summaryrefslogtreecommitdiffstats
path: root/system/core/Input.php
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2011-08-15 18:00:53 +0200
committerPhil Sturgeon <email@philsturgeon.co.uk>2011-08-15 18:00:53 +0200
commit4fbda2a8814be5837ad3928c5e3cb8506bf8ab2a (patch)
tree89a5360e805bd2b68771630f45801e67bd95775e /system/core/Input.php
parentdbac73b4011a85c4ac3b3a7a6a8e30533b881155 (diff)
parent08d186492af82a7087c0a45a80b7e8d469c83292 (diff)
Merge branch 'develop' of github.com:philsturgeon/codeigniter-reactor into develop
Diffstat (limited to 'system/core/Input.php')
-rwxr-xr-x[-rw-r--r--]system/core/Input.php64
1 files changed, 51 insertions, 13 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index cfbef942d..5a033e7b8 100644..100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -28,15 +28,51 @@
*/
class CI_Input {
+ /**
+ * IP address of the current user
+ *
+ * @var string
+ */
var $ip_address = FALSE;
+ /**
+ * user agent (web browser) being used by the current user
+ *
+ * @var string
+ */
var $user_agent = FALSE;
+ /**
+ * If FALSE, then $_GET will be set to an empty array
+ *
+ * @var bool
+ */
var $_allow_get_array = TRUE;
+ /**
+ * If TRUE, then newlines are standardized
+ *
+ * @var bool
+ */
var $_standardize_newlines = TRUE;
- var $_enable_xss = FALSE; // Set automatically based on config setting
- var $_enable_csrf = FALSE; // Set automatically based on config setting
-
+ /**
+ * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered
+ * Set automatically based on config setting
+ *
+ * @var bool
+ */
+ var $_enable_xss = FALSE;
+ /**
+ * Enables a CSRF cookie token to be set.
+ * Set automatically based on config setting
+ *
+ * @var bool
+ */
+ var $_enable_csrf = FALSE;
+ /**
+ * List of all HTTP request headers
+ *
+ * @var array
+ */
protected $headers = array();
-
+
/**
* Constructor
@@ -147,7 +183,7 @@ class CI_Input {
}
return $post;
}
-
+
return $this->_fetch_from_array($_POST, $index, $xss_clean);
}
@@ -402,9 +438,9 @@ class CI_Input {
function _sanitize_globals()
{
// It would be "wrong" to unset any of these GLOBALS.
- $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
+ $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
'_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
- 'system_folder', 'application_folder', 'BM', 'EXT',
+ 'system_folder', 'application_folder', 'BM', 'EXT',
'CFG', 'URI', 'RTR', 'OUT', 'IN');
// Unset globals for securiy.
@@ -523,7 +559,7 @@ class CI_Input {
{
$str = $this->uni->clean_string($str);
}
-
+
// Remove control characters
$str = remove_invisible_characters($str);
@@ -579,9 +615,11 @@ class CI_Input {
/**
* Request Headers
*
- * In Apache, you can simply call apache_request_headers(), however for
+ * In Apache, you can simply call apache_request_headers(), however for
* people running other webservers the function is undefined.
*
+ * @param bool XSS cleaning
+ *
* @return array
*/
public function request_headers($xss_clean = FALSE)
@@ -609,10 +647,10 @@ class CI_Input {
{
$key = str_replace('_', ' ', strtolower($key));
$key = str_replace(' ', '-', ucwords($key));
-
+
$this->headers[$key] = $val;
}
-
+
return $this->headers;
}
@@ -633,7 +671,7 @@ class CI_Input {
{
$this->request_headers();
}
-
+
if ( ! isset($this->headers[$index]))
{
return FALSE;
@@ -644,7 +682,7 @@ class CI_Input {
return $this->security->xss_clean($this->headers[$index]);
}
- return $this->headers[$index];
+ return $this->headers[$index];
}
// --------------------------------------------------------------------