CHttpRequest
Package | system.web |
---|---|
Inheritance | class CHttpRequest » CApplicationComponent » CComponent |
Implements | IApplicationComponent |
Since | 1.0 |
Source Code | framework/web/CHttpRequest.php |
CHttpRequest also manages the cookies sent from and sent to the user. By setting enableCookieValidation to true, cookies sent from the user will be validated to see if they are tampered. The property cookies returns the collection of cookies. For more details, see CCookieCollection.
CHttpRequest is a default application component loaded by CWebApplication. It can be accessed via CWebApplication::getRequest().
Public Properties
Property | Type | Description | Defined By |
---|---|---|---|
acceptTypes | string | Returns user browser accept types, null if not present. | CHttpRequest |
baseUrl | string | Returns the relative URL for the application. | CHttpRequest |
behaviors | array | the behaviors that should be attached to this component. | CApplicationComponent |
browser | array | Returns information about the capabilities of user browser. | CHttpRequest |
contentType | string | Returns request content-type | CHttpRequest |
cookies | CCookieCollection | Returns the cookie collection. | CHttpRequest |
csrfCookie | array | the property values (in name-value pairs) used to initialize the CSRF cookie. | CHttpRequest |
csrfToken | string | Returns the random token used to perform CSRF validation. | CHttpRequest |
csrfTokenName | string | the name of the token used to prevent CSRF. | CHttpRequest |
enableCookieValidation | boolean | whether cookies should be validated to ensure they are not tampered. | CHttpRequest |
enableCsrfValidation | boolean | whether to enable CSRF (Cross-Site Request Forgery) validation. | CHttpRequest |
hostInfo | string | Returns the schema and host part of the application URL. | CHttpRequest |
httpVersion | string | Returns the version of the HTTP protocol used by client. | CHttpRequest |
isAjaxRequest | boolean | Returns whether this is an AJAX (XMLHttpRequest) request. | CHttpRequest |
isDeleteRequest | boolean | Returns whether this is a DELETE request. | CHttpRequest |
isFlashRequest | boolean | Returns whether this is an Adobe Flash or Adobe Flex request. | CHttpRequest |
isInitialized | boolean | Checks if this application component has been initialized. | CApplicationComponent |
isPatchRequest | boolean | Returns whether this is a PATCH request. | CHttpRequest |
isPostRequest | boolean | Returns whether this is a POST request. | CHttpRequest |
isPutRequest | boolean | Returns whether this is a PUT request. | CHttpRequest |
isSecureConnection | boolean | Return if the request is sent via secure channel (https). | CHttpRequest |
jsonAsArray | boolean | whether the parsing of JSON REST requests should return associative arrays for object data. | CHttpRequest |
pathInfo | string | Returns the path info of the currently requested URL. | CHttpRequest |
port | integer | Returns the port to use for insecure requests. | CHttpRequest |
preferredAcceptType | array | Returns the user preferred accept MIME type. | CHttpRequest |
preferredAcceptTypes | array | Returns an array of user accepted MIME types in order of preference. | CHttpRequest |
preferredLanguage | string | Returns the user-preferred language that should be used by this application. | CHttpRequest |
preferredLanguages | array | Returns an array of user accepted languages in order of preference. | CHttpRequest |
queryString | string | Returns part of the request URL that is after the question mark. | CHttpRequest |
rawBody | string | Returns the raw HTTP request body. | CHttpRequest |
requestType | string | Returns the request type, such as GET, POST, HEAD, PUT, PATCH, DELETE. | CHttpRequest |
requestUri | string | Returns the request URI portion for the currently requested URL. | CHttpRequest |
restParams | array | Returns request parameters. Typically PUT, PATCH or DELETE. | CHttpRequest |
scriptFile | string | Returns entry script file path. | CHttpRequest |
scriptUrl | string | Returns the relative URL of the entry script. | CHttpRequest |
securePort | integer | Returns the port to use for secure requests. | CHttpRequest |
serverName | string | Returns the server name. | CHttpRequest |
serverPort | integer | Returns the server port number. | CHttpRequest |
url | string | Returns the currently requested URL. | CHttpRequest |
urlReferrer | string | Returns the URL referrer, null if not present | CHttpRequest |
userAgent | string | Returns the user agent, null if not present. | CHttpRequest |
userHost | string | Returns the user host name, null if it cannot be determined. | CHttpRequest |
userHostAddress | string | Returns the user IP address. | CHttpRequest |
Protected Properties
Property | Type | Description | Defined By |
---|---|---|---|
isDeleteViaPostRequest | boolean | Returns whether this is a DELETE request which was tunneled through POST. | CHttpRequest |
isPatchViaPostRequest | boolean | Returns whether this is a PATCH request which was tunneled through POST. | CHttpRequest |
isPutViaPostRequest | boolean | Returns whether this is a PUT request which was tunneled through POST. | CHttpRequest |
Public Methods
Method | Description | Defined By |
---|---|---|
__call() | Calls the named method which is not a class method. | CComponent |
__get() | Returns a property value, an event handler list or a behavior based on its name. | CComponent |
__isset() | Checks if a property value is null. | CComponent |
__set() | Sets value of a component property. | CComponent |
__unset() | Sets a component property to be null. | CComponent |
asa() | Returns the named behavior object. | CComponent |
attachBehavior() | Attaches a behavior to this component. | CComponent |
attachBehaviors() | Attaches a list of behaviors to the component. | CComponent |
attachEventHandler() | Attaches an event handler to an event. | CComponent |
canGetProperty() | Determines whether a property can be read. | CComponent |
canSetProperty() | Determines whether a property can be set. | CComponent |
compareAcceptTypes() | Compare function for determining the preference of accepted MIME type array maps | CHttpRequest |
detachBehavior() | Detaches a behavior from the component. | CComponent |
detachBehaviors() | Detaches all behaviors from the component. | CComponent |
detachEventHandler() | Detaches an existing event handler. | CComponent |
disableBehavior() | Disables an attached behavior. | CComponent |
disableBehaviors() | Disables all behaviors attached to this component. | CComponent |
enableBehavior() | Enables an attached behavior. | CComponent |
enableBehaviors() | Enables all behaviors attached to this component. | CComponent |
evaluateExpression() | Evaluates a PHP expression or callback under the context of this component. | CComponent |
getAcceptTypes() | Returns user browser accept types, null if not present. | CHttpRequest |
getBaseUrl() | Returns the relative URL for the application. | CHttpRequest |
getBrowser() | Returns information about the capabilities of user browser. | CHttpRequest |
getContentType() | Returns request content-type | CHttpRequest |
getCookies() | Returns the cookie collection. | CHttpRequest |
getCsrfToken() | Returns the random token used to perform CSRF validation. | CHttpRequest |
getDelete() | Returns the named DELETE parameter value. | CHttpRequest |
getEventHandlers() | Returns the list of attached event handlers for an event. | CComponent |
getHostInfo() | Returns the schema and host part of the application URL. | CHttpRequest |
getHttpVersion() | Returns the version of the HTTP protocol used by client. | CHttpRequest |
getIsAjaxRequest() | Returns whether this is an AJAX (XMLHttpRequest) request. | CHttpRequest |
getIsDeleteRequest() | Returns whether this is a DELETE request. | CHttpRequest |
getIsFlashRequest() | Returns whether this is an Adobe Flash or Adobe Flex request. | CHttpRequest |
getIsInitialized() | Checks if this application component has been initialized. | CApplicationComponent |
getIsPatchRequest() | Returns whether this is a PATCH request. | CHttpRequest |
getIsPostRequest() | Returns whether this is a POST request. | CHttpRequest |
getIsPutRequest() | Returns whether this is a PUT request. | CHttpRequest |
getIsSecureConnection() | Return if the request is sent via secure channel (https). | CHttpRequest |
getParam() | Returns the named GET or POST parameter value. | CHttpRequest |
getPatch() | Returns the named PATCH parameter value. | CHttpRequest |
getPathInfo() | Returns the path info of the currently requested URL. | CHttpRequest |
getPort() | Returns the port to use for insecure requests. | CHttpRequest |
getPost() | Returns the named POST parameter value. | CHttpRequest |
getPreferredAcceptType() | Returns the user preferred accept MIME type. | CHttpRequest |
getPreferredAcceptTypes() | Returns an array of user accepted MIME types in order of preference. | CHttpRequest |
getPreferredLanguage() | Returns the user-preferred language that should be used by this application. | CHttpRequest |
getPreferredLanguages() | Returns an array of user accepted languages in order of preference. | CHttpRequest |
getPut() | Returns the named PUT parameter value. | CHttpRequest |
getQuery() | Returns the named GET parameter value. | CHttpRequest |
getQueryString() | Returns part of the request URL that is after the question mark. | CHttpRequest |
getRawBody() | Returns the raw HTTP request body. | CHttpRequest |
getRequestType() | Returns the request type, such as GET, POST, HEAD, PUT, PATCH, DELETE. | CHttpRequest |
getRequestUri() | Returns the request URI portion for the currently requested URL. | CHttpRequest |
getRestParams() | Returns request parameters. Typically PUT, PATCH or DELETE. | CHttpRequest |
getScriptFile() | Returns entry script file path. | CHttpRequest |
getScriptUrl() | Returns the relative URL of the entry script. | CHttpRequest |
getSecurePort() | Returns the port to use for secure requests. | CHttpRequest |
getServerName() | Returns the server name. | CHttpRequest |
getServerPort() | Returns the server port number. | CHttpRequest |
getUrl() | Returns the currently requested URL. | CHttpRequest |
getUrlReferrer() | Returns the URL referrer, null if not present | CHttpRequest |
getUserAgent() | Returns the user agent, null if not present. | CHttpRequest |
getUserHost() | Returns the user host name, null if it cannot be determined. | CHttpRequest |
getUserHostAddress() | Returns the user IP address. | CHttpRequest |
hasEvent() | Determines whether an event is defined. | CComponent |
hasEventHandler() | Checks whether the named event has attached handlers. | CComponent |
hasProperty() | Determines whether a property is defined. | CComponent |
init() | Initializes the application component. | CHttpRequest |
parseAcceptHeader() | Parses an HTTP Accept header, returning an array map with all parts of each entry. | CHttpRequest |
raiseEvent() | Raises an event. | CComponent |
redirect() | Redirects the browser to the specified URL. | CHttpRequest |
sendFile() | Sends a file to user. | CHttpRequest |
setBaseUrl() | Sets the relative URL for the application. | CHttpRequest |
setHostInfo() | Sets the schema and host part of the application URL. | CHttpRequest |
setPort() | Sets the port to use for insecure requests. | CHttpRequest |
setScriptUrl() | Sets the relative URL for the application entry script. | CHttpRequest |
setSecurePort() | Sets the port to use for secure requests. | CHttpRequest |
stripSlashes() | Strips slashes from input data. | CHttpRequest |
validateCsrfToken() | Performs the CSRF validation. | CHttpRequest |
xSendFile() | Sends existing file to a browser as a download using x-sendfile. | CHttpRequest |
Protected Methods
Method | Description | Defined By |
---|---|---|
createCsrfCookie() | Creates a cookie with a randomly generated CSRF token. | CHttpRequest |
decodePathInfo() | Decodes the path info. | CHttpRequest |
getIsDeleteViaPostRequest() | Returns whether this is a DELETE request which was tunneled through POST. | CHttpRequest |
getIsPatchViaPostRequest() | Returns whether this is a PATCH request which was tunneled through POST. | CHttpRequest |
getIsPutViaPostRequest() | Returns whether this is a PUT request which was tunneled through POST. | CHttpRequest |
normalizeRequest() | Normalizes the request data. | CHttpRequest |
Property Details
acceptTypes property read-only
public string getAcceptTypes()
Returns user browser accept types, null if not present.
baseUrl property
public string getBaseUrl(boolean $absolute=false)
public void setBaseUrl(string $value)
Returns the relative URL for the application. This is similar to scriptUrl except that it does not have the script file name, and the ending slashes are stripped off.
See Also
browser property read-only
public array getBrowser(string $userAgent=NULL)
Returns information about the capabilities of user browser.
contentType property read-only (available since v1.1.17)
public string getContentType()
Returns request content-type The Content-Type header field indicates the MIME type of the data contained in getRawBody() or, in the case of the HEAD method, the media type that would have been sent had the request been a GET.
cookies property read-only
public CCookieCollection getCookies()
Returns the cookie collection. The result can be used like an associative array. Adding CHttpCookie objects to the collection will send the cookies to the client; and removing the objects from the collection will delete those cookies on the client.
csrfCookie property
public array $csrfCookie;
the property values (in name-value pairs) used to initialize the CSRF cookie. Any property of CHttpCookie may be initialized. This property is effective only when enableCsrfValidation is true.
csrfToken property read-only
public string getCsrfToken()
Returns the random token used to perform CSRF validation. The token will be read from cookie first. If not found, a new token will be generated.
See Also
csrfTokenName property
public string $csrfTokenName;
the name of the token used to prevent CSRF. Defaults to 'YII_CSRF_TOKEN'. This property is effectively only when enableCsrfValidation is true.
enableCookieValidation property
public boolean $enableCookieValidation;
whether cookies should be validated to ensure they are not tampered. Defaults to false.
enableCsrfValidation property
public boolean $enableCsrfValidation;
whether to enable CSRF (Cross-Site Request Forgery) validation. Defaults to false. By setting this property to true, forms submitted to an Yii Web application must be originated from the same application. If not, a 400 HTTP exception will be raised. Note, this feature requires that the user client accepts cookie. You also need to use CHtml::form or CHtml::statefulForm to generate the needed HTML forms in your pages.
hostInfo property
public string getHostInfo(string $schema='')
public void setHostInfo(string $value)
Returns the schema and host part of the application URL. The returned URL does not have an ending slash. By default this is determined based on the user request information. You may explicitly specify it by setting the hostInfo property.
See Also
httpVersion property read-only (available since v1.1.16)
public string getHttpVersion()
Returns the version of the HTTP protocol used by client.
isAjaxRequest property read-only
public boolean getIsAjaxRequest()
Returns whether this is an AJAX (XMLHttpRequest) request.
isDeleteRequest property read-only (available since v1.1.7)
public boolean getIsDeleteRequest()
Returns whether this is a DELETE request.
isDeleteViaPostRequest property read-only (available since v1.1.11)
protected boolean getIsDeleteViaPostRequest()
Returns whether this is a DELETE request which was tunneled through POST.
isFlashRequest property read-only (available since v1.1.11)
public boolean getIsFlashRequest()
Returns whether this is an Adobe Flash or Adobe Flex request.
isPatchRequest property read-only (available since v1.1.16)
public boolean getIsPatchRequest()
Returns whether this is a PATCH request.
isPatchViaPostRequest property read-only (available since v1.1.16)
protected boolean getIsPatchViaPostRequest()
Returns whether this is a PATCH request which was tunneled through POST.
isPostRequest property read-only
public boolean getIsPostRequest()
Returns whether this is a POST request.
isPutRequest property read-only (available since v1.1.7)
public boolean getIsPutRequest()
Returns whether this is a PUT request.
isPutViaPostRequest property read-only (available since v1.1.11)
protected boolean getIsPutViaPostRequest()
Returns whether this is a PUT request which was tunneled through POST.
isSecureConnection property read-only
public boolean getIsSecureConnection()
Return if the request is sent via secure channel (https).
jsonAsArray property (available since v1.1.17)
public boolean $jsonAsArray;
whether the parsing of JSON REST requests should return associative arrays for object data.
See Also
pathInfo property read-only
public string getPathInfo()
Returns the path info of the currently requested URL. This refers to the part that is after the entry script and before the question mark. The starting and ending slashes are stripped off.
port property (available since v1.1.3)
public integer getPort()
public void setPort(integer $value)
Returns the port to use for insecure requests. Defaults to 80, or the port specified by the server if the current request is insecure. You may explicitly specify it by setting the port property.
See Also
preferredAcceptType property read-only
public array getPreferredAcceptType()
Returns the user preferred accept MIME type. The MIME type is returned as an array map (see parseAcceptHeader()).
preferredAcceptTypes property read-only
public array getPreferredAcceptTypes()
Returns an array of user accepted MIME types in order of preference. Each array entry consists of a map with the type, subType, baseType and params, an array map of key-value parameters. See parseAcceptHeader() for a description of the array map.
preferredLanguage property read-only
public string getPreferredLanguage(array $languages=array ( ))
Returns the user-preferred language that should be used by this application. The language resolution is based on the user preferred languages and the languages supported by the application. The method will try to find the best match.
preferredLanguages property read-only
public array getPreferredLanguages()
Returns an array of user accepted languages in order of preference. The returned language IDs will NOT be canonicalized using CLocale::getCanonicalID.
queryString property read-only
public string getQueryString()
Returns part of the request URL that is after the question mark.
rawBody property read-only (available since v1.1.13)
public string getRawBody()
Returns the raw HTTP request body.
requestType property read-only
public string getRequestType()
Returns the request type, such as GET, POST, HEAD, PUT, PATCH, DELETE. Request type can be manually set in POST requests with a parameter named _method. Useful for RESTful request from older browsers which do not support PUT, PATCH or DELETE natively (available since version 1.1.11).
requestUri property read-only
public string getRequestUri()
Returns the request URI portion for the currently requested URL. This refers to the portion that is after the host info part. It includes the query string part if any. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.
restParams property read-only (available since v1.1.13 method became public)
public array getRestParams()
Returns request parameters. Typically PUT, PATCH or DELETE.
scriptFile property read-only
public string getScriptFile()
Returns entry script file path.
scriptUrl property
public string getScriptUrl()
public void setScriptUrl(string $value)
Returns the relative URL of the entry script. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.
securePort property (available since v1.1.3)
public integer getSecurePort()
public void setSecurePort(integer $value)
Returns the port to use for secure requests. Defaults to 443, or the port specified by the server if the current request is secure. You may explicitly specify it by setting the securePort property.
See Also
serverName property read-only
public string getServerName()
Returns the server name.
serverPort property read-only
public integer getServerPort()
Returns the server port number.
url property read-only
public string getUrl()
Returns the currently requested URL. This is the same as getRequestUri.
urlReferrer property read-only
public string getUrlReferrer()
Returns the URL referrer, null if not present
userAgent property read-only
public string getUserAgent()
Returns the user agent, null if not present.
userHost property read-only
public string getUserHost()
Returns the user host name, null if it cannot be determined.
userHostAddress property read-only
public string getUserHostAddress()
Returns the user IP address.
Method Details
compareAcceptTypes() method
public static integer compareAcceptTypes(array $a, array $b) | ||
$a | array | user accepted MIME type as an array map |
$b | array | user accepted MIME type as an array map |
{return} | integer | -1, 0 or 1 if $a has respectively greater preference, equal preference or less preference than $b (higher preference comes first). |
public static function compareAcceptTypes($a,$b)
{
// check for equal quality first
if($a['params']['q']===$b['params']['q'])
if(!($a['type']==='*' xor $b['type']==='*'))
if (!($a['subType']==='*' xor $b['subType']==='*'))
// finally, higher number of parameters counts as greater precedence
if(count($a['params'])===count($b['params']))
return 0;
else
return count($a['params'])<count($b['params']) ? 1 : -1;
// more specific takes precedence - whichever one doesn't have a * subType
else
return $a['subType']==='*' ? 1 : -1;
// more specific takes precedence - whichever one doesn't have a * type
else
return $a['type']==='*' ? 1 : -1;
else
return ($a['params']['q']<$b['params']['q']) ? 1 : -1;
}
Compare function for determining the preference of accepted MIME type array maps See parseAcceptHeader() for the format of $a and $b
createCsrfCookie() method
protected CHttpCookie createCsrfCookie() | ||
{return} | CHttpCookie | the generated cookie |
protected function createCsrfCookie()
{
$securityManager=Yii::app()->getSecurityManager();
$token=$securityManager->generateRandomBytes(32);
$maskedToken=$securityManager->maskToken($token);
$cookie=new CHttpCookie($this->csrfTokenName,$maskedToken);
if(is_array($this->csrfCookie))
{
foreach($this->csrfCookie as $name=>$value)
$cookie->$name=$value;
}
return $cookie;
}
Creates a cookie with a randomly generated CSRF token. Initial values specified in csrfCookie will be applied to the generated cookie.
See Also
decodePathInfo() method (available since v1.1.10)
protected string decodePathInfo(string $pathInfo) | ||
$pathInfo | string | encoded path info |
{return} | string | decoded path info |
protected function decodePathInfo($pathInfo)
{
$pathInfo = urldecode($pathInfo);
// is it UTF-8?
// http://w3.org/International/questions/qa-forms-utf-8.html
if(preg_match('%^(?:
[\x09\x0A\x0D\x20-\x7E] # ASCII
| [\xC2-\xDF][\x80-\xBF] # non-overlong 2-byte
| \xE0[\xA0-\xBF][\x80-\xBF] # excluding overlongs
| [\xE1-\xEC\xEE\xEF][\x80-\xBF]{2} # straight 3-byte
| \xED[\x80-\x9F][\x80-\xBF] # excluding surrogates
| \xF0[\x90-\xBF][\x80-\xBF]{2} # planes 1-3
| [\xF1-\xF3][\x80-\xBF]{3} # planes 4-15
| \xF4[\x80-\x8F][\x80-\xBF]{2} # plane 16
)*$%xs', $pathInfo))
{
return $pathInfo;
}
else
{
return utf8_encode($pathInfo);
}
}
Decodes the path info. This method is an improved variant of the native urldecode() function and used in getPathInfo() to decode the path part of the request URI. You may override this method to change the way the path info is being decoded.
getAcceptTypes() method
public string getAcceptTypes() | ||
{return} | string | user browser accept types, null if not present |
public function getAcceptTypes()
{
return isset($_SERVER['HTTP_ACCEPT'])?$_SERVER['HTTP_ACCEPT']:null;
}
Returns user browser accept types, null if not present.
getBaseUrl() method
public string getBaseUrl(boolean $absolute=false) | ||
$absolute | boolean | whether to return an absolute URL. Defaults to false, meaning returning a relative one. |
{return} | string | the relative URL for the application |
public function getBaseUrl($absolute=false)
{
if($this->_baseUrl===null)
$this->_baseUrl=rtrim(dirname($this->getScriptUrl()),'\\/');
return $absolute ? $this->getHostInfo() . $this->_baseUrl : $this->_baseUrl;
}
Returns the relative URL for the application. This is similar to scriptUrl except that it does not have the script file name, and the ending slashes are stripped off.
See Also
getBrowser() method
public array getBrowser(string $userAgent=NULL) | ||
$userAgent | string | the user agent to be analyzed. Defaults to null, meaning using the current User-Agent HTTP header information. |
{return} | array | user browser capabilities. |
public function getBrowser($userAgent=null)
{
return get_browser($userAgent,true);
}
Returns information about the capabilities of user browser.
getContentType() method (available since v1.1.17)
public string getContentType() | ||
{return} | string | request content-type. Null is returned if this information is not available. |
public function getContentType()
{
if (isset($_SERVER["CONTENT_TYPE"])) {
return $_SERVER["CONTENT_TYPE"];
} elseif (isset($_SERVER["HTTP_CONTENT_TYPE"])) {
//fix bug https://bugs.php.net/bug.php?id=66606
return $_SERVER["HTTP_CONTENT_TYPE"];
}
return null;
}
Returns request content-type The Content-Type header field indicates the MIME type of the data contained in getRawBody() or, in the case of the HEAD method, the media type that would have been sent had the request been a GET.
getCookies() method
public CCookieCollection getCookies() | ||
{return} | CCookieCollection | the cookie collection. |
public function getCookies()
{
if($this->_cookies!==null)
return $this->_cookies;
else
return $this->_cookies=new CCookieCollection($this);
}
Returns the cookie collection. The result can be used like an associative array. Adding CHttpCookie objects to the collection will send the cookies to the client; and removing the objects from the collection will delete those cookies on the client.
getCsrfToken() method
public string getCsrfToken() | ||
{return} | string | the random token for CSRF validation. |
public function getCsrfToken()
{
if($this->_csrfToken===null)
{
$cookie=$this->getCookies()->itemAt($this->csrfTokenName);
if(!$cookie || ($this->_csrfToken=$cookie->value)==null)
{
$cookie=$this->createCsrfCookie();
$this->_csrfToken=$cookie->value;
$this->getCookies()->add($cookie->name,$cookie);
}
}
return $this->_csrfToken;
}
Returns the random token used to perform CSRF validation. The token will be read from cookie first. If not found, a new token will be generated.
See Also
getDelete() method (available since v1.1.7)
public mixed getDelete(string $name, mixed $defaultValue=NULL) | ||
$name | string | the DELETE parameter name |
$defaultValue | mixed | the default parameter value if the DELETE parameter does not exist. |
{return} | mixed | the DELETE parameter value |
public function getDelete($name,$defaultValue=null)
{
if($this->getIsDeleteViaPostRequest())
return $this->getPost($name, $defaultValue);
if($this->getIsDeleteRequest())
{
$restParams=$this->getRestParams();
return isset($restParams[$name]) ? $restParams[$name] : $defaultValue;
}
else
return $defaultValue;
}
Returns the named DELETE parameter value. If the DELETE parameter does not exist or if the current request is not a DELETE request, the second parameter to this method will be returned. If the DELETE request was tunneled through POST via _method parameter, the POST parameter will be returned instead (available since version 1.1.11).
getHostInfo() method
public string getHostInfo(string $schema='') | ||
$schema | string | schema to use (e.g. http, https). If empty, the schema used for the current request will be used. |
{return} | string | schema and hostname part (with port number if needed) of the request URL (e.g. http://www.yiiframework.com) |
public function getHostInfo($schema='')
{
if($this->_hostInfo===null)
{
if($secure=$this->getIsSecureConnection())
$http='https';
else
$http='http';
if(isset($_SERVER['HTTP_HOST']))
$this->_hostInfo=$http.'://'.$_SERVER['HTTP_HOST'];
else
{
$this->_hostInfo=$http.'://'.$_SERVER['SERVER_NAME'];
$port=$secure ? $this->getSecurePort() : $this->getPort();
if(($port!==80 && !$secure) || ($port!==443 && $secure))
$this->_hostInfo.=':'.$port;
}
}
if($schema!=='')
{
$secure=$this->getIsSecureConnection();
if($secure && $schema==='https' || !$secure && $schema==='http')
return $this->_hostInfo;
$port=$schema==='https' ? $this->getSecurePort() : $this->getPort();
if($port!==80 && $schema==='http' || $port!==443 && $schema==='https')
$port=':'.$port;
else
$port='';
$pos=strpos($this->_hostInfo,':');
return $schema.substr($this->_hostInfo,$pos,strcspn($this->_hostInfo,':',$pos+1)+1).$port;
}
else
return $this->_hostInfo;
}
Returns the schema and host part of the application URL. The returned URL does not have an ending slash. By default this is determined based on the user request information. You may explicitly specify it by setting the hostInfo property.
See Also
getHttpVersion() method (available since v1.1.16)
public string getHttpVersion() | ||
{return} | string | the version of the HTTP protocol. |
public function getHttpVersion()
{
if($this->_httpVersion===null)
{
if(isset($_SERVER['SERVER_PROTOCOL']) && $_SERVER['SERVER_PROTOCOL']==='HTTP/1.0')
$this->_httpVersion='1.0';
else
$this->_httpVersion='1.1';
}
return $this->_httpVersion;
}
Returns the version of the HTTP protocol used by client.
getIsAjaxRequest() method
public boolean getIsAjaxRequest() | ||
{return} | boolean | whether this is an AJAX (XMLHttpRequest) request. |
public function getIsAjaxRequest()
{
return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH']==='XMLHttpRequest';
}
Returns whether this is an AJAX (XMLHttpRequest) request.
getIsDeleteRequest() method (available since v1.1.7)
public boolean getIsDeleteRequest() | ||
{return} | boolean | whether this is a DELETE request. |
public function getIsDeleteRequest()
{
return (isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'DELETE')) || $this->getIsDeleteViaPostRequest();
}
Returns whether this is a DELETE request.
getIsDeleteViaPostRequest() method (available since v1.1.11)
protected boolean getIsDeleteViaPostRequest() | ||
{return} | boolean | whether this is a DELETE request tunneled through POST. |
protected function getIsDeleteViaPostRequest()
{
return isset($_POST['_method']) && !strcasecmp($_POST['_method'],'DELETE');
}
Returns whether this is a DELETE request which was tunneled through POST.
getIsFlashRequest() method (available since v1.1.11)
public boolean getIsFlashRequest() | ||
{return} | boolean | whether this is an Adobe Flash or Adobe Flex request. |
public function getIsFlashRequest()
{
return isset($_SERVER['HTTP_USER_AGENT']) && (stripos($_SERVER['HTTP_USER_AGENT'],'Shockwave')!==false || stripos($_SERVER['HTTP_USER_AGENT'],'Flash')!==false);
}
Returns whether this is an Adobe Flash or Adobe Flex request.
getIsPatchRequest() method (available since v1.1.16)
public boolean getIsPatchRequest() | ||
{return} | boolean | whether this is a PATCH request. |
public function getIsPatchRequest()
{
return (isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'PATCH')) || $this->getIsPatchViaPostRequest();
}
Returns whether this is a PATCH request.
getIsPatchViaPostRequest() method (available since v1.1.16)
protected boolean getIsPatchViaPostRequest() | ||
{return} | boolean | whether this is a PATCH request tunneled through POST. |
protected function getIsPatchViaPostRequest()
{
return isset($_POST['_method']) && !strcasecmp($_POST['_method'],'PATCH');
}
Returns whether this is a PATCH request which was tunneled through POST.
getIsPostRequest() method
public boolean getIsPostRequest() | ||
{return} | boolean | whether this is a POST request. |
public function getIsPostRequest()
{
return isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'POST');
}
Returns whether this is a POST request.
getIsPutRequest() method (available since v1.1.7)
public boolean getIsPutRequest() | ||
{return} | boolean | whether this is a PUT request. |
public function getIsPutRequest()
{
return (isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'PUT')) || $this->getIsPutViaPostRequest();
}
Returns whether this is a PUT request.
getIsPutViaPostRequest() method (available since v1.1.11)
protected boolean getIsPutViaPostRequest() | ||
{return} | boolean | whether this is a PUT request tunneled through POST. |
protected function getIsPutViaPostRequest()
{
return isset($_POST['_method']) && !strcasecmp($_POST['_method'],'PUT');
}
Returns whether this is a PUT request which was tunneled through POST.
getIsSecureConnection() method
public boolean getIsSecureConnection() | ||
{return} | boolean | if the request is sent via secure channel (https) |
public function getIsSecureConnection()
{
return isset($_SERVER['HTTPS']) && (strcasecmp($_SERVER['HTTPS'],'on')===0 || $_SERVER['HTTPS']==1)
|| isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strcasecmp($_SERVER['HTTP_X_FORWARDED_PROTO'],'https')===0;
}
Return if the request is sent via secure channel (https).
getParam() method
public mixed getParam(string $name, mixed $defaultValue=NULL) | ||
$name | string | the GET parameter name |
$defaultValue | mixed | the default parameter value if the GET parameter does not exist. |
{return} | mixed | the GET parameter value |
public function getParam($name,$defaultValue=null)
{
return isset($_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $defaultValue);
}
Returns the named GET or POST parameter value. If the GET or POST parameter does not exist, the second parameter to this method will be returned. If both GET and POST contains such a named parameter, the GET parameter takes precedence.
getPatch() method (available since v1.1.16)
public mixed getPatch(string $name, mixed $defaultValue=NULL) | ||
$name | string | the PATCH parameter name |
$defaultValue | mixed | the default parameter value if the PATCH parameter does not exist. |
{return} | mixed | the PATCH parameter value |
public function getPatch($name,$defaultValue=null)
{
if($this->getIsPatchViaPostRequest())
return $this->getPost($name, $defaultValue);
if($this->getIsPatchRequest())
{
$restParams=$this->getRestParams();
return isset($restParams[$name]) ? $restParams[$name] : $defaultValue;
}
else
return $defaultValue;
}
Returns the named PATCH parameter value. If the PATCH parameter does not exist or if the current request is not a PATCH request, the second parameter to this method will be returned. If the PATCH request was tunneled through POST via _method parameter, the POST parameter will be returned instead.
getPathInfo() method
public string getPathInfo() | ||
{return} | string | part of the request URL that is after the entry script and before the question mark. Note, the returned pathinfo is decoded starting from 1.1.4. Prior to 1.1.4, whether it is decoded or not depends on the server configuration (in most cases it is not decoded). |
public function getPathInfo()
{
if($this->_pathInfo===null)
{
$pathInfo=$this->getRequestUri();
if(($pos=strpos($pathInfo,'?'))!==false)
$pathInfo=substr($pathInfo,0,$pos);
$pathInfo=$this->decodePathInfo($pathInfo);
$scriptUrl=$this->getScriptUrl();
$baseUrl=$this->getBaseUrl();
if(strpos($pathInfo,$scriptUrl)===0)
$pathInfo=substr($pathInfo,strlen($scriptUrl));
elseif($baseUrl==='' || strpos($pathInfo,$baseUrl)===0)
$pathInfo=substr($pathInfo,strlen($baseUrl));
elseif(strpos($_SERVER['PHP_SELF'],$scriptUrl)===0)
$pathInfo=substr($_SERVER['PHP_SELF'],strlen($scriptUrl));
else
throw new CException(Yii::t('yii','CHttpRequest is unable to determine the path info of the request.'));
if($pathInfo==='/' || $pathInfo===false)
$pathInfo='';
elseif($pathInfo!=='' && $pathInfo[0]==='/')
$pathInfo=substr($pathInfo,1);
if(($posEnd=strlen($pathInfo)-1)>0 && $pathInfo[$posEnd]==='/')
$pathInfo=substr($pathInfo,0,$posEnd);
$this->_pathInfo=$pathInfo;
}
return $this->_pathInfo;
}
Returns the path info of the currently requested URL. This refers to the part that is after the entry script and before the question mark. The starting and ending slashes are stripped off.
getPort() method (available since v1.1.3)
public integer getPort() | ||
{return} | integer | port number for insecure requests. |
public function getPort()
{
if($this->_port===null)
$this->_port=!$this->getIsSecureConnection() && isset($_SERVER['SERVER_PORT']) ? (int)$_SERVER['SERVER_PORT'] : 80;
return $this->_port;
}
Returns the port to use for insecure requests. Defaults to 80, or the port specified by the server if the current request is insecure. You may explicitly specify it by setting the port property.
See Also
getPost() method
public mixed getPost(string $name, mixed $defaultValue=NULL) | ||
$name | string | the POST parameter name |
$defaultValue | mixed | the default parameter value if the POST parameter does not exist. |
{return} | mixed | the POST parameter value |
public function getPost($name,$defaultValue=null)
{
return isset($_POST[$name]) ? $_POST[$name] : $defaultValue;
}
Returns the named POST parameter value. If the POST parameter does not exist, the second parameter to this method will be returned.
getPreferredAcceptType() method
public array getPreferredAcceptType() | ||
{return} | array | the user preferred accept MIME type or false if the user does not have any. |
public function getPreferredAcceptType()
{
$preferredAcceptTypes=$this->getPreferredAcceptTypes();
return empty($preferredAcceptTypes) ? false : $preferredAcceptTypes[0];
}
Returns the user preferred accept MIME type. The MIME type is returned as an array map (see parseAcceptHeader()).
getPreferredAcceptTypes() method
public array getPreferredAcceptTypes() | ||
{return} | array | the user accepted MIME types, as array maps, in the order of preference. |
public function getPreferredAcceptTypes()
{
if($this->_preferredAcceptTypes===null)
{
$accepts=self::parseAcceptHeader($this->getAcceptTypes());
usort($accepts,array(get_class($this),'compareAcceptTypes'));
$this->_preferredAcceptTypes=$accepts;
}
return $this->_preferredAcceptTypes;
}
Returns an array of user accepted MIME types in order of preference. Each array entry consists of a map with the type, subType, baseType and params, an array map of key-value parameters. See parseAcceptHeader() for a description of the array map.
getPreferredLanguage() method
public string getPreferredLanguage(array $languages=array ( )) | ||
$languages | array | a list of the languages supported by the application. If empty, this method will return the first language returned by [[getPreferredLanguages()]]. |
{return} | string | the language that the application should use. false is returned if both [[getPreferredLanguages()]] and `$languages` are empty. |
public function getPreferredLanguage($languages=array())
{
$preferredLanguages=$this->getPreferredLanguages();
if(empty($languages)) {
return !empty($preferredLanguages) ? CLocale::getCanonicalID($preferredLanguages[0]) : false;
}
foreach ($preferredLanguages as $preferredLanguage) {
$preferredLanguage=CLocale::getCanonicalID($preferredLanguage);
foreach ($languages as $language) {
$language=CLocale::getCanonicalID($language);
// en_us==en_us, en==en_us, en_us==en
if($language===$preferredLanguage || strpos($preferredLanguage,$language.'_')===0 || strpos($language,$preferredLanguage.'_')===0) {
return $language;
}
}
}
return reset($languages);
}
Returns the user-preferred language that should be used by this application. The language resolution is based on the user preferred languages and the languages supported by the application. The method will try to find the best match.
getPreferredLanguages() method
public array getPreferredLanguages() | ||
{return} | array | the user accepted languages in the order of preference. See http://tools.ietf.org/html/rfc2616#section-14.4 |
public function getPreferredLanguages()
{
if($this->_preferredLanguages===null)
{
$sortedLanguages=array();
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) && $n=preg_match_all('/([\w\-_]+)(?:\s*;\s*q\s*=\s*(\d*\.?\d*))?/',$_SERVER['HTTP_ACCEPT_LANGUAGE'],$matches))
{
$languages=array();
for($i=0;$i<$n;++$i)
{
$q=$matches[2][$i];
if($q==='')
$q=1;
if($q)
$languages[]=array((float)$q,$matches[1][$i]);
}
usort($languages,create_function('$a,$b','if($a[0]==$b[0]) {return 0;} return ($a[0]<$b[0]) ? 1 : -1;'));
foreach($languages as $language)
$sortedLanguages[]=$language[1];
}
$this->_preferredLanguages=$sortedLanguages;
}
return $this->_preferredLanguages;
}
Returns an array of user accepted languages in order of preference. The returned language IDs will NOT be canonicalized using CLocale::getCanonicalID.
getPut() method (available since v1.1.7)
public mixed getPut(string $name, mixed $defaultValue=NULL) | ||
$name | string | the PUT parameter name |
$defaultValue | mixed | the default parameter value if the PUT parameter does not exist. |
{return} | mixed | the PUT parameter value |
public function getPut($name,$defaultValue=null)
{
if($this->getIsPutViaPostRequest())
return $this->getPost($name, $defaultValue);
if($this->getIsPutRequest())
{
$restParams=$this->getRestParams();
return isset($restParams[$name]) ? $restParams[$name] : $defaultValue;
}
else
return $defaultValue;
}
Returns the named PUT parameter value. If the PUT parameter does not exist or if the current request is not a PUT request, the second parameter to this method will be returned. If the PUT request was tunneled through POST via _method parameter, the POST parameter will be returned instead (available since version 1.1.11).
getQuery() method
public mixed getQuery(string $name, mixed $defaultValue=NULL) | ||
$name | string | the GET parameter name |
$defaultValue | mixed | the default parameter value if the GET parameter does not exist. |
{return} | mixed | the GET parameter value |
public function getQuery($name,$defaultValue=null)
{
return isset($_GET[$name]) ? $_GET[$name] : $defaultValue;
}
Returns the named GET parameter value. If the GET parameter does not exist, the second parameter to this method will be returned.
getQueryString() method
public string getQueryString() | ||
{return} | string | part of the request URL that is after the question mark |
public function getQueryString()
{
return isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'';
}
Returns part of the request URL that is after the question mark.
getRawBody() method (available since v1.1.13)
public string getRawBody() | ||
{return} | string | the request body |
public function getRawBody()
{
static $rawBody;
if($rawBody===null)
$rawBody=file_get_contents('php://input');
return $rawBody;
}
Returns the raw HTTP request body.
getRequestType() method
public string getRequestType() | ||
{return} | string | request type, such as GET, POST, HEAD, PUT, PATCH, DELETE. |
public function getRequestType()
{
if(isset($_POST['_method']))
return strtoupper($_POST['_method']);
elseif(isset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']))
return strtoupper($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']);
return strtoupper(isset($_SERVER['REQUEST_METHOD'])?$_SERVER['REQUEST_METHOD']:'GET');
}
Returns the request type, such as GET, POST, HEAD, PUT, PATCH, DELETE. Request type can be manually set in POST requests with a parameter named _method. Useful for RESTful request from older browsers which do not support PUT, PATCH or DELETE natively (available since version 1.1.11).
getRequestUri() method
public string getRequestUri() | ||
{return} | string | the request URI portion for the currently requested URL. |
public function getRequestUri()
{
if($this->_requestUri===null)
{
if(isset($_SERVER['HTTP_X_REWRITE_URL'])) // IIS
$this->_requestUri=$_SERVER['HTTP_X_REWRITE_URL'];
elseif(isset($_SERVER['REQUEST_URI']))
{
$this->_requestUri=$_SERVER['REQUEST_URI'];
if(!empty($_SERVER['HTTP_HOST']))
{
if(strpos($this->_requestUri,$_SERVER['HTTP_HOST'])!==false)
$this->_requestUri=preg_replace('/^\w+:\/\/[^\/]+/','',$this->_requestUri);
}
else
$this->_requestUri=preg_replace('/^(http|https):\/\/[^\/]+/i','',$this->_requestUri);
}
elseif(isset($_SERVER['ORIG_PATH_INFO'])) // IIS 5.0 CGI
{
$this->_requestUri=$_SERVER['ORIG_PATH_INFO'];
if(!empty($_SERVER['QUERY_STRING']))
$this->_requestUri.='?'.$_SERVER['QUERY_STRING'];
}
else
throw new CException(Yii::t('yii','CHttpRequest is unable to determine the request URI.'));
}
return $this->_requestUri;
}
Returns the request URI portion for the currently requested URL. This refers to the portion that is after the host info part. It includes the query string part if any. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.
getRestParams() method (available since v1.1.13 method became public)
public array getRestParams() | ||
{return} | array | the request parameters |
public function getRestParams()
{
if($this->_restParams===null)
{
$result=array();
if (strncmp($this->getContentType(), 'application/json', 16) === 0)
$result = CJSON::decode($this->getRawBody(), $this->jsonAsArray);
elseif(function_exists('mb_parse_str'))
mb_parse_str($this->getRawBody(), $result);
else
parse_str($this->getRawBody(), $result);
$this->_restParams=$result;
}
return $this->_restParams;
}
Returns request parameters. Typically PUT, PATCH or DELETE.
getScriptFile() method
public string getScriptFile() | ||
{return} | string | entry script file path (processed w/ realpath()) |
public function getScriptFile()
{
if($this->_scriptFile!==null)
return $this->_scriptFile;
else
return $this->_scriptFile=realpath($_SERVER['SCRIPT_FILENAME']);
}
Returns entry script file path.
getScriptUrl() method
public string getScriptUrl() | ||
{return} | string | the relative URL of the entry script. |
public function getScriptUrl()
{
if($this->_scriptUrl===null)
{
$scriptName=basename($_SERVER['SCRIPT_FILENAME']);
if(basename($_SERVER['SCRIPT_NAME'])===$scriptName)
$this->_scriptUrl=$_SERVER['SCRIPT_NAME'];
elseif(basename($_SERVER['PHP_SELF'])===$scriptName)
$this->_scriptUrl=$_SERVER['PHP_SELF'];
elseif(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME'])===$scriptName)
$this->_scriptUrl=$_SERVER['ORIG_SCRIPT_NAME'];
elseif(($pos=strpos($_SERVER['PHP_SELF'],'/'.$scriptName))!==false)
$this->_scriptUrl=substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$scriptName;
elseif(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT'])===0)
$this->_scriptUrl=str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
else
throw new CException(Yii::t('yii','CHttpRequest is unable to determine the entry script URL.'));
}
return $this->_scriptUrl;
}
Returns the relative URL of the entry script. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.
getSecurePort() method (available since v1.1.3)
public integer getSecurePort() | ||
{return} | integer | port number for secure requests. |
public function getSecurePort()
{
if($this->_securePort===null)
$this->_securePort=$this->getIsSecureConnection() && isset($_SERVER['SERVER_PORT']) ? (int)$_SERVER['SERVER_PORT'] : 443;
return $this->_securePort;
}
Returns the port to use for secure requests. Defaults to 443, or the port specified by the server if the current request is secure. You may explicitly specify it by setting the securePort property.
See Also
getServerName() method
public string getServerName() | ||
{return} | string | server name |
public function getServerName()
{
return $_SERVER['SERVER_NAME'];
}
Returns the server name.
getServerPort() method
public integer getServerPort() | ||
{return} | integer | server port number |
public function getServerPort()
{
return $_SERVER['SERVER_PORT'];
}
Returns the server port number.
getUrl() method
public string getUrl() | ||
{return} | string | part of the request URL after the host info. |
public function getUrl()
{
return $this->getRequestUri();
}
Returns the currently requested URL. This is the same as getRequestUri.
getUrlReferrer() method
public string getUrlReferrer() | ||
{return} | string | URL referrer, null if not present |
public function getUrlReferrer()
{
return isset($_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:null;
}
Returns the URL referrer, null if not present
getUserAgent() method
public string getUserAgent() | ||
{return} | string | user agent, null if not present |
public function getUserAgent()
{
return isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:null;
}
Returns the user agent, null if not present.
getUserHost() method
public string getUserHost() | ||
{return} | string | user host name, null if cannot be determined |
public function getUserHost()
{
return isset($_SERVER['REMOTE_HOST'])?$_SERVER['REMOTE_HOST']:null;
}
Returns the user host name, null if it cannot be determined.
getUserHostAddress() method
public string getUserHostAddress() | ||
{return} | string | user IP address |
public function getUserHostAddress()
{
return isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'127.0.0.1';
}
Returns the user IP address.
init() method
public void init() |
public function init()
{
parent::init();
$this->normalizeRequest();
}
Initializes the application component. This method overrides the parent implementation by preprocessing the user request data.
normalizeRequest() method
protected void normalizeRequest() |
protected function normalizeRequest()
{
// normalize request
if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc())
{
if(isset($_GET))
$_GET=$this->stripSlashes($_GET);
if(isset($_POST))
$_POST=$this->stripSlashes($_POST);
if(isset($_REQUEST))
$_REQUEST=$this->stripSlashes($_REQUEST);
if(isset($_COOKIE))
$_COOKIE=$this->stripSlashes($_COOKIE);
}
if($this->enableCsrfValidation)
Yii::app()->attachEventHandler('onBeginRequest',array($this,'validateCsrfToken'));
}
Normalizes the request data. This method strips off slashes in request data if get_magic_quotes_gpc() returns true. It also performs CSRF validation if enableCsrfValidation is true.
parseAcceptHeader() method
public static array parseAcceptHeader(string $header) | ||
$header | string | the accept header value to parse |
{return} | array | the user accepted MIME types. |
public static function parseAcceptHeader($header)
{
$matches=array();
$accepts=array();
// get individual entries with their type, subtype, basetype and params
preg_match_all('/(?:\G\s?,\s?|^)(\w+|\*)\/(\w+|\*)(?:\+(\w+))?|(?<!^)\G(?:\s?;\s?(\w+)=([\w\.]+))/',$header,$matches);
// the regexp should (in theory) always return an array of 6 arrays
if(count($matches)===6)
{
$i=0;
$itemLen=count($matches[1]);
while($i<$itemLen)
{
// fill out a content type
$accept=array(
'type'=>$matches[1][$i],
'subType'=>$matches[2][$i],
'baseType'=>null,
'params'=>array(),
);
// fill in the base type if it exists
if($matches[3][$i]!==null && $matches[3][$i]!=='')
$accept['baseType']=$matches[3][$i];
// continue looping while there is no new content type, to fill in all accompanying params
for($i++;$i<$itemLen;$i++)
{
// if the next content type is null, then the item is a param for the current content type
if($matches[1][$i]===null || $matches[1][$i]==='')
{
// if this is the quality param, convert it to a double
if($matches[4][$i]==='q')
{
// sanity check on q value
$q=(double)$matches[5][$i];
if($q>1)
$q=(double)1;
elseif($q<0)
$q=(double)0;
$accept['params'][$matches[4][$i]]=$q;
}
else
$accept['params'][$matches[4][$i]]=$matches[5][$i];
}
else
break;
}
// q defaults to 1 if not explicitly given
if(!isset($accept['params']['q']))
$accept['params']['q']=(double)1;
$accepts[] = $accept;
}
}
return $accepts;
}
Parses an HTTP Accept header, returning an array map with all parts of each entry. Each array entry consists of a map with the type, subType, baseType and params, an array map of key-value parameters, obligatorily including a `q` value (i.e. preference ranking) as a double. For example, an Accept header value of 'application/xhtml+xml;q=0.9;level=1'
would give an array entry of
array( 'type' => 'application', 'subType' => 'xhtml', 'baseType' => 'xml', 'params' => array( 'q' => 0.9, 'level' => '1', ), )
Please note: To avoid great complexity, there are no steps taken to ensure that quoted strings are treated properly. If the header text includes quoted strings containing space or the , or ; characters then the results may not be correct!
See also http://tools.ietf.org/html/rfc2616#section-14.1 for details on Accept header.
redirect() method
public void redirect(string $url, boolean $terminate=true, integer $statusCode=302) | ||
$url | string | URL to be redirected to. Note that when URL is not absolute (not starting with "/") it will be relative to current request URL. |
$terminate | boolean | whether to terminate the current application |
$statusCode | integer | the HTTP status code. Defaults to 302. See http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html for details about HTTP status code. |
public function redirect($url,$terminate=true,$statusCode=302)
{
if(strpos($url,'/')===0 && strpos($url,'//')!==0)
$url=$this->getHostInfo().$url;
header('Location: '.$url, true, $statusCode);
if($terminate)
Yii::app()->end();
}
Redirects the browser to the specified URL.
sendFile() method
public void sendFile(string $fileName, string $content, string $mimeType=NULL, boolean $terminate=true) | ||
$fileName | string | file name |
$content | string | content to be set. |
$mimeType | string | mime type of the content. If null, it will be guessed automatically based on the given file name. |
$terminate | boolean | whether to terminate the current application after calling this method |
public function sendFile($fileName,$content,$mimeType=null,$terminate=true)
{
if($mimeType===null)
{
if(($mimeType=CFileHelper::getMimeTypeByExtension($fileName))===null)
$mimeType='text/plain';
}
$fileSize=(function_exists('mb_strlen') ? mb_strlen($content,'8bit') : strlen($content));
$contentStart=0;
$contentEnd=$fileSize-1;
$httpVersion=$this->getHttpVersion();
if(isset($_SERVER['HTTP_RANGE']))
{
header('Accept-Ranges: bytes');
//client sent us a multibyte range, can not hold this one for now
if(strpos($_SERVER['HTTP_RANGE'],',')!==false)
{
header("Content-Range: bytes $contentStart-$contentEnd/$fileSize");
throw new CHttpException(416,'Requested Range Not Satisfiable');
}
$range=str_replace('bytes=','',$_SERVER['HTTP_RANGE']);
//range requests starts from "-", so it means that data must be dumped the end point.
if($range[0]==='-')
$contentStart=$fileSize-substr($range,1);
else
{
$range=explode('-',$range);
$contentStart=$range[0];
// check if the last-byte-pos presents in header
if((isset($range[1]) && is_numeric($range[1])))
$contentEnd=$range[1];
}
/* Check the range and make sure it's treated according to the specs.
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
*/
// End bytes can not be larger than $end.
$contentEnd=($contentEnd > $fileSize) ? $fileSize-1 : $contentEnd;
// Validate the requested range and return an error if it's not correct.
$wrongContentStart=($contentStart>$contentEnd || $contentStart>$fileSize-1 || $contentStart<0);
if($wrongContentStart)
{
header("Content-Range: bytes $contentStart-$contentEnd/$fileSize");
throw new CHttpException(416,'Requested Range Not Satisfiable');
}
header("HTTP/$httpVersion 206 Partial Content");
header("Content-Range: bytes $contentStart-$contentEnd/$fileSize");
}
else
header("HTTP/$httpVersion 200 OK");
$length=$contentEnd-$contentStart+1; // Calculate new content length
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header("Content-Type: $mimeType");
header('Content-Length: '.$length);
header("Content-Disposition: attachment; filename=\"$fileName\"");
header('Content-Transfer-Encoding: binary');
$content=function_exists('mb_substr') ? mb_substr($content,$contentStart,$length,'8bit') : substr($content,$contentStart,$length);
if($terminate)
{
// clean up the application first because the file downloading could take long time
// which may cause timeout of some resources (such as DB connection)
ob_start();
Yii::app()->end(0,false);
ob_end_clean();
echo $content;
exit(0);
}
else
echo $content;
}
Sends a file to user.
setBaseUrl() method
public void setBaseUrl(string $value) | ||
$value | string | the relative URL for the application |
public function setBaseUrl($value)
{
$this->_baseUrl=$value;
}
Sets the relative URL for the application. By default the URL is determined based on the entry script URL. This setter is provided in case you want to change this behavior.
setHostInfo() method
public void setHostInfo(string $value) | ||
$value | string | the schema and host part of the application URL. |
public function setHostInfo($value)
{
$this->_hostInfo=rtrim($value,'/');
}
Sets the schema and host part of the application URL. This setter is provided in case the schema and hostname cannot be determined on certain Web servers.
setPort() method (available since v1.1.3)
public void setPort(integer $value) | ||
$value | integer | port number. |
public function setPort($value)
{
$this->_port=(int)$value;
$this->_hostInfo=null;
}
Sets the port to use for insecure requests. This setter is provided in case a custom port is necessary for certain server configurations.
setScriptUrl() method
public void setScriptUrl(string $value) | ||
$value | string | the relative URL for the application entry script. |
public function setScriptUrl($value)
{
$this->_scriptUrl='/'.trim($value,'/');
}
Sets the relative URL for the application entry script. This setter is provided in case the entry script URL cannot be determined on certain Web servers.
setSecurePort() method (available since v1.1.3)
public void setSecurePort(integer $value) | ||
$value | integer | port number. |
public function setSecurePort($value)
{
$this->_securePort=(int)$value;
$this->_hostInfo=null;
}
Sets the port to use for secure requests. This setter is provided in case a custom port is necessary for certain server configurations.
stripSlashes() method
public mixed stripSlashes(mixed &$data) | ||
$data | mixed | input data to be processed |
{return} | mixed | processed data |
public function stripSlashes(&$data)
{
if(is_array($data))
{
if(count($data) == 0)
return $data;
$keys=array_map('stripslashes',array_keys($data));
$data=array_combine($keys,array_values($data));
return array_map(array($this,'stripSlashes'),$data);
}
else
return stripslashes($data);
}
Strips slashes from input data. This method is applied when magic quotes is enabled.
validateCsrfToken() method
public void validateCsrfToken(CEvent $event) | ||
$event | CEvent | event parameter |
public function validateCsrfToken($event)
{
if ($this->getIsPostRequest() ||
$this->getIsPutRequest() ||
$this->getIsPatchRequest() ||
$this->getIsDeleteRequest())
{
$cookies=$this->getCookies();
$method=$this->getRequestType();
switch($method)
{
case 'POST':
$maskedUserToken=$this->getPost($this->csrfTokenName);
break;
case 'PUT':
$maskedUserToken=$this->getPut($this->csrfTokenName);
break;
case 'PATCH':
$maskedUserToken=$this->getPatch($this->csrfTokenName);
break;
case 'DELETE':
$maskedUserToken=$this->getDelete($this->csrfTokenName);
}
if (!empty($maskedUserToken) && $cookies->contains($this->csrfTokenName))
{
$securityManager=Yii::app()->getSecurityManager();
$maskedCookieToken=$cookies->itemAt($this->csrfTokenName)->value;
$cookieToken=$securityManager->unmaskToken($maskedCookieToken);
$userToken=$securityManager->unmaskToken($maskedUserToken);
$valid=$cookieToken===$userToken;
}
else
$valid = false;
if (!$valid)
throw new CHttpException(400,Yii::t('yii','The CSRF token could not be verified.'));
}
}
Performs the CSRF validation. This is the event handler responding to CApplication::onBeginRequest. The default implementation will compare the CSRF token obtained from a cookie and from a POST field. If they are different, a CSRF attack is detected.
xSendFile() method
public void xSendFile(string $filePath, array $options=array ( )) | ||
$filePath | string | file name with full path |
$options | array | additional options:
|
public function xSendFile($filePath, $options=array())
{
if(!isset($options['forceDownload']) || $options['forceDownload'])
$disposition='attachment';
else
$disposition='inline';
if(!isset($options['saveName']))
$options['saveName']=basename($filePath);
if(!isset($options['mimeType']))
{
if(($options['mimeType']=CFileHelper::getMimeTypeByExtension($filePath))===null)
$options['mimeType']='text/plain';
}
if(!isset($options['xHeader']))
$options['xHeader']='X-Sendfile';
if($options['mimeType']!==null)
header('Content-Type: '.$options['mimeType']);
header('Content-Disposition: '.$disposition.'; filename="'.$options['saveName'].'"');
if(isset($options['addHeaders']))
{
foreach($options['addHeaders'] as $header=>$value)
header($header.': '.$value);
}
header(trim($options['xHeader']).': '.$filePath);
if(!isset($options['terminate']) || $options['terminate'])
Yii::app()->end();
}
Sends existing file to a browser as a download using x-sendfile.
X-Sendfile is a feature allowing a web application to redirect the request for a file to the webserver that in turn processes the request, this way eliminating the need to perform tasks like reading the file and sending it to the user. When dealing with a lot of files (or very big files) this can lead to a great increase in performance as the web application is allowed to terminate earlier while the webserver is handling the request.
The request is sent to the server through a special non-standard HTTP-header. When the web server encounters the presence of such header it will discard all output and send the file specified by that header using web server internals including all optimizations like caching-headers.
As this header directive is non-standard different directives exists for different web servers applications:
- Apache: X-Sendfile
- Lighttpd v1.4: X-LIGHTTPD-send-file
- Lighttpd v1.5: X-Sendfile
- Nginx: X-Accel-Redirect
- Cherokee: X-Sendfile and X-Accel-Redirect
Note: This option allows to download files that are not under web folders, and even files that are otherwise protected (deny from all) like .htaccess
Side effects: If this option is disabled by the web server, when this method is called a download configuration dialog will open but the downloaded file will have 0 bytes.
Known issues: There is a Bug with Internet Explorer 6, 7 and 8 when X-SENDFILE is used over an SSL connection, it will show an error message like this: "Internet Explorer was not able to open this Internet site. The requested site is either unavailable or cannot be found.". You can work around this problem by removing the
Pragma
-header. Example:
<?php Yii::app()->request->xSendFile('/home/user/Pictures/picture1.jpg',array( 'saveName'=>'image1.jpg', 'mimeType'=>'image/jpeg', 'terminate'=>false, )); ?>
© 2008–2017 by Yii Software LLC
Licensed under the three clause BSD license.
http://www.yiiframework.com/doc/api/1.1/CHttpRequest