summaryrefslogtreecommitdiffstats
path: root/system/core/Input.php
diff options
context:
space:
mode:
authorGreg Aker <greg@gregaker.net>2011-08-20 20:58:37 +0200
committerGreg Aker <greg@gregaker.net>2011-08-20 20:58:37 +0200
commit394d8c5bd3e04bd7992793ca7c648f4306a9539d (patch)
treed061b4339f2c3f30428256efae741ab04fd2bf6e /system/core/Input.php
parent43194ea1af658914a89ca49aed4dca4617b9c4ff (diff)
parentd56be70257696d0bbf2dcc880888d8dc17cba21c (diff)
Merge branch 'develop' of github.com:EllisLab/CodeIgniter into develop
Diffstat (limited to 'system/core/Input.php')
-rwxr-xr-x[-rw-r--r--]system/core/Input.php64
1 files changed, 51 insertions, 13 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index cfbef942d..5a033e7b8 100644..100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -28,15 +28,51 @@
*/
class CI_Input {
+ /**
+ * IP address of the current user
+ *
+ * @var string
+ */
var $ip_address = FALSE;
+ /**
+ * user agent (web browser) being used by the current user
+ *
+ * @var string
+ */
var $user_agent = FALSE;
+ /**
+ * If FALSE, then $_GET will be set to an empty array
+ *
+ * @var bool
+ */
var $_allow_get_array = TRUE;
+ /**
+ * If TRUE, then newlines are standardized
+ *
+ * @var bool
+ */
var $_standardize_newlines = TRUE;
- var $_enable_xss = FALSE; // Set automatically based on config setting
- var $_enable_csrf = FALSE; // Set automatically based on config setting
-
+ /**
+ * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered
+ * Set automatically based on config setting
+ *
+ * @var bool
+ */
+ var $_enable_xss = FALSE;
+ /**
+ * Enables a CSRF cookie token to be set.
+ * Set automatically based on config setting
+ *
+ * @var bool
+ */
+ var $_enable_csrf = FALSE;
+ /**
+ * List of all HTTP request headers
+ *
+ * @var array
+ */
protected $headers = array();
-
+
/**
* Constructor
@@ -147,7 +183,7 @@ class CI_Input {
}
return $post;
}
-
+
return $this->_fetch_from_array($_POST, $index, $xss_clean);
}
@@ -402,9 +438,9 @@ class CI_Input {
function _sanitize_globals()
{
// It would be "wrong" to unset any of these GLOBALS.
- $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
+ $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
'_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
- 'system_folder', 'application_folder', 'BM', 'EXT',
+ 'system_folder', 'application_folder', 'BM', 'EXT',
'CFG', 'URI', 'RTR', 'OUT', 'IN');
// Unset globals for securiy.
@@ -523,7 +559,7 @@ class CI_Input {
{
$str = $this->uni->clean_string($str);
}
-
+
// Remove control characters
$str = remove_invisible_characters($str);
@@ -579,9 +615,11 @@ class CI_Input {
/**
* Request Headers
*
- * In Apache, you can simply call apache_request_headers(), however for
+ * In Apache, you can simply call apache_request_headers(), however for
* people running other webservers the function is undefined.
*
+ * @param bool XSS cleaning
+ *
* @return array
*/
public function request_headers($xss_clean = FALSE)
@@ -609,10 +647,10 @@ class CI_Input {
{
$key = str_replace('_', ' ', strtolower($key));
$key = str_replace(' ', '-', ucwords($key));
-
+
$this->headers[$key] = $val;
}
-
+
return $this->headers;
}
@@ -633,7 +671,7 @@ class CI_Input {
{
$this->request_headers();
}
-
+
if ( ! isset($this->headers[$index]))
{
return FALSE;
@@ -644,7 +682,7 @@ class CI_Input {
return $this->security->xss_clean($this->headers[$index]);
}
- return $this->headers[$index];
+ return $this->headers[$index];
}
// --------------------------------------------------------------------