : void	Sanitize Globals

Method Details

__construct() public method

Determines whether to globally enable the XSS processing and whether to allow the $_GET array.

public __construct ( ) : void
return	void

__get() public method

Allows read access to protected properties

public __get ( string $name ) : mixed
$name	string
return	mixed

_clean_input_data() protected method

Internal method that aids in escaping data and standardizing newline characters to PHP_EOL.

protected _clean_input_data ( string \| string[] $str ) : string
$str	string \| string[]	Input string(s)
return	string

_clean_input_keys() protected method

Internal method that helps to prevent malicious users from trying to exploit keys we make sure that keys are only named with alpha-numeric text and a few other items.

protected _clean_input_keys ( string $str, boolean $fatal = TRUE ) : string \| boolean
$str	string	Input string
$fatal	boolean	Whether to terminate script exection or to return FALSE if an invalid key is encountered
return	string \| boolean

_fetch_from_array() protected method

Internal method used to retrieve values from global arrays.

protected _fetch_from_array ( &$array, mixed $index = NULL, boolean $xss_clean = NULL ) : mixed
$index	mixed	Index for item to be fetched from $array
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

_sanitize_globals() protected method

Internal method serving for the following purposes: - Unsets $_GET data, if query strings are not enabled - Cleans POST, COOKIE and SERVER data - Standardizes newline characters to PHP_EOL

protected _sanitize_globals ( ) : void
return	void

get() public method

Fetch an item from the GET array

public get ( mixed $index = NULL, boolean $xss_clean = NULL ) : mixed
$index	mixed	Index for item to be fetched from $_GET
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

get_post() public method

Fetch an item from GET data with fallback to POST

public get_post ( string $index, boolean $xss_clean = NULL ) : mixed
$index	string	Index for item to be fetched from $_GET or $_POST
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

get_request_header() public method

Returns the value of a single member of the headers class member

public get_request_header ( string $index, boolean $xss_clean = FALSE ) : string \| null
$index	string	Header name
$xss_clean	boolean	Whether to apply XSS filtering
return	string \| null	The requested header on success or NULL on failure modified by ci-phpunit-test

input_stream() public method

Useful when you need to access PUT, DELETE or PATCH request data.

public input_stream ( string $index = NULL, boolean $xss_clean = NULL ) : mixed
$index	string	Index for item to be fetched
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

ip_address() public method

Determines and validates the visitor's IP address.

public ip_address ( ) : string
return	string	IP address

is_ajax_request() public method

Test to see if a request contains the HTTP_X_REQUESTED_WITH header.

public is_ajax_request ( ) : boolean
return	boolean

is_cli_request() public method

Test to see if a request was made from the command line.

Deprecation: 3.0.0 Use is_cli() instead

public is_cli_request ( ) : boolean
return	boolean

method() public method

Return the request method

public method ( boolean $upper = FALSE ) : string
$upper	boolean	Whether to return in upper or lower case (default: FALSE)
return	string

post() public method

Fetch an item from the POST array

public post ( mixed $index = NULL, boolean $xss_clean = NULL ) : mixed
$index	mixed	Index for item to be fetched from $_POST
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

post_get() public method

Fetch an item from POST data with fallback to GET

public post_get ( string $index, boolean $xss_clean = NULL ) : mixed
$index	string	Index for item to be fetched from $_POST or $_GET
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

request_headers() public method

Request Headers

public request_headers ( boolean $xss_clean = FALSE ) : array
$xss_clean	boolean	Whether to apply XSS filtering
return	array

server() public method

Fetch an item from the SERVER array

public server ( mixed $index, boolean $xss_clean = NULL ) : mixed
$index	mixed	Index for item to be fetched from $_SERVER
$xss_clean	boolean	Whether to apply XSS filtering
return	mixed

set_cookie() public method

Accepts an arbitrary number of parameters (up to 7) or an associative array in the first parameter containing all the values.

public set_cookie ( string \| mixed[] $name, string $value = '', integer $expire = '', string $domain = '', string $path = '/', string $prefix = '', boolean $secure = FALSE, boolean $httponly = FALSE ) : void
$name	string \| mixed[]	Cookie name or an array containing parameters
$value	string	Cookie value
$expire	integer	Cookie expiration time in seconds
$domain	string	Cookie domain (e.g.: '.yourdomain.com')
$path	string	Cookie path (default: '/')
$prefix	string	Cookie name prefix
$secure	boolean	Whether to only transfer cookies via SSL
$httponly	boolean	Whether to only makes the cookie accessible via HTTP (no javascript)
return	void	modified by ci-phpunit-test

user_agent() public method

Fetch User Agent string

public user_agent ( $xss_clean = NULL ) : string \| null
return	string \| null	User Agent string or NULL if it doesn't exist

valid_ip() public method

Validate IP Address

public valid_ip ( string $ip, string $which = '' ) : boolean
$ip	string	IP address
$which	string	IP protocol: 'ipv4' or 'ipv6'
return	boolean

Property Details

$_allow_get_array protected_oe property

If set to FALSE, then $_GET will be set to an empty array.

protected bool $_allow_get_array
return	boolean

$_enable_csrf protected_oe property

Enables a CSRF cookie token to be set. Set automatically based on config setting.

protected bool $_enable_csrf
return	boolean

$_enable_xss protected_oe property

Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered. Set automatically based on config setting.

protected bool $_enable_xss
return	boolean

$_input_stream protected_oe property

Parsed from php://input at runtime

$_raw_input_stream protected_oe property

Holds a cache of php://input contents

protected string $_raw_input_stream
return	string

$_standardize_newlines protected_oe property

If set to TRUE, then newlines are standardized.

protected bool $_standardize_newlines
return	boolean

$headers protected_oe property

List of all HTTP request headers

protected array $headers
return	array

$ip_address protected_oe property

IP address of the current user

protected string $ip_address
return	string

$security protected_oe property

protected $security

$uni protected_oe property

protected $uni