summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/core/Input.php83
-rw-r--r--user_guide/changelog.html1
-rw-r--r--user_guide/libraries/input.html8
3 files changed, 90 insertions, 2 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index 0ce2d893a..52ea71bc5 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -35,6 +35,9 @@ class CI_Input {
var $_enable_xss = FALSE; // Set automatically based on config setting
var $_enable_csrf = FALSE; // Set automatically based on config setting
+ protected $headers = array();
+
+
/**
* Constructor
*
@@ -378,8 +381,10 @@ class CI_Input {
function _sanitize_globals()
{
// It would be "wrong" to unset any of these GLOBALS.
- $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
- 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN');
+ $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
+ '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
+ 'system_folder', 'application_folder', 'BM', 'EXT',
+ 'CFG', 'URI', 'RTR', 'OUT', 'IN');
// Unset globals for securiy.
// This is effectively the same as register_globals = off
@@ -545,6 +550,80 @@ class CI_Input {
return $str;
}
+ // --------------------------------------------------------------------
+
+ /**
+ * Request Headers
+ *
+ * In Apache, you can simply call apache_request_headers(), however for
+ * people running other webservers the function is undefined.
+ *
+ * @return array
+ */
+ public function request_headers($xss_clean = FALSE)
+ {
+ // Look at Apache go!
+ if (function_exists('apache_request_headers'))
+ {
+ $headers = apache_request_headers();
+ }
+ else
+ {
+ $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+
+ foreach ($_SERVER as $key => $val)
+ {
+ if (strncmp($key, 'HTTP_', 5) === 0)
+ {
+ $headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
+ }
+ }
+ }
+
+ // take SOME_HEADER and turn it into Some-Header
+ foreach ($headers as $key => $val)
+ {
+ $key = str_replace('_', ' ', strtolower($key));
+ $key = str_replace(' ', '-', ucwords($key));
+
+ $this->headers[$key] = $val;
+ }
+
+ return $this->headers;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Get Request Header
+ *
+ * Returns the value of a single member of the headers class member
+ *
+ * @param string array key for $this->headers
+ * @param boolean XSS Clean or not
+ * @return mixed FALSE on failure, string on success
+ */
+ public function get_request_header($index, $xss_clean = FALSE)
+ {
+ if (empty($this->headers))
+ {
+ $this->request_headers();
+ }
+
+ if ( ! isset($this->headers[$index]))
+ {
+ return FALSE;
+ }
+
+ if ($xss_clean === TRUE)
+ {
+ $_security =& load_class('Security');
+ return $_security->xss_clean($this->headers[$index]);
+ }
+
+ return $this->headers[$index];
+ }
+
}
// END Input class
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 56f750be8..d5bf1b77d 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -108,6 +108,7 @@ Hg Tag: </p>
Please see the <a href="./installation/upgrade_200.html">upgrade instructions</a> for details.</li>
<li>Altered Form_Validation library to allow for method chaining on <kbd>set_rules()</kbd>, <kbd>set_message()</kbd> and <kbd>set_error_delimiters()</kbd> functions.</li>
<li>Altered Email Library to allow for method chaining.</li>
+ <li>Added <kbd>request_headers()</kbd> and <kbd>get_request_header</kbd> to the input class.</li>
</ul>
</li>
<li>Database
diff --git a/user_guide/libraries/input.html b/user_guide/libraries/input.html
index 4c12fd7b0..704421331 100644
--- a/user_guide/libraries/input.html
+++ b/user_guide/libraries/input.html
@@ -233,7 +233,15 @@ else<br />
<code>echo $this->input->user_agent();</code>
+<h2>$this->input->request_headers()</h2>
+<p>Useful if running in a non-Apache environment where <a href="http://php.net/apache_request_headers">apache_request_headers()</a> will not be supported. Returns an array of headers.</p>
+<code>$headers = $this->input->request_headers();</code>
+
+<h2>$this->input->get_request_header();</h2>
+<p>Returns a single
+
+<code>$this->input->get_request_header('some-header', TRUE);</code>
</div>
<!-- END CONTENT -->