fRequeststatic classv1.0.0b10
Provides request-related methods
This class is implemented to use the UTF-8 character encoding. Please see http://flourishlib.com/docs/UTF-8 for more information.
Please also note that using this class in a PUT or DELETE request will cause the php://input stream to be consumed, and thus no longer available.
| 1.0.0b10 | Fixed get() to not truncate integers to the 32bit integer limit 3/5/10 |
|---|---|
| 1.0.0b9 | Updated class to use new fSession API 10/23/09 |
| 1.0.0b8 | Casting to an integer or string in get() now properly casts when the $key isn't present in the request, added support for date, time, timestamp and ? casts 8/25/09 |
| 1.0.0b7 | Fixed a bug with filter() not properly creating new $_FILES entries 7/2/09 |
| 1.0.0b6 | filter() now works with empty prefixes and filtering the $_FILES superglobal has been fixed 7/2/09 |
| 1.0.0b5 | Changed filter() so that it can be called multiple times for multi-level filtering 6/2/09 |
| 1.0.0b4 | Added the HTML escaping functions encode() and prepare() 5/27/09 |
| 1.0.0b3 | Updated class to use new fSession API 5/8/09 |
| 1.0.0b2 | Added generateCSRFToken() from fCRUDgenerateRequestToken() and validateCSRFToken() from fCRUD::validateRequestToken() 5/8/09 |
| 1.0.0b | The initial implementation 6/14/07 |
Static Methods
::check() public
Indicated if the parameter specified is set in the $_GET or $_POST superglobals or in the post data of a PUT or DELETE request
Signature
boolean check( string $key )
Parameters
| string | $key | The key to check |
Returns
If the parameter is set
::encode() public
Gets a value from get() and passes it through fHTML::encode()
Signature
string encode( string $key, string $cast_to=NULL, mixed $default_value=NULL )
Parameters
| string | $key | The key to get the value of |
| string | $cast_to | Cast the value to this data type |
| mixed | $default_value | If the parameter is not set in the DELETE/PUT post data, $_POST or $_GET, use this value instead |
Returns
The encoded value
::filter() internal public
Please note: this method is public, however it is primarily intended for internal use by Flourish and will normally not be useful in site/application code
Parses through $_FILES, $_GET, $_POST and the PUT/DELETE post data and filters out everything that doesn't match the prefix and key, also removes the prefix from the field name
Signature
void filter( string $prefix, mixed $key )
Parameters
| string | $prefix | The prefix to filter by |
| mixed | $key | If the field is an array, get the value corresponding to this key |
::generateCSRFToken() public
Returns a request token that should be placed in each HTML form to prevent cross-site request forgery
This method will return a random 15 character string that should be placed in a hidden input element on every HTML form. When the form contents are being processed, the token should be retrieved and passed into validateCSRFToken().
The value returned by this method is stored in the session and then checked by the validate method, which helps prevent cross site request forgeries and (naive) automated form submissions.
Tokens generated by this method are single use, so a user must request the page that generates the token at least once per submission.
Signature
string generateCSRFToken( string $url=NULL )
Parameters
| string | $url | The URL to generate a token for, default to the current page |
Returns
The token to be submitted with the form
::get() public
Gets a value from the DELETE/PUT post data, $_POST or $_GET superglobals (in that order)
A value that exactly equals '' and is not cast to a specific type will become NULL.
Valid $cast_to types include:
- 'string',
- 'int'
- 'integer'
- 'bool'
- 'boolean'
- 'array'
- 'date'
- 'time'
- 'timestamp'
It is also possible to append a ? to a data type to return NULL whenever the $key was not specified in the request, or if the value was a blank string.
All text values are interpreted as UTF-8 string and appropriately cleaned.
Signature
mixed get( string $key, string $cast_to=NULL, mixed $default_value=NULL )
Parameters
| string | $key | The key to get the value of |
| string | $cast_to | Cast the value to this data type - see method description for details |
| mixed | $default_value | If the parameter is not set in the DELETE/PUT post data, $_POST or $_GET, use this value instead. This value will get cast if a $cast_to is specified. |
Returns
The value
::getAcceptLanguages() public
Returns the HTTP Accept-Languages sorted by their q values (from high to low)
Signature
array getAcceptLanguages( )
Returns
An associative array of {language} => {q value} sorted (in a stable-fashion) from highest to lowest q
::getAcceptTypes() public
Returns the HTTP Accept types sorted by their q values (from high to low)
Signature
array getAcceptTypes( )
Returns
An associative array of {type} => {q value} sorted (in a stable-fashion) from highest to lowest q
::getBestAcceptLanguage() public
Returns the best HTTP Accept-Language (based on q value) - can be filtered to only allow certain languages
Signature
string getBestAcceptLanguage( array $filter=array() )
Parameters
| array | $filter | An array of languages that are valid to return |
Returns
The best language listed in the Accept-Language header
::getBestAcceptType() public
Returns the best HTTP Accept type (based on q value) - can be filtered to only allow certain types
Signature
string getBestAcceptType( array $filter=array() )
Parameters
| array | $filter | An array of types that are valid to return |
Returns
The best type listed in the Accept header
::getValid() public
Gets a value from the DELETE/PUT post data, $_POST or $_GET superglobals (in that order), restricting to a specific set of values
Signature
mixed getValid( string $key, array $valid_values )
Parameters
| string | $key | The key to get the value of |
| array | $valid_values | The array of values that are permissible, if one is not selected, picks first |
Returns
The value
::isDelete() public
Indicates if the URL was accessed via the DELETE HTTP method
Signature
boolean isDelete( )
Returns
If the URL was accessed via the DELETE HTTP method
::isGet() public
Indicates if the URL was accessed via the GET HTTP method
Signature
boolean isGet( )
Returns
If the URL was accessed via the GET HTTP method
::isPost() public
Indicates if the URL was accessed via the POST HTTP method
Signature
boolean isPost( )
Returns
If the URL was accessed via the POST HTTP method
::isPut() public
Indicates if the URL was accessed via the PUT HTTP method
Signature
boolean isPut( )
Returns
If the URL was accessed via the PUT HTTP method
::overrideAction() public
Overrides the value of 'action' in the DELETE/PUT post data, $_POST or $_GET superglobals based on the 'action::{action_name}' value
This method is primarily intended to be used for hanlding multiple submit buttons.
Signature
void overrideAction( string $redirect=NULL )
Parameters
| string | $redirect | The url to redirect to if the action is overriden. %action% will be replaced with the overridden action. |
::prepare() public
Gets a value from get() and passes it through fHTML::prepare()
Signature
string prepare( string $key, string $cast_to=NULL, mixed $default_value=NULL )
Parameters
| string | $key | The key to get the value of |
| string | $cast_to | Cast the value to this data type |
| mixed | $default_value | If the parameter is not set in the DELETE/PUT post data, $_POST or $_GET, use this value instead |
Returns
The prepared value
::reset() internal public
Please note: this method is public, however it is primarily intended for internal use by Flourish and will normally not be useful in site/application code
Resets the configuration and data of the class
Signature
void reset( )
::set() public
Sets a value into the appropriate $_GET or $_POST superglobal, or the local PUT/DELETE post data based on what HTTP method was used for the request
Signature
void set( string $key, mixed $value )
Parameters
| string | $key | The key to set the value to |
| mixed | $value | The value to set |
::unfilter() internal public
Please note: this method is public, however it is primarily intended for internal use by Flourish and will normally not be useful in site/application code
Returns $_GET, $_POST and $_FILES and the PUT/DELTE post data to the state they were at before filter() was called
Signature
void unfilter( )
::validateCSRFToken() public
Validates a request token generated by generateCSRFToken()
This method takes a request token and ensures it is valid, otherwise it will throw an fValidationException.
Signature
void validateCSRFToken( string $token, string $url=NULL )
Parameters
| string | $token | The request token to validate |
| string | $url | The URL to validate the token for, default to the current page |
Throws
- fValidationException
- When the CSRF token specified is invalid
