PHP Класс Contao\Input

The class functions as an adapter for the global input arrays ($_GET, $_POST, $_COOKIE) and safely returns their values. To prevent XSS vulnerabilities, you should always use the class when reading user input. Usage: if (Input::get('action') == 'register') { $username = Input::post('username'); $password = Input::post('password'); }
Показать файл Открыть проект Примеры использования класса

Защищенные свойства (Protected)

Свойство Тип Описание
$arrCache array Cache
$arrUnusedGet array Unused $_GET parameters
$blnMagicQuotes boolean Magic quotes setting
$objInstance Input Object instance (Singleton)

Открытые методы

Метод Описание
__clone ( ) Prevent cloning of the object (Singleton)
cleanKey ( mixed $varValue ) : mixed Sanitize the variable names (thanks to Andreas Schempp)
cookie ( string $strKey, boolean $blnDecodeEntities = false ) : mixed Return a $_COOKIE variable
decodeEntities ( mixed $varValue ) : mixed Decode HTML entities
encodeInsertTags ( string $varValue ) : string Encode the opening and closing delimiters of insert tags
encodeSpecialChars ( mixed $varValue ) : mixed Encode special characters which are potentially dangerous
findPost ( string $strKey ) : mixed Fallback to the session form data if there is no post data
get ( string $strKey, boolean $blnDecodeEntities = false, boolean $blnKeepUnused = false ) : mixed Return a $_GET variable
getInstance ( ) : Input Return the object instance (Singleton)
getUnusedGet ( ) : array Return the unused GET parameters as array
hasUnusedGet ( ) : boolean Return whether there are unused GET parameters
initialize ( ) Clean the global GPC arrays
post ( string $strKey, boolean $blnDecodeEntities = false ) : mixed Return a $_POST variable
postHtml ( string $strKey, boolean $blnDecodeEntities = false ) : mixed Return a $_POST variable preserving allowed HTML tags
postRaw ( string $strKey ) : mixed Return a raw, unsafe $_POST variable
postUnsafeRaw ( string $strKey ) : mixed Return a raw, unsafe and unfiltered $_POST variable
preserveBasicEntities ( mixed $varValue ) : mixed Preserve basic entities by replacing them with square brackets (e.g. & becomes [amp])
resetCache ( ) Reset the internal cache
setCookie ( string $strKey, mixed $varValue ) Set a $_COOKIE variable
setGet ( string $strKey, mixed $varValue, boolean $blnAddUnused = false ) Set a $_GET variable
setPost ( string $strKey, mixed $varValue ) Set a $_POST variable
setUnusedGet ( string $strKey, mixed $varValue ) Set an unused GET parameter
stripSlashes ( mixed $varValue ) : mixed Strip slashes
stripTags ( mixed $varValue, string $strAllowedTags = '' ) : mixed Strip HTML and PHP tags preserving HTML comments
xssClean ( mixed $varValue, boolean $blnStrictMode = false ) : mixed Clean a value and try to prevent XSS attacks

Защищенные методы

Метод Описание
__construct ( ) Clean the keys of the request arrays

Описание методов

__clone() закрытый публичный Метод

Prevent cloning of the object (Singleton)
Устаревший: Deprecated since Contao 4.0, to be removed in Contao 5.0. The Input class is now static.
final public __clone ( )

__construct() защищенный Метод

Clean the keys of the request arrays
Устаревший: Deprecated since Contao 4.0, to be removed in Contao 5.0. The Input class is now static.
protected __construct ( )

cleanKey() публичный статический Метод

Sanitize the variable names (thanks to Andreas Schempp)
public static cleanKey ( mixed $varValue ) : mixed
$varValue mixed A variable name or an array of variable names
Результат mixed The clean name or array of names

decodeEntities() публичный статический Метод

Decode HTML entities
public static decodeEntities ( mixed $varValue ) : mixed
$varValue mixed A string or array
Результат mixed The decoded string or array

encodeInsertTags() публичный статический Метод

Encode the opening and closing delimiters of insert tags
public static encodeInsertTags ( string $varValue ) : string
$varValue string The input string
Результат string The encoded input string

encodeSpecialChars() публичный статический Метод

Encode special characters which are potentially dangerous
public static encodeSpecialChars ( mixed $varValue ) : mixed
$varValue mixed A string or array
Результат mixed The encoded string or array

findPost() публичный статический Метод

Fallback to the session form data if there is no post data
public static findPost ( string $strKey ) : mixed
$strKey string The variable name
Результат mixed The variable value

get() публичный статический Метод

Return a $_GET variable
public static get ( string $strKey, boolean $blnDecodeEntities = false, boolean $blnKeepUnused = false ) : mixed
$strKey string The variable name
$blnDecodeEntities boolean If true, all entities will be decoded
$blnKeepUnused boolean If true, the parameter will not be marked as used (see #4277)
Результат mixed The cleaned variable value

getInstance() публичный статический Метод

Return the object instance (Singleton)
Устаревший: Deprecated since Contao 4.0, to be removed in Contao 5.0. The Input class is now static.
public static getInstance ( ) : Input
Результат Input The object instance

getUnusedGet() публичный статический Метод

Return the unused GET parameters as array
public static getUnusedGet ( ) : array
Результат array The unused GET parameter array

hasUnusedGet() публичный статический Метод

Return whether there are unused GET parameters
public static hasUnusedGet ( ) : boolean
Результат boolean True if there are unused GET parameters

initialize() публичный статический Метод

Clean the global GPC arrays
public static initialize ( )

post() публичный статический Метод

Return a $_POST variable
public static post ( string $strKey, boolean $blnDecodeEntities = false ) : mixed
$strKey string The variable name
$blnDecodeEntities boolean If true, all entities will be decoded
Результат mixed The cleaned variable value

postHtml() публичный статический Метод

Return a $_POST variable preserving allowed HTML tags
public static postHtml ( string $strKey, boolean $blnDecodeEntities = false ) : mixed
$strKey string The variable name
$blnDecodeEntities boolean If true, all entities will be decoded
Результат mixed The cleaned variable value

postRaw() публичный статический Метод

Return a raw, unsafe $_POST variable
public static postRaw ( string $strKey ) : mixed
$strKey string The variable name
Результат mixed The raw variable value

postUnsafeRaw() публичный статический Метод

Return a raw, unsafe and unfiltered $_POST variable
public static postUnsafeRaw ( string $strKey ) : mixed
$strKey string The variable name
Результат mixed The raw variable value

preserveBasicEntities() публичный статический Метод

Preserve basic entities by replacing them with square brackets (e.g. & becomes [amp])
public static preserveBasicEntities ( mixed $varValue ) : mixed
$varValue mixed A string or array
Результат mixed The string or array with the converted entities

resetCache() публичный статический Метод

Reset the internal cache
public static resetCache ( )

setCookie() публичный статический Метод

Set a $_COOKIE variable
public static setCookie ( string $strKey, mixed $varValue )
$strKey string The variable name
$varValue mixed The variable value

setGet() публичный статический Метод

Set a $_GET variable
public static setGet ( string $strKey, mixed $varValue, boolean $blnAddUnused = false )
$strKey string The variable name
$varValue mixed The variable value
$blnAddUnused boolean If true, the value usage will be checked

setPost() публичный статический Метод

Set a $_POST variable
public static setPost ( string $strKey, mixed $varValue )
$strKey string The variable name
$varValue mixed The variable value

setUnusedGet() публичный статический Метод

Set an unused GET parameter
public static setUnusedGet ( string $strKey, mixed $varValue )
$strKey string The array key
$varValue mixed The array value

stripSlashes() публичный статический Метод

Strip slashes
Устаревший: Deprecated since Contao 3.5, to be removed in Contao 5. Since get_magic_quotes_gpc() always returns false in PHP 5.4+, the method was never actually executed.
public static stripSlashes ( mixed $varValue ) : mixed
$varValue mixed A string or array
Результат mixed The string or array without slashes

stripTags() публичный статический Метод

Strip HTML and PHP tags preserving HTML comments
public static stripTags ( mixed $varValue, string $strAllowedTags = '' ) : mixed
$varValue mixed A string or array
$strAllowedTags string A string of tags to preserve
Результат mixed The cleaned string or array

xssClean() публичный статический Метод

Clean a value and try to prevent XSS attacks
public static xssClean ( mixed $varValue, boolean $blnStrictMode = false ) : mixed
$varValue mixed A string or array
$blnStrictMode boolean If true, the function removes also JavaScript event handlers
Результат mixed The cleaned string or array

Описание свойств

$arrCache защищенное статическое свойство

Cache
protected static array $arrCache
Результат array

$arrUnusedGet защищенное статическое свойство

Unused $_GET parameters
protected static array $arrUnusedGet
Результат array

$blnMagicQuotes защищенное статическое свойство

Magic quotes setting
protected static bool $blnMagicQuotes
Результат boolean

$objInstance защищенное статическое свойство

Object instance (Singleton)
protected static Input,contao $objInstance
Результат Input