From ec2f57133750caa5f5903e529a6ae776aebc4431 Mon Sep 17 00:00:00 2001
From: Greg Aker <greg.aker@ellislab.com>
Date: Mon, 15 Nov 2010 16:22:12 -0600
Subject: Adding request_headers() and get_request_header() methods to the
 input class.  The request_headers() method is helpful in non-apache
 environments where apache_request_headers() isn't going to exist.

---
 system/core/Input.php           | 83 ++++++++++++++++++++++++++++++++++++++++-
 user_guide/changelog.html       |  1 +
 user_guide/libraries/input.html |  8 ++++
 3 files changed, 90 insertions(+), 2 deletions(-)

diff --git a/system/core/Input.php b/system/core/Input.php
index 0ce2d893a..52ea71bc5 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -35,6 +35,9 @@ class CI_Input {
 	var $_enable_xss			= FALSE; // Set automatically based on config setting
 	var $_enable_csrf			= FALSE; // Set automatically based on config setting
 
+	protected $headers			= array();
+	
+
 	/**
 	 * Constructor
 	 *
@@ -378,8 +381,10 @@ class CI_Input {
 	function _sanitize_globals()
 	{
 		// It would be "wrong" to unset any of these GLOBALS.
-		$protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
-							'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN');
+		$protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', 
+							'_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
+							'system_folder', 'application_folder', 'BM', 'EXT', 
+							'CFG', 'URI', 'RTR', 'OUT', 'IN');
 
 		// Unset globals for securiy.
 		// This is effectively the same as register_globals = off
@@ -545,6 +550,80 @@ class CI_Input {
 		return $str;
 	}
 
+	// --------------------------------------------------------------------
+
+	/**
+	 * Request Headers
+	 *
+	 * In Apache, you can simply call apache_request_headers(), however for 
+	 * people running other webservers the function is undefined.
+	 *
+	 * @return array
+	 */
+	public function request_headers($xss_clean = FALSE)
+	{
+		// Look at Apache go!
+		if (function_exists('apache_request_headers'))
+		{
+			$headers = apache_request_headers();
+		}
+		else
+		{
+			$headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+
+			foreach ($_SERVER as $key => $val)
+			{
+				if (strncmp($key, 'HTTP_', 5) === 0)
+				{
+					$headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
+				}
+			}
+		}
+
+		// take SOME_HEADER and turn it into Some-Header
+		foreach ($headers as $key => $val)
+		{
+			$key = str_replace('_', ' ', strtolower($key));
+			$key = str_replace(' ', '-', ucwords($key));
+			
+			$this->headers[$key] = $val;
+		}
+		
+		return $this->headers;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Request Header
+	 *
+	 * Returns the value of a single member of the headers class member
+	 *
+	 * @param 	string		array key for $this->headers
+	 * @param	boolean		XSS Clean or not
+	 * @return 	mixed		FALSE on failure, string on success
+	 */
+	public function get_request_header($index, $xss_clean = FALSE)
+	{
+		if (empty($this->headers))
+		{
+			$this->request_headers();
+		}
+		
+		if ( ! isset($this->headers[$index]))
+		{
+			return FALSE;
+		}
+
+		if ($xss_clean === TRUE)
+		{
+			$_security =& load_class('Security');
+			return $_security->xss_clean($this->headers[$index]);
+		}
+
+		return $this->headers[$index];		
+	}
+
 }
 // END Input class
 
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 56f750be8..d5bf1b77d 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -108,6 +108,7 @@ Hg Tag: </p>
 				Please see the <a href="./installation/upgrade_200.html">upgrade instructions</a> for details.</li>
 			<li>Altered Form_Validation library to allow for method chaining on <kbd>set_rules()</kbd>, <kbd>set_message()</kbd> and <kbd>set_error_delimiters()</kbd> functions.</li>
 			<li>Altered Email Library to allow for method chaining.</li>
+			<li>Added <kbd>request_headers()</kbd> and <kbd>get_request_header</kbd> to the input class.</li>
 		</ul>
 	</li>
 	<li>Database
diff --git a/user_guide/libraries/input.html b/user_guide/libraries/input.html
index 4c12fd7b0..704421331 100644
--- a/user_guide/libraries/input.html
+++ b/user_guide/libraries/input.html
@@ -233,7 +233,15 @@ else<br />
 <code>echo $this->input->user_agent();</code>
 
 
+<h2>$this->input->request_headers()</h2>
+<p>Useful if running in a non-Apache environment where <a href="http://php.net/apache_request_headers">apache_request_headers()</a> will not be supported.  Returns an array of headers.</p>
 
+<code>$headers = $this->input->request_headers();</code>
+
+<h2>$this->input->get_request_header();</h2>
+<p>Returns a single 
+
+<code>$this->input->get_request_header('some-header', TRUE);</code>
 
 </div>
 <!-- END CONTENT -->
-- 
cgit v1.2.3-24-g4f1b