summaryrefslogtreecommitdiffstats
path: root/user_guide/libraries/input.html
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide/libraries/input.html')
-rw-r--r--user_guide/libraries/input.html86
1 files changed, 56 insertions, 30 deletions
diff --git a/user_guide/libraries/input.html b/user_guide/libraries/input.html
index 552c49afd..6070b6c48 100644
--- a/user_guide/libraries/input.html
+++ b/user_guide/libraries/input.html
@@ -28,7 +28,7 @@
<div id="masthead">
<table cellpadding="0" cellspacing="0" border="0" style="width:100%">
<tr>
-<td><h1>CodeIgniter User Guide Version 2.0.0</h1></td>
+<td><h1>CodeIgniter User Guide Version 2.0.2</h1></td>
<td id="breadcrumb_right"><a href="../toc.html">Table of Contents Page</a></td>
</tr>
</table>
@@ -70,20 +70,20 @@ Input Class
<h2>Security Filtering</h2>
-<p>The security filtering function is called automatically when a new <a href="../general/controllers.html">controller</a> is invoked. It does the following:</p>
+<p>The security filtering function is called automatically when a new <a href="../general/controllers.html">controller</a> is invoked. It does the following:</p>
<ul>
-<li>Destroys the global GET array. Since CodeIgniter does not utilize GET strings, there is no reason to allow it.</li>
+<li>Destroys the global GET array. Since CodeIgniter does not utilize GET strings, there is no reason to allow it.</li>
<li>Destroys all global variables in the event register_globals is turned on.</li>
<li>Filters the POST/COOKIE array keys, permitting only alpha-numeric (and a few other) characters.</li>
-<li>Provides XSS (Cross-site Scripting Hacks) filtering. This can be enabled globally, or upon request.</li>
+<li>Provides XSS (Cross-site Scripting Hacks) filtering. This can be enabled globally, or upon request.</li>
<li>Standardizes newline characters to \n</li>
</ul>
<h2>XSS Filtering</h2>
-<p>The Input class has the ability to filter input automatically to prevent cross-site scripting attacks. If you want the filter to run automatically every time it encounters POST or COOKIE data you can enable it by opening your
+<p>The Input class has the ability to filter input automatically to prevent cross-site scripting attacks. If you want the filter to run automatically every time it encounters POST or COOKIE data you can enable it by opening your
<kbd>application/config/config.php</kbd> file and setting this:</p>
<code>$config['global_xss_filtering'] = TRUE;</code>
@@ -93,9 +93,9 @@ Input Class
<h2>Using POST, COOKIE, or SERVER Data</h2>
-<p>CodeIgniter comes with three helper functions that let you fetch POST, COOKIE or SERVER items. The main advantage of using the provided
+<p>CodeIgniter comes with three helper functions that let you fetch POST, COOKIE or SERVER items. The main advantage of using the provided
functions rather than fetching an item directly ($_POST['something']) is that the functions will check to see if the item is set and
-return false (boolean) if not. This lets you conveniently use data without having to test whether an item exists first.
+return false (boolean) if not. This lets you conveniently use data without having to test whether an item exists first.
In other words, normally you might do something like this:</p>
<code>
@@ -128,16 +128,36 @@ else<br />
<p>The function returns FALSE (boolean) if the item you are attempting to retrieve does not exist.</p>
-<p>The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;</p>
+<p>The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;</p>
<code>$this->input->post('some_data', TRUE);</code>
+<p>To return an array of all POST items call without any parameters.</p>
+<p>To return all POST items and pass them through the XSS filter leave the first parameter blank while setting the second parameter to boolean;</p>
+<p>The function returns FALSE (boolean) if there are no items in the POST.</p>
+
+<code>
+ $this->input->post(); // returns all POST items with XSS filter
+ <br />
+ $this->input->post(NULL, FALSE); // returns all POST items without XSS
+</code>
+
<h2>$this->input->get()</h2>
<p>This function is identical to the post function, only it fetches get data:</p>
<code>$this->input->get('some_data', TRUE);</code>
+<p>To return an array of all GET items call without any parameters.</p>
+<p>To return all GET items and pass them through the XSS filter leave the first parameter blank while setting the second parameter to boolean;</p>
+<p>The function returns FALSE (boolean) if there are no items in the GET.</p>
+
+<code>
+ $this->input->get(); // returns all GET items with XSS filter
+ <br />
+ $this->input->get(NULL, FALSE); // returns all GET items without XSS filtering
+</code>
+
<h2>$this->input->get_post()</h2>
<p>This function will search through both the post and get streams for data, looking first in post, and then in get:</p>
@@ -159,7 +179,7 @@ else<br />
<h2>$this->input->set_cookie()</h2>
-<p>Sets a cookie containing the values you specify. There are two ways to pass information to this function so that a cookie can be set:
+<p>Sets a cookie containing the values you specify. There are two ways to pass information to this function so that a cookie can be set:
Array Method, and Discrete Parameters:</p>
<h4>Array Method</h4>
@@ -167,13 +187,14 @@ Array Method, and Discrete Parameters:</p>
<p>Using this method, an associative array is passed to the first parameter:</p>
<code>$cookie = array(<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'name'&nbsp;&nbsp;&nbsp;=> 'The Cookie Name',<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'value'&nbsp;&nbsp;=> 'The Value',<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'expire' => '86500',<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'domain' => '.some-domain.com',<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'path'&nbsp;&nbsp;&nbsp;=> '/',<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'prefix' => 'myprefix_',<br />
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;);<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'name'&nbsp;&nbsp;&nbsp;=> 'The Cookie Name',<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'value'&nbsp;&nbsp;=> 'The Value',<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'expire' => '86500',<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'domain' => '.some-domain.com',<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'path'&nbsp;&nbsp;&nbsp;=> '/',<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'prefix' => 'myprefix_',<br />
+&nbsp;&nbsp;&nbsp;&nbsp;'secure' => TRUE<br />
+);<br />
<br />
$this->input->set_cookie($cookie);
</code>
@@ -182,40 +203,41 @@ $this->input->set_cookie($cookie);
<p>Only the name and value are required. To delete a cookie set it with the expiration blank.</p>
-<p>The expiration is set in <strong>seconds</strong>, which will be added to the current time. Do not include the time, but rather only the
-number of seconds from <em>now</em> that you wish the cookie to be valid. If the expiration is set to
+<p>The expiration is set in <strong>seconds</strong>, which will be added to the current time. Do not include the time, but rather only the
+number of seconds from <em>now</em> that you wish the cookie to be valid. If the expiration is set to
zero the cookie will only last as long as the browser is open.</p>
-<p>For site-wide cookies regardless of how your site is requested, add your URL to the <strong>domain</strong> starting with a period, like this: .your-domain.com</p>
+<p>For site-wide cookies regardless of how your site is requested, add your URL to the <strong>domain</strong> starting with a period, like this: .your-domain.com</p>
<p>The path is usually not needed since the function sets a root path.</p>
<p>The prefix is only needed if you need to avoid name collisions with other identically named cookies for your server.</p>
+<p>The secure boolean is only needed if you want to make it a secure cookie by setting it to TRUE.</p>
<h4>Discrete Parameters</h4>
<p>If you prefer, you can set the cookie by passing data using individual parameters:</p>
-<code>$this->input->set_cookie($name, $value, $expire, $domain, $path, $prefix);</code>
+<code>$this->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure);</code>
-<h2>$this->input->get_cookie()</h2>
+<h2>$this->input->cookie()</h2>
-<p>Lets you fetch a cookie. The first parameter will contain the name of the cookie you are looking for (including any prefixes):</p>
+<p>Lets you fetch a cookie. The first parameter will contain the name of the cookie you are looking for (including any prefixes):</p>
-<code>get_cookie('some_cookie');</code>
+<code>cookie('some_cookie');</code>
<p>The function returns FALSE (boolean) if the item you are attempting to retrieve does not exist.</p>
-<p>The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;</p>
+<p>The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;</p>
-<p><code>get_cookie('some_cookie', TRUE);</code></p>
+<p><code>cookie('some_cookie', TRUE);</code></p>
<h2>$this->input->ip_address()</h2>
-<p>Returns the IP address for the current user. If the IP address is not valid, the function will return an IP of: 0.0.0.0</p>
+<p>Returns the IP address for the current user. If the IP address is not valid, the function will return an IP of: 0.0.0.0</p>
<code>echo $this->input->ip_address();</code>
<h2>$this->input->valid_ip(<var>$ip</var>)</h2>
-<p>Takes an IP address as input and returns TRUE or FALSE (boolean) if it is valid or not. Note: The $this->input->ip_address() function above
+<p>Takes an IP address as input and returns TRUE or FALSE (boolean) if it is valid or not. Note: The $this->input->ip_address() function above
validates the IP automatically.</p>
<code>if ( ! $this-&gt;input-&gt;valid_ip($ip))<br />
@@ -231,10 +253,10 @@ else<br />
<h2>$this->input->user_agent()</h2>
<p>Returns the user agent (web browser) being used by the current user. Returns FALSE if it's not available.</p>
<code>echo $this->input->user_agent();</code>
-
+<p>See the <a href="user_agent.html">User Agent Class</a> for methods which extract information from the user agent string.</p>
<h2>$this->input->request_headers()</h2>
-<p>Useful if running in a non-Apache environment where <a href="http://php.net/apache_request_headers">apache_request_headers()</a> will not be supported. Returns an array of headers.</p>
+<p>Useful if running in a non-Apache environment where <a href="http://php.net/apache_request_headers">apache_request_headers()</a> will not be supported. Returns an array of headers.</p>
<code>$headers = $this->input->request_headers();</code>
@@ -247,7 +269,11 @@ else<br />
<h2>$this->input->is_ajax_request()</h2>
<p>Checks to see if the <var>HTTP_X_REQUESTED_WITH</var> server header has been set, and returns a boolean response.</p>
-<code>$this->input->is_ajax_request()</code>
+
+<h2>$this->input->is_cli_request()</h2>
+<p>Checks to see if the <var>STDIN</var> constant is set, which is a failsafe way to see if PHP is being run on the command line.</p>
+
+<code>$this->input->is_cli_request()</code>
</div>