-
Notifications
You must be signed in to change notification settings - Fork 0
Class CI_Input
##Class CI_Input
Input Class
Pre-processes global input data for security
Package: [[CodeIgniter<a href="Package CodeIgniter.Libraries.md">Libraries]]
Category:
Input
Author:
ExpressionEngine Dev Team
Link:
http://codeigniter.com/user_guide/libraries/input.html
Located at system/core/Input.php
##Methods summary
public __construct ( )
Constructor
Sets whether to globally enable the XSS processing and whether to allow the $_GET array
public string _fetch_from_array ( array & $array, string $index = '', boolean $xss_clean = FALSE )
Fetch from array
This is a helper function to retrieve values from global arrays
Parameters
$array
array
$index
string
$xss_clean
boolean
Returns
string
public string get ( string $index = NULL, boolean $xss_clean = FALSE )
Fetch an item from the GET array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public string post ( string $index = NULL, boolean $xss_clean = FALSE )
Fetch an item from the POST array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public string get_post ( string $index = '', boolean $xss_clean = FALSE )
Fetch an item from either the GET array or the POST
Parameters
$index
string
The index key
$xss_clean
boolean
XSS cleaning
Returns
string
public string cookie ( string $index = '', boolean $xss_clean = FALSE )
Fetch an item from the COOKIE array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public set_cookie ( mixed $name = '', string $value = '', string $expire = '', string $domain = '', string $path = '/', string $prefix = '', boolean $secure = FALSE )
Set cookie
Accepts six parameter, or you can submit an associative array in the first parameter containing all the values.
Parameters
$name
mixed
$value
string
the value of the cookie
$expire
string
the number of seconds until expiration
$domain
string
the cookie domain. Usually: .yourdomain.com
$path
string
the cookie path
$prefix
string
the cookie prefix
$secure
boolean
true makes the cookie secure
public string server ( string $index = '', boolean $xss_clean = FALSE )
Fetch an item from the SERVER array
Parameters
$index
string
$xss_clean
boolean
Returns
string
public string ip_address ( )
Fetch the IP Address
Returns
string
public string valid_ip ( string $ip )
Validate IP Address
Updated version suggested by Geert De Deckere
Parameters
$ip
string
Returns
string
public string user_agent ( )
User Agent
Returns
string
public _sanitize_globals ( )
Sanitize Globals
This function does the following:
Unsets $_GET data (if query strings are not enabled)
Unsets all globals if register_globals is enabled
Standardizes newline characters to \n
public string _clean_input_data ( string $str )
Clean Input Data
This is a helper function. It escapes data and standardizes newline characters to \n
Parameters
$str
string
Returns
string
public string _clean_input_keys ( string $str )
Clean Keys
This is a helper function. To prevent malicious users from trying to exploit keys we make sure that keys are only named with alpha-numeric text and a few other items.
Parameters
$str
string
Returns
string
public array request_headers ( boolean $xss_clean = FALSE )
Request Headers
In Apache, you can simply call apache_request_headers(), however for people running other webservers the function is undefined.
Parameters
$xss_clean
boolean
XSS cleaning
Returns
array
public mixed get_request_header ( string $index, boolean $xss_clean = FALSE )
Get Request Header
Returns the value of a single member of the headers class member
Parameters
$index
string
array key for $this->headers
$xss_clean
boolean
XSS Clean or not
Returns
mixed
FALSE on failure, string on success
public boolean is_ajax_request ( )
Is ajax Request?
Test to see if a request contains the HTTP_X_REQUESTED_WITH header
Returns
boolean
public boolean is_cli_request ( )
Is cli Request?
Test to see if a request was made from the command line
Returns
boolean
<table class="summary" id="properties">
<caption>Properties summary</caption>
<tr data-order="ip_address" id="$ip_address">
<td class="attributes"><code>
public
string
</code></td>
<td class="name">
$ip_address
FALSE
<div class="description detailed">
IP address of the current user
</div>
</div></td>
</tr>
<tr data-order="user_agent" id="$user_agent">
<td class="attributes"><code>
public
string
</code></td>
<td class="name">
$user_agent
FALSE
<div class="description detailed">
user agent (web browser) being used by the current user
</div>
</div></td>
</tr>
<tr data-order="_allow_get_array" id="$_allow_get_array">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_allow_get_array
TRUE
<div class="description detailed">
If FALSE, then $_GET will be set to an empty array
</div>
</div></td>
</tr>
<tr data-order="_standardize_newlines" id="$_standardize_newlines">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_standardize_newlines
TRUE
<div class="description detailed">
If TRUE, then newlines are standardized
</div>
</div></td>
</tr>
<tr data-order="_enable_xss" id="$_enable_xss">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_enable_xss
FALSE
<div class="description detailed">
Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered Set automatically based on config setting
</div>
</div></td>
</tr>
<tr data-order="_enable_csrf" id="$_enable_csrf">
<td class="attributes"><code>
public
boolean
</code></td>
<td class="name">
$_enable_csrf
FALSE
<div class="description detailed">
Enables a CSRF cookie token to be set. Set automatically based on config setting
</div>
</div></td>
</tr>
<tr data-order="headers" id="$headers">
<td class="attributes"><code>
protected
array
</code></td>
<td class="name">
$headers
array()
<div class="description detailed">
List of all HTTP request headers
</div>
</div></td>
</tr>
</table>
API documentation generated by ApiGen 2.8.0
- application
- controlllers
- libraries
- models
- CodeIgniter
- Drivers
- Libraries
- None
- PHP
- Services
- Soundcloud
- About
- API_Controller
- Audioupload_lib
- Auth
- BaseFacebook
- Beats
- Beta
- CI_Benchmark
- CI_Cache
- CI_Cache_apc
- CI_Cache_dummy
- CI_Cache_file
- CI_Cache_memcached
- CI_Calendar
- CI_Cart
- CI_Config
- CI_Controller
- CI_DB_active_record
- CI_DB_Cache
- CI_DB_cubrid_driver
- CI_DB_cubrid_forge
- CI_DB_cubrid_result
- CI_DB_cubrid_utility
- CI_DB_driver
- CI_DB_forge
- CI_DB_mssql_driver
- CI_DB_mssql_forge
- CI_DB_mssql_result
- CI_DB_mssql_utility
- CI_DB_mysql_driver
- CI_DB_mysql_forge
- CI_DB_mysql_result
- CI_DB_mysql_utility
- CI_DB_mysqli_driver
- CI_DB_mysqli_forge
- CI_DB_mysqli_result
- CI_DB_mysqli_utility
- CI_DB_oci8_driver
- CI_DB_oci8_forge
- CI_DB_oci8_result
- CI_DB_oci8_utility
- CI_DB_odbc_driver
- CI_DB_odbc_forge
- CI_DB_odbc_result
- CI_DB_odbc_utility
- CI_DB_pdo_driver
- CI_DB_pdo_forge
- CI_DB_pdo_result
- CI_DB_pdo_utility
- CI_DB_postgre_driver
- CI_DB_postgre_forge
- CI_DB_postgre_result
- CI_DB_postgre_utility
- CI_DB_result
- CI_DB_sqlite_driver
- CI_DB_sqlite_forge
- CI_DB_sqlite_result
- CI_DB_sqlite_utility
- CI_DB_sqlsrv_driver
- CI_DB_sqlsrv_forge
- CI_DB_sqlsrv_result
- CI_DB_sqlsrv_utility
- CI_DB_utility
- CI_Driver
- CI_Driver_Library
- CI_Email
- CI_Encrypt
- CI_Exceptions
- CI_Form_validation
- CI_FTP
- CI_Hooks
- CI_Image_lib
- CI_Input
- CI_Javascript
- CI_Jquery
- CI_Lang
- CI_Loader
- CI_Log
- CI_Migration
- CI_Model
- CI_Output
- CI_Pagination
- CI_Parser
- CI_Profiler
- CI_Router
- CI_Security
- CI_Session
- CI_SHA1
- CI_Table
- CI_Trackback
- CI_Typography
- CI_Unit_test
- CI_Upload
- CI_URI
- CI_User_agent
- CI_Utf8
- CI_Xmlrpc
- CI_Xmlrpcs
- CI_Zip
- Comments_model
- CommercialContent_model
- Components
- Components_model
- Credits_model
- Dashboard
- DevTools
- Download
- Faq
- Featrequest_lib
- Feats
- Feats_model
- FormatterAbstract
- Framework_Controller
- Json_Response
- Local
- Main
- Notification_Formatter
- Notifications_model
- OAUTH_ALGORITHMS
- People
- Points_lib
- Projects
- Search
- SeenContent_model
- Services_Soundcloud
- Services_Soundcloud_Version
- Settings
- Showcases
- Tabs
- Template
- Tools
- UsageNotification
- Users
- Users_lib
- Users_model
- Videos
- vimeo_oauth
- Voices
- XML_RPC_Client
- XML_RPC_Message
- XML_RPC_Response
- XML_RPC_Values
- Exception
- FacebookApiException
- Services_Soundcloud_Invalid_Http_Response_Code_Exception
- Services_Soundcloud_Missing_Client_Id_Exception
- Services_Soundcloud_Unsupported_Audio_Format_Exception
- Services_Soundcloud_Unsupported_Response_Format_Exception
- _attributes_to_string
- _exception_handler
- _get_smiley_array
- _get_validation_object
- _list
- _parse_attributes
- _parse_form_attributes
- alternator
- anchor
- anchor_popup
- ascii_to_entities
- auto_link
- auto_typography
- base64_url_decode
- base_url
- bitly
- br
- build_auth_array
- build_auth_string
- byte_format
- c
- camelize
- canonical_timediff
- character_limiter
- ci_factory
- config_item
- convert_accented_characters
- create_captcha
- curl
- currencyToFloat
- current_url
- days_in_month
- DB
- delete_cookie
- delete_files
- directory_map
- do_hash
- doctype
- element
- elements
- ellipsize
- encode_php_tags
- entities_to_ascii
- entity_decode
- force_download
- form_button
- form_checkbox
- form_close
- form_dropdown
- form_error
- form_fieldset
- form_fieldset_close
- form_hidden
- form_input
- form_label
- form_multiselect
- form_open
- form_open_multipart
- form_password
- form_prep
- form_radio
- form_reset
- form_submit
- form_textarea
- form_upload
- get_auth_header
- get_categories_select
- get_clickable_smileys
- get_config
- get_cookie
- get_country_list
- get_dir_file_info
- get_file_info
- get_filenames
- get_instance
- get_language_select
- get_licences_select
- get_mime_by_extension
- gmt_to_local
- heading
- highlight_code
- highlight_phrase
- html_escape
- human_to_unix
- humanize
- img
- increment_string
- index_page
- is_false
- is_loaded
- is_php
- is_really_writable
- is_true
- js_insert_smiley
- lang
- link_tag
- load_class
- local_to_gmt
- log_message
- mailto
- mdate
- meta
- mysql_to_unix
- nbs
- nl2br_except_pre
- now
- octal_permissions
- ol
- parse_signed_request
- parse_smileys
- parseiOSversions
- plural
- prep_url
- quotes_to_entities
- random_element
- random_string
- read_file
- redirect
- reduce_double_slashes
- reduce_multiples
- remove_invisible_characters
- repeater
- safe_mailto
- sanitize_filename
- sec2min
- send_email
- set_checkbox
- set_cookie
- set_radio
- set_realpath
- set_select
- set_status_header
- set_value
- show_404
- show_comment
- show_error
- sign_hmac_sha1
- sign_rsa_sha1
- since
- singular
- site_url
- smiley_js
- standard_date
- strip_image_tags
- strip_quotes
- strip_slashes
- symbolic_permissions
- timespan
- timezone_menu
- timezones
- trim_slashes
- ul
- underscore
- unix_to_human
- uri_string
- url_title
- user
- user_favorite_list
- user_followed_list
- username
- valid_email
- validation_errors
- word_censor
- word_limiter
- word_wrap
- write_file
- xml_convert
- xss_clean