Request Environment
===================
æ¯ä¸€ä¸ªHTTP请求(通常是由æµè§ˆå™¨å‘起的)包å«é¢å¤–çš„ä¿¡æ¯ï¼Œå¦‚头数æ®çš„请求,文件,å˜é‡ç‰ã€‚
基于Web的应用程åºçš„文件需è¦åˆ†æžè¿™äº›ä¿¡æ¯ï¼Œä»¥æä¾›æ£ç¡®çš„
å“应返回给请求者。 :doc:`Phalcon\\HTTP\\Request <../api/Phalcon_Http_Request>` å°è£…
ä¿¡æ¯çš„请求,å…è®¸ä½ åœ¨ä¸€ä¸ªé¢å‘对象的方法æ¥è®¿é—®å®ƒã€‚
.. code-block:: php
<?php
// Getting a request instance
$request = new \Phalcon\Http\Request();
// Check whether the request was made with method POST
if ($request->isPost() == true) {
// Check whether the request was made with Ajax
if ($request->isAjax() == true) {
echo "Request was made using POST and AJAX";
}
}
获å–æ•°æ®
-----------------
PHPæ ¹æ®è¯·æ±‚的类型自动填充超全局å˜é‡$_GET å’Œ $_POST。这些数组包å«è¡¨å•æ交或通过URL请求的å‚数。这些数组ä¸çš„å˜é‡å€¼æ˜¯æœªåŠ 过滤的,å¯èƒ½åŒ…å«éžæ³•å—符,甚至是æ¶æ„代ç ,这å¯èƒ½ä¼šå¯¼è‡´ `SQL injection`_ or `Cross Site Scripting (XSS)`_ 攻击。
:doc:`Phalcon\\HTTP\\Request <../api/Phalcon_Http_Request>` å…è®¸ä½ è®¿é—®$_REQUEST,
$_GET å’Œ $_POST 这些数组ä¸çš„值,并且å¯ä»¥é€šè¿‡"filter" (by default
:doc:`Phalcon\\Filter <filter>`) æœåŠ¡å¯¹ä»–们进行过滤或消毒。下é¢çš„例åæ供与原始PHP获å–æ•°æ®ç›¸åŒçš„行为:
.. code-block:: php
<?php
// Manually applying the filter
$filter = new Phalcon\Filter();
$email = $filter->sanitize($_POST["user_email"], "email");
// Manually applying the filter to the value
$filter = new Phalcon\Filter();
$email = $filter->sanitize($request->getPost("user_email"), "email");
// Automatically applying the filter
$email = $request->getPost("user_email", "email");
// Setting a default value if the param is null
$email = $request->getPost("user_email", "email", "some@example.com");
// Setting a default value if the param is null without filtering
$email = $request->getPost("user_email", null, "some@example.com");
在控制器ä¸ä½¿ç”¨Request
--------------------------------------
访问请求最常è§çš„地方å‘生在controller/actionä¸ã€‚è¦æƒ³åœ¨æŽ§åˆ¶å™¨ä¸è®¿é—® :doc:`Phalcon\\HTTP\\Request <../api/Phalcon_Http_Request>` å¯¹è±¡ï¼Œä½ å¯ä»¥ä½¿ç”¨ $this->request 这个公共属性:
.. code-block:: php
<?php
class PostsController extends \Phalcon\Mvc\Controller
{
public function indexAction()
{
}
public function saveAction()
{
// Check if request has made with POST
if ($this->request->isPost() == true) {
// Access POST data
$customerName = $this->request->getPost("name");
$customerBorn = $this->request->getPost("born");
}
}
}
文件上ä¼
---------------
å¦ä¸€ç§å¸¸è§çš„ä»»åŠ¡æ˜¯æ–‡ä»¶ä¸Šä¼ ã€‚:doc:`Phalcon\\HTTP\\Request <../api/Phalcon_Http_Request>` æ供了一个é¢å‘对象的方å¼æ¥å®žçŽ°è¿™ä¸ªä»»åŠ¡ï¼š
.. code-block:: php
<?php
class PostsController extends \Phalcon\Mvc\Controller
{
public function uploadAction()
{
// Check if the user has uploaded files
if ($this->request->hasFiles() == true) {
// Print the real file names and sizes
foreach ($this->request->getUploadedFiles() as $file) {
//Print file details
echo $file->getName(), " ", $file->getSize(), "\n";
//Move the file into the application
$file->moveTo('files/');
}
}
}
}
Phalcon\\Http\\Request::getUploadedFiles() 返回的æ¯ä¸ªå¯¹è±¡æ˜¯ç±»æ–‡ä»¶ :doc:`Phalcon\\Http\\Request\\File <../api/Phalcon_Http_Request_File>` 的实际对象。使用 $_FILES 超全局å˜é‡æ供了相åŒçš„行为。:doc:`Phalcon\\Http\\Request\\File <../api/Phalcon_Http_Request_File>` å°è£…äº†ä¸Šä¼ è¯·æ±‚ä¸çš„å•ä¸ªæ–‡ä»¶ä¿¡æ¯ã€‚
Working with Headers
--------------------
æ£å¦‚上é¢æ到的,请求头éžå¸¸æœ‰ç”¨ï¼Œå®ƒä½¿æˆ‘们能够å‘é€é€‚当的å“应返回给用户。下é¢çš„例åå°†å‘ä½ å±•ç¤ºä½¿ç”¨çš„æ–¹æ³•ï¼š
.. code-block:: php
<?php
// get the Http-X-Requested-With header
$requestedWith = $response->getHeader("X_REQUESTED_WITH");
if ($requestedWith == "XMLHttpRequest") {
echo "The request was made with Ajax";
}
// Same as above
if ($request->isAjax()) {
echo "The request was made with Ajax";
}
// Check the request layer
if ($request->isSecureRequest() == true) {
echo "The request was made using a secure layer";
}
// Get the servers's ip address. ie. 192.168.0.100
$ipAddress = $request->getServerAddress();
// Get the client's ip address ie. 201.245.53.51
$ipAddress = $request->getClientAddress();
// Get the User Agent (HTTP_USER_AGENT)
$userAgent = $request->getUserAgent();
// Get the best acceptable content by the browser. ie text/xml
$contentType = $request->getAcceptableContent();
// Get the best charset accepted by the browser. ie. utf-8
$charset = $request->getBestCharset();
// Get the best language accepted configured in the browser. ie. en-us
$language = $request->getBestLanguage();
.. _SQL injection: http://en.wikipedia.org/wiki/SQL_injection
.. _Cross Site Scripting (XSS): http://en.wikipedia.org/wiki/Cross-site_scripting