From be0ca26c9006981eced5d938060ba5bad4145e3b Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Wed, 7 Mar 2012 19:09:51 +0100 Subject: added method() and is_method() --- user_guide_src/source/changelog.rst | 2 ++ user_guide_src/source/libraries/input.rst | 31 ++++++++++++++++++++++++++++--- 2 files changed, 30 insertions(+), 3 deletions(-) (limited to 'user_guide_src') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index b5fb52df4..f8c4ba144 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -97,6 +97,8 @@ Release Date: Not Released - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars(). - is_loaded() function from system/core/Commons.php now returns a reference. - $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *input->post(NULL, TRUE); // returns all POST items with XSS filter + $this->input->post(NULL, TRUE); // returns all POST items with XSS filter $this->input->post(); // returns all POST items without XSS filter $this->input->get() @@ -119,9 +119,9 @@ The function returns FALSE (boolean) if there are no items in the GET. :: - $this->input->get(NULL, TRUE); // returns all GET items with XSS filter + $this->input->get(NULL, TRUE); // returns all GET items with XSS filter $this->input->get(); // returns all GET items without XSS filtering - + $this->input->get_post() ========================= @@ -298,3 +298,28 @@ see if PHP is being run on the command line. $this->input->is_cli_request() +$this->input->method(); +===================================== + +Returns the $_SERVER['REQUEST_METHOD'] in lowercase. + +:: + + $this->input->method(); + +$this->input->is_method($method); +===================================== + +Returns TRUE if given method equals $_SERVER['REQUEST_METHOD'], otherwise returns FALSE. + +:: + + if ( ! $this->input->is_method('post')) + { + echo 'This is NOT a POST request'; + } + else + { + echo 'This is a POST request'; + } + -- cgit v1.2.3-24-g4f1b From dc900df67972ed1c961fc3e4173db98047bdbd1b Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Wed, 7 Mar 2012 20:41:37 +0100 Subject: removed is_method --- user_guide_src/source/changelog.rst | 3 +-- user_guide_src/source/libraries/input.rst | 23 ++++------------------- 2 files changed, 5 insertions(+), 21 deletions(-) (limited to 'user_guide_src') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f8c4ba144..58a4cb76b 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -97,8 +97,7 @@ Release Date: Not Released - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars(). - is_loaded() function from system/core/Commons.php now returns a reference. - $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *input->method(); ===================================== -Returns the $_SERVER['REQUEST_METHOD'] in lowercase. +Returns the $_SERVER['REQUEST_METHOD'], optional set uppercase or lowercase (standard lowercase). :: - $this->input->method(); - -$this->input->is_method($method); -===================================== - -Returns TRUE if given method equals $_SERVER['REQUEST_METHOD'], otherwise returns FALSE. - -:: - - if ( ! $this->input->is_method('post')) - { - echo 'This is NOT a POST request'; - } - else - { - echo 'This is a POST request'; - } - + echo $this->input->method(TRUE); // Outputs: POST + echo $this->input->method(FALSE); // Outputs: post + echo $this->input->method(); // Outputs: post -- cgit v1.2.3-24-g4f1b From 1e9fb49a9eb5cebbe2e3cdf106892d9af72cfdc5 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Wed, 7 Mar 2012 20:51:25 +0100 Subject: userguide fix --- user_guide_src/source/libraries/input.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'user_guide_src') diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index c63c627db..1f2ea650a 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -301,7 +301,7 @@ see if PHP is being run on the command line. $this->input->method(); ===================================== -Returns the $_SERVER['REQUEST_METHOD'], optional set uppercase or lowercase (standard lowercase). +Returns the $_SERVER['REQUEST_METHOD'], optional set uppercase or lowercase (default lowercase). :: -- cgit v1.2.3-24-g4f1b From 3b2c5083034675d88d9e516b5c5aca5119d6f918 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 7 Mar 2012 22:49:24 +0200 Subject: Fix issue #501 --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'user_guide_src') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 58a4cb76b..4c6fd38bc 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -147,6 +147,7 @@ Bug fixes for 3.0 - Fixed a bug in Oracle's DB_result class where the cursor id passed to it was always NULL. - Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. - Fixed a bug in the :doc:`Session Library ` where a PHP E_NOTICE error was triggered by _unserialize() due to results from databases such as MSSQL and Oracle being space-padded on the right. +- Fixed a bug (#501) - set_rules() to check if the request method is not 'POST' before aborting, instead of depending on count($_POST) in the :doc:`Form Validation Library `. Version 2.1.1 ============= -- cgit v1.2.3-24-g4f1b From 5d27c43d29fc049497010ea62ac7877a64bfed92 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 8 Mar 2012 12:01:52 +0200 Subject: Fix issue #940 --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'user_guide_src') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 4c6fd38bc..587c64c5a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -148,6 +148,7 @@ Bug fixes for 3.0 - Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. - Fixed a bug in the :doc:`Session Library ` where a PHP E_NOTICE error was triggered by _unserialize() due to results from databases such as MSSQL and Oracle being space-padded on the right. - Fixed a bug (#501) - set_rules() to check if the request method is not 'POST' before aborting, instead of depending on count($_POST) in the :doc:`Form Validation Library `. +- Fixed a bug (#940) - csrf_verify() used to set the CSRF cookie while processing a POST request with no actual POST data, which resulted in validating a request that should be considered invalid. Version 2.1.1 ============= -- cgit v1.2.3-24-g4f1b