summaryrefslogtreecommitdiffstats
path: root/system/core/Input.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/core/Input.php')
-rwxr-xr-x[-rw-r--r--]system/core/Input.php75
1 files changed, 58 insertions, 17 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index cfbef942d..9bfb5f1fb 100644..100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -28,15 +28,51 @@
*/
class CI_Input {
+ /**
+ * IP address of the current user
+ *
+ * @var string
+ */
var $ip_address = FALSE;
+ /**
+ * user agent (web browser) being used by the current user
+ *
+ * @var string
+ */
var $user_agent = FALSE;
+ /**
+ * If FALSE, then $_GET will be set to an empty array
+ *
+ * @var bool
+ */
var $_allow_get_array = TRUE;
+ /**
+ * If TRUE, then newlines are standardized
+ *
+ * @var bool
+ */
var $_standardize_newlines = TRUE;
- var $_enable_xss = FALSE; // Set automatically based on config setting
- var $_enable_csrf = FALSE; // Set automatically based on config setting
-
+ /**
+ * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered
+ * Set automatically based on config setting
+ *
+ * @var bool
+ */
+ var $_enable_xss = FALSE;
+ /**
+ * Enables a CSRF cookie token to be set.
+ * Set automatically based on config setting
+ *
+ * @var bool
+ */
+ var $_enable_csrf = FALSE;
+ /**
+ * List of all HTTP request headers
+ *
+ * @var array
+ */
protected $headers = array();
-
+
/**
* Constructor
@@ -147,7 +183,7 @@ class CI_Input {
}
return $post;
}
-
+
return $this->_fetch_from_array($_POST, $index, $xss_clean);
}
@@ -402,9 +438,9 @@ class CI_Input {
function _sanitize_globals()
{
// It would be "wrong" to unset any of these GLOBALS.
- $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
+ $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
'_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
- 'system_folder', 'application_folder', 'BM', 'EXT',
+ 'system_folder', 'application_folder', 'BM', 'EXT',
'CFG', 'URI', 'RTR', 'OUT', 'IN');
// Unset globals for securiy.
@@ -512,8 +548,12 @@ class CI_Input {
return $new_array;
}
- // We strip slashes if magic quotes is on to keep things consistent
- if (function_exists('get_magic_quotes_gpc') AND get_magic_quotes_gpc())
+ /* We strip slashes if magic quotes is on to keep things consistent
+
+ NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and
+ it will probably not exist in future versions at all.
+ */
+ if ( ! is_php('5.4') && get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
@@ -523,7 +563,7 @@ class CI_Input {
{
$str = $this->uni->clean_string($str);
}
-
+
// Remove control characters
$str = remove_invisible_characters($str);
@@ -579,9 +619,11 @@ class CI_Input {
/**
* Request Headers
*
- * In Apache, you can simply call apache_request_headers(), however for
+ * In Apache, you can simply call apache_request_headers(), however for
* people running other webservers the function is undefined.
*
+ * @param bool XSS cleaning
+ *
* @return array
*/
public function request_headers($xss_clean = FALSE)
@@ -609,10 +651,10 @@ class CI_Input {
{
$key = str_replace('_', ' ', strtolower($key));
$key = str_replace(' ', '-', ucwords($key));
-
+
$this->headers[$key] = $val;
}
-
+
return $this->headers;
}
@@ -633,7 +675,7 @@ class CI_Input {
{
$this->request_headers();
}
-
+
if ( ! isset($this->headers[$index]))
{
return FALSE;
@@ -644,7 +686,7 @@ class CI_Input {
return $this->security->xss_clean($this->headers[$index]);
}
- return $this->headers[$index];
+ return $this->headers[$index];
}
// --------------------------------------------------------------------
@@ -676,7 +718,6 @@ class CI_Input {
}
}
-// END Input class
/* End of file Input.php */
-/* Location: ./system/core/Input.php */
+/* Location: ./system/core/Input.php */ \ No newline at end of file