Gitee
\
Acme
app
index
controller
Composer
Autoload
GuzzleHttp
Cookie
Exception
Handler
Promise
Psr7
JPush
Exceptions
Tests
Monolog
Formatter
Handler
Curl
FingersCrossed
Slack
SyslogUdp
Processor
Obs
Common
Log
S3
Resource
Signature
OSS
Core
Http
Model
Result
Tests
Psr
Http
Message
Log
Test

\CI_Input

Input Class

Pre-processes global input data for security

Summary

Methods
Properties
Constants
__construct()
get()
post()
post_get()
get_post()
cookie()
server()
input_stream()
set_cookie()
ip_address()
valid_ip()
user_agent()
request_headers()
get_request_header()
is_ajax_request()
is_cli_request()
method()
__get()
No public properties found
No constants found
_fetch_from_array()
_sanitize_globals()
_clean_input_data()
_clean_input_keys()
$ip_address
$_allow_get_array
$_standardize_newlines
$_enable_xss
$_enable_csrf
$headers
$_raw_input_stream
$_input_stream
$security
$uni
N/A
No private methods found
No private properties found
N/A

Properties

$ip_address

$ip_address : string

IP address of the current user

Type

string

$_allow_get_array

$_allow_get_array : boolean

Allow GET array flag

If set to FALSE, then $_GET will be set to an empty array.

Type

boolean

$_standardize_newlines

$_standardize_newlines : boolean

Standardize new lines flag

If set to TRUE, then newlines are standardized.

Type

boolean

$_enable_xss

$_enable_xss : boolean

Enable XSS flag

Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered. Set automatically based on config setting.

Type

boolean

$_enable_csrf

$_enable_csrf : boolean

Enable CSRF flag

Enables a CSRF cookie token to be set. Set automatically based on config setting.

Type

boolean

$headers

$headers : array

List of all HTTP request headers

Type

array

$_raw_input_stream

$_raw_input_stream : string

Raw input stream data

Holds a cache of php://input contents

Type

string

$_input_stream

$_input_stream : array

Parsed input stream data

Parsed from php://input at runtime

Type

array

$security

$security :

Type

$uni

$uni :

Type

Methods

__construct()

__construct() : void

Class constructor

Determines whether to globally enable the XSS processing and whether to allow the $_GET array.

get()

get(mixed  $index = NULL, boolean  $xss_clean = NULL) : mixed

Fetch an item from the GET array

Parameters

mixed $index

Index for item to be fetched from $_GET
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

post()

post(mixed  $index = NULL, boolean  $xss_clean = NULL) : mixed

Fetch an item from the POST array

Parameters

mixed $index

Index for item to be fetched from $_POST
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

post_get()

post_get(string  $index, boolean  $xss_clean = NULL) : mixed

Fetch an item from POST data with fallback to GET

Parameters

string $index

Index for item to be fetched from $_POST or $_GET
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

get_post()

get_post(string  $index, boolean  $xss_clean = NULL) : mixed

Fetch an item from GET data with fallback to POST

Parameters

string $index

Index for item to be fetched from $_GET or $_POST
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

cookie()

cookie(mixed  $index = NULL, boolean  $xss_clean = NULL) : mixed

Fetch an item from the COOKIE array

Parameters

mixed $index

Index for item to be fetched from $_COOKIE
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

server()

server(mixed  $index, boolean  $xss_clean = NULL) : mixed

Fetch an item from the SERVER array

Parameters

mixed $index

Index for item to be fetched from $_SERVER
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

input_stream()

input_stream(string  $index = NULL, boolean  $xss_clean = NULL) : mixed

Fetch an item from the php://input stream

Useful when you need to access PUT, DELETE or PATCH request data.

Parameters

string $index

Index for item to be fetched
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

set_cookie()

set_cookie(string|array<mixed,mixed>  $name, string  $value = '', integer  $expire = '', string  $domain = '', string  $path = '/', string  $prefix = '', boolean  $secure = NULL, boolean  $httponly = NULL) : void

Set cookie

Accepts an arbitrary number of parameters (up to 7) or an associative array in the first parameter containing all the values.

Parameters

string|array<mixed,mixed> $name

Cookie name or an array containing parameters
string $value

Cookie value
integer $expire

Cookie expiration time in seconds
string $domain

Cookie domain (e.g.: '.yourdomain.com')
string $path

Cookie path (default: '/')
string $prefix

Cookie name prefix
boolean $secure

Whether to only transfer cookies via SSL
boolean $httponly

Whether to only makes the cookie accessible via HTTP (no javascript)

ip_address()

ip_address() : string

Fetch the IP Address

Determines and validates the visitor's IP address.

Returns

string —

IP address

valid_ip()

valid_ip(string  $ip, string  $which = '') : boolean

Validate IP Address

Parameters

string $ip

IP address
string $which

IP protocol: 'ipv4' or 'ipv6'

Returns

boolean

user_agent()

user_agent(  $xss_clean = NULL) : string|null

Fetch User Agent string

Parameters

$xss_clean

Returns

string|null —

User Agent string or NULL if it doesn't exist

request_headers()

request_headers(boolean  $xss_clean = FALSE) : array

Request Headers

Parameters

boolean $xss_clean

Whether to apply XSS filtering

Returns

array

get_request_header()

get_request_header(string  $index, boolean  $xss_clean = FALSE) : string|null

Get Request Header

Returns the value of a single member of the headers class member

Parameters

string $index

Header name
boolean $xss_clean

Whether to apply XSS filtering

Returns

string|null —

The requested header on success or NULL on failure

is_ajax_request()

is_ajax_request() : boolean

Is AJAX request?

Test to see if a request contains the HTTP_X_REQUESTED_WITH header.

Returns

boolean

is_cli_request()

is_cli_request() : boolean

Is CLI request?

Test to see if a request was made from the command line.

Returns

boolean

method()

method(boolean  $upper = FALSE) : string

Get Request Method

Return the request method

Parameters

boolean $upper

Whether to return in upper or lower case (default: FALSE)

Returns

string

__get()

__get(string  $name) : mixed

Magic __get()

Allows read access to protected properties

Parameters

string $name

Returns

mixed

_fetch_from_array()

_fetch_from_array(  $array, mixed  $index = NULL, boolean  $xss_clean = NULL) : mixed

Fetch from array

Internal method used to retrieve values from global arrays.

Parameters

$array
mixed $index

Index for item to be fetched from $array
boolean $xss_clean

Whether to apply XSS filtering

Returns

mixed

_sanitize_globals()

_sanitize_globals() : void

Sanitize Globals

Internal method serving for the following purposes:

  • Unsets $_GET data, if query strings are not enabled
  • Cleans POST, COOKIE and SERVER data
    • Standardizes newline characters to PHP_EOL

_clean_input_data()

_clean_input_data(string|array<mixed,string>  $str) : string

Clean Input Data

Internal method that aids in escaping data and standardizing newline characters to PHP_EOL.

Parameters

string|array<mixed,string> $str

Input string(s)

Returns

string

_clean_input_keys()

_clean_input_keys(string  $str, boolean  $fatal = TRUE) : string|boolean

Clean Keys

Internal method that helps to prevent malicious users from trying to exploit keys we make sure that keys are only named with alpha-numeric text and a few other items.

Parameters

string $str

Input string
boolean $fatal

Whether to terminate script exection or to return FALSE if an invalid key is encountered

Returns

string|boolean