CI框架源码阅读---------Input.php

作者:上海建筑防水有限公司  来源:www.yxjzfs.com   发布时间:2017-09-06 10:02:34
CI框架源码阅读---------Input.php [php]

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/**

* CodeIgniter

*

* An open source application development framework for PHP 5.1.6 or newer

*

* @package CodeIgniter

* @author ExpressionEngine Dev Team

* @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.

* @license http://codeigniter.com/user_guide/license.html

* @link http://codeigniter.com

* @since Version 1.0

* @filesource

*/

// ------------------------------------------------------------------------

/**

* Input Class

*

* Pre-processes global input data for security

*

* @package CodeIgniter

* @subpackage Libraries

* @category Input

* @author ExpressionEngine Dev Team

* @link http://codeigniter.com/user_guide/libraries/input.html

*/

class CI_Input {

/**

* IP address of the current user

* 当前用户的ip地址

* @var string

*/

var $ip_address = FALSE;

/**

* user agent (web browser) being used by the current user

* 当前用户(web浏览器)代理

* @var string

*/

var $user_agent = FALSE;

/**

* If FALSE, then $_GET will be set to an empty array

* 如果是FALSE , $_GET将被设置为空数组

* @var bool

*/

var $_allow_get_array = TRUE;

/**

* If TRUE, then newlines are standardized

* 如果为TRUR,新行将被标准化

*

* @var bool

*/

var $_standardize_newlines = TRUE;

/**

* Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered

* Set automatically based on config setting

* 决定是否总是在GET ,POST , COOKIE数据中进行XSS过滤

* 在配置选项里面配置是否自动开启

*

* @var bool

*/

var $_enable_xss = FALSE;

/**

* Enables a CSRF cookie token to be set.

* Set automatically based on config setting

* 允许CSRF cookie令牌

*

* @var bool

*/

var $_enable_csrf = FALSE;

/**

* List of all HTTP request headers

* HTTP请求头部的列表

* @var array

*/

protected $headers = array();

/**

* Constructor

* 设置是否全局允许XSS处理和是否允许使用$_GET数组

* Sets whether to globally enable the XSS processing

* and whether to allow the $_GET array

*

* @return void

*/

public function __construct()

{

log_message('debug', "Input Class Initialized");

// 从配置文件中获取是否进行全局允许使用$_GET XSS过滤和csrf保护

$this->_allow_get_array = (config_item('allow_get_array') === TRUE);

$this->_enable_xss = (config_item('global_xss_filtering') === TRUE);

$this->_enable_csrf = (config_item('csrf_protection') === TRUE);

// 清除globals变量,在开启了globals_register的情况下,相当于关闭了此配置。

// 开启一道 安全防护

global $SEC;

$this->security =& $SEC;

// Do we need the UTF-8 class?

if (UTF8_ENABLED === TRUE)

{

global $UNI;

$this->uni =& $UNI;

}

// Sanitize global arrays

$this->_sanitize_globals();

}

// --------------------------------------------------------------------

/**

* Fetch from array

* 从$array获取值,专题,如果设置了xss_clean 那么进行过滤

* This is a helper function to retrieve 检索 values from global arrays

* 这是一个帮助函数用来从全局数组中检索

*

* @access private

* @param array

* @param string

* @param bool

* @return string

*/

function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)

{

if ( ! isset($array[$index]))

{

return FALSE;

}

if ($xss_clean === TRUE)

{

return $this->security->xss_clean($array[$index]);

}

return $array[$index];

}

// --------------------------------------------------------------------

/**

* Fetch an item from the GET array

* 获取过滤后的GET数组

* @access public

* @param string

* @param bool

* @return string

*/

function get($index = NULL, $xss_clean = FALSE)

{

// Check if a field has been provided

// 检查是否一个字段已经被提供

if ($index === NULL AND ! emptyempty($_GET))

{

$get = array();

// loop through the full _GET array

// 遍历_GET数组

foreach (array_keys($_GET) as $key)

{

$get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean);

}

return $get;

}

return $this->_fetch_from_array($_GET, $index, $xss_clean);

}

// --------------------------------------------------------------------

/**

* Fetch an item from the POST array

* 获取过滤后的$_POST值

* @access public

* @param string

* @param bool

* @return string

*/

function post($index = NULL, $xss_clean = FALSE)

{

// Check if a field has been provided

if ($index === NULL AND ! emptyempty($_POST))

{

$post = array();

// Loop through the full _POST array and return it

foreach (array_keys($_POST) as $key)

{

$post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean);

}

return $post;

}

return $this->_fetch_from_array($_POST, $index, $xss_clean);

}

// --------------------------------------------------------------------

/**

* Fetch an item from either the GET array or the POST

* 从get和post中获取值, post优先

* @access public

* @param string The index key

* @param bool XSS cleaning

* @return string

*/

function get_post($index = '', $xss_clean = FALSE)

{

if ( ! isset($_POST[$index]) )

{

return $this->get($index, $xss_clean);

}

else

{

return $this->post($index, $xss_clean);

}

}

// --------------------------------------------------------------------

/**

* Fetch an item from the COOKIE array

* 返回过滤后的COOKIE值

* @access public

* @param string

* @param bool

* @return string

*/

function cookie($index = '', $xss_clean = FALSE)

{

return $this->_fetch_from_array($_COOKIE, $index, $xss_clean);

}

// ------------------------------------------------------------------------

/**

* Set cookie

*

* Accepts six parameter, or you can submit an associative

* array in the first parameter containing all the values.

* 接收6个参数或者接收一个关联数组里面包含所有的值

* @access public

* @param mixed

* @param string the value of the cookie

* @param string the number of seconds until expiration

* @param string the cookie domain. Usually: .yourdomain.com

* @param string the cookie path

* @param string the cookie prefix

* @param bool true makes the cookie secure

* @return void

*/

function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE)

{

// 如果第一个值是数组 将数组中的值分别赋值给留个参数

if (is_array($name))

{

// always leave 'name' in last place, as the loop will break otherwise, due to $$item

foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'name') as $item)

{

if (isset($name[$item]))

{

$$item = $name[$item];

}

}

}

// 如果某个参数为默认值但是config.php中的配置不是默认值

// 则使用config.php中的配置值

if ($prefix == '' AND config_item('cookie_prefix') != '')

{

$prefix = config_item('cookie_prefix');

}

if ($domain == '' AND config_item('cookie_domain') != '')

{

$domain = config_item('cookie_domain');

}

if ($path == '/' AND config_item('cookie_path') != '/')

{

$path = config_item('cookie_path');

}

if ($secure == FALSE AND config_item('cookie_secure') != FALSE)

{

$secure = config_item('cookie_secure');

}

if ( ! is_numeric($expire))

{

$expire = time() - 86500;

}

else

{

$expire = ($expire > 0) ? time() + $expire : 0;

}

setcookie($prefix.$name, $value, $expire, $path, $domain, $secure);

}

// --------------------------------------------------------------------

/**

* Fetch an item from the SERVER array

* 返回过滤后的$_SERVER值

* @access public

* @param string

* @param bool

* @return string

*/

function server($index = '', $xss_clean = FALSE)

{

return $this->_fetch_from_array($_SERVER, $index, $xss_clean);

}

// --------------------------------------------------------------------

/**

* Fetch the IP Address

* 返回当前用户的IP。如果IP地址无效,返回0.0.0.0的IP:

* @return string

*/

public function ip_address()

{

// 如果已经有了ip_address 则返回

if ($this->ip_address !== FALSE)

{

return $this->ip_address;

}

$proxy_ips = config_item('proxy_ips');

if ( ! emptyempty($proxy_ips))

{

$proxy_ips = explode(',', str_replace(' ', '', $proxy_ips));

企业建站2800元起,携手武汉肥猫科技,做一个有见地的颜值派!更多优惠请戳:鄂州网站制作 http://ezhou.666rj.com


上一篇:SEO实战之:博客的培养和维护
下一篇:最后一页