diff options
author | Master Yoda <jim_parry@bcit.ca> | 2015-03-07 01:09:48 +0100 |
---|---|---|
committer | Master Yoda <jim_parry@bcit.ca> | 2015-03-07 01:09:48 +0100 |
commit | d46085b99398b08c8620fdcefd8cf0e88408147d (patch) | |
tree | 939d3c0e26f1aaa8ead59e6a88e592f3ea9b3faa /user_guide_src/source/libraries/input.rst | |
parent | 7762c59b50b39f00660c820171a647ea6935a93e (diff) | |
parent | 3b526f46f5f28bc15a3402a895538777056cc9f3 (diff) |
Merge branch 'develop' of https://github.com/bcit-ci/CodeIgniter into fix/housekeeping
Diffstat (limited to 'user_guide_src/source/libraries/input.rst')
-rw-r--r-- | user_guide_src/source/libraries/input.rst | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 967f69d13..d9c6c2dd1 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -53,6 +53,10 @@ this:: Please refer to the :doc:`Security class <security>` documentation for information on using XSS Filtering in your application. +.. important:: The 'global_xss_filtering' setting is DEPRECATED and kept + solely for backwards-compatibility purposes. XSS escaping should + be performed on *output*, not *input*! + ******************* Accessing form data ******************* @@ -91,8 +95,14 @@ the ``$_POST`` array, because it will always exist and you can try and access multiple variables without caring that you might only have one shot at all of the POST data. -CodeIgniter will take care of that for you, and you can access data -from the **php://input** stream at any time, just by calling the +CodeIgniter will take care of that for you, and you can read the data +from the **php://input** stream at any time, just by using the +``$raw_input_stream`` property:: + + $this->input->raw_input_stream; + +Additionally if the input stream is form-encoded like $_POST you can +access its values by calling the ``input_stream()`` method:: $this->input->input_stream('key'); @@ -114,6 +124,12 @@ Class Reference .. php:class:: CI_Input + .. attribute:: $raw_input_stream + + Read only property that will return php://input data as is. + + The property can be read multiple times. + .. php:method:: post([$index = NULL[, $xss_clean = NULL]]) :param mixed $index: POST parameter name |