Input Class

The CodeIgniter framework provides an input class that includes various input functions to pre-process global input data for protection; furthermore, it also provides some helper functions to obtain input data. This class is pre-loaded in the CodeIgniter application, so you do not need to load the input class into the controller file manually.

What is XSS Filtering?

An XSS filtering is used in the input class to filter your input data and prevent cross-site scripting attacks. And, if you want to invoke xss filtering that is automatically called in the input class, when it encounters a POST or COOKIE data. For this, you have to enable the application/config/config.php and follow the given below syntax:

The main methods of input class are:

  • $this->input->post()
  • $this->input->get()
  • $this->input->cookie()
  • $this->input->server()

Class reference

  1. raw_input_stream(): A raw_input_stream() function is used to read all the property of the input data.
  2. post(): A post() function is used to send data to the server without passing it to the URL.

Syntax

It has two parameters:

$index: It defines the POST parameter name of the form and if the defined item does not exist, it returns the NULL value.

$xss_clean: It defines whether you want to apply xss_clean to the form parameter or not.

Example:

And, if you want to pass multiple POST parameters to the server, you can define an array with or without XSS filtering.

Example:

Create a controller file Input_controller.php and save it in application/controller/ Input_controller.php. After that, write the following program in the controller file.

Input_controller.php

Create a view file my_view.php and save it in application/views/my_view.php. Then, type the following program in the controller file.

my_view.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/input function and fill the form details, it shows the output, as shown below.

CodeIgniter Input Class

Now click on the submit form button, it shows the output, as shown below.

CodeIgniter Input Class

3. get(): A get() function is similar to the post() function for sending the data to the server, but it has slight changes such as it does not hide the user’s data while passing on the URL.

Syntax

It has two parameters:

$index: It defines the GET parameter name of the form.

$xss_clean: It defines whether you want to apply xss_clean to the form parameter or not.

Example:

And, if you want to pass multiple parameters using GET to the server, you have to define it in an array with or without XSS filtering.

Create a controller file Input_controller.php and save it in application/controller/ Input_controller.php. Then, type the following program in the controller file.

Input_controller.php

Create a view file my_view.php and save it in application/views/my_view.php. After that, write the following program in the controller file.

my_view.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/input function and fill the form details, it shows the output, as shown below.

CodeIgniter Input Class

Now click on the submit form button, it shows the output, as shown below.

CodeIgniter Input Class

4. post_get(): This is a combination of the post() and get() functions. It works in the same way as the post() and get() functions, but in this post() function will work first for streaming the data and then GET().

Syntax

It has two parameters:

$index: It defines the POST/GET parameters name in the form.

$xss_clean: It defines whether you want to apply xss_clean to the form parameter or not.

Example:

5. get_post(): It is similar to the post_get() function for data streaming. But in the get_post() function, the get() function will work first to stream the data, and then post().

Syntax

It has two parameters:

$index: It defines the GET/ POST parameters name in the form.

$xss_clean: It defines whether you want to apply xss_clean to the form parameter or not.

Example:

Example of the post() and get() function in the input  library class.

Create a controller file Input_controller.php and save it in application/controller/ Input_controller.php. Then, type the following program in the controller file.

Input_controller.php

Create a view file my_view.php and save it in application/views/my_view.php. After that, write the following program in the controller file.

my_view.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/input function and fill the form details, it shows the output, as shown below.

CodeIgniter Input Class

Now click on the submit form button, it shows the output, as shown below.

CodeIgniter Input Class

6. cookie(): The cookie() function is also similar to the post() and get() functions, but it only fetches cookie data.

Syntax

It has two parameters:

$index: It defines the cookie name.

$xss_clean: It defines whether you want to apply xss_clean filtering to the form parameter or not.

Example:

7. server(): As the name suggests, a server() function is used to fetches only the server data ($_server).

Syntax

It has two paratemeters:

$index: It defines the fields value’s name.

$xss_clean: It defines whether you want to apply xss_clean filtering to the form parameter or not.

Create a controller file Input_controller.php and save it in application/controller/ Input_controller.php. After that, write the following program in the controller file.

Input_controller.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/server, it shows the output, as shown below.

CodeIgniter Input Class

8. set_cookie(): As the name suggests, a set_cookie () function is used to set the cookie that contains the values ​​you specify.

Syntax

There are following parameters of set_cookie() function:

$name: It defines the cookie name or an array of parameters name.

$value: It defines the values that you have set in cookie parameters.

$expire: It shows the cookie expiration time in seconds.

$domain: In this parameter, you can define the cookie domain name.

$path: It defines the cookie storage path in the application.

$prefix: It allows you to set the cookie prefix name.

$secure (bool): It allows that your cookie can only pass through secure HTTPS.

$httponly (bool): It determines whether you want to make the cookie accessible for HTTP requests (no Java script).

These are two methods to pass information that can be set in the cookie function: Array Methods and Discrete parameters:

  1. Array Method

Note: If you want to delete a cookie from an application, pass only the name and value with an empty expiration time. Furthermore, if the cookie expiration time is zero, it will work till the browser is opens.

2. Discrete parameter

It allows you to set cookie data individually in each field of the cookie function.

Create a controller file Input_controller.php and save it in application/controller/ Input_controller.php. After that, write the following program in the controller file.

Input_controller.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/server, it shows the output, as shown below.

CodeIgniter Input Class

9. ip_address(): As the name defines, it is used to display the IP address of the current user. And, if the IP address of the current user is invalid, it returns ‘0.0.0.0’ or is not a valid IP.

Syntax

10. valid_ip(): It is used to validate the IP address that the user has provided in the Codeigniter application. And if the address is valid, it returns TRUE; otherwise, it shows FALSE.

Syntax

It has two parameters:

$ip: It takes an IP address as an input

$which: It defines the type of IP protocol (‘ipv4’ or ‘ipv6’) that you are using to validate the IP address.

Write the following program in the controller file such as:

Input_controller.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/get_valid_ip, it shows the output, as shown below.

CodeIgniter Input Class

11. user_agent(): A user_agent() function is used to display all information that relates to the current user’s web browser. And if the information is not available, it returns the NULL value.

Syntax

$xss_clean (bool): It defines whether you want to apply XSS filtering.

For example:

Write the following program in the controller file such as:

Input_controller.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/get_user_agent, it shows the output, as shown below.

CodeIgniter Input Class

12. request_headers(): It is used to return HTTP request headers in an array format.

Syntax

$xss_clean (bool): It defines whether you want to apply XSS filtering.

For example:

Write the following program in the controller file such as:

Input_controller.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/header_request, it shows the output, as shown below.

CodeIgniter Input Class

13. method(): A method() function is used to display the method name either in the upper or lower case.

Syntax

$upper (bool): It takes a Boolean value to determines the method name in upper or lower letters.

For example:

Write the following program in the controller file such as:

Input_controller.php

Now run the program in the localhost by invoking the URL localhost/CodeIgniter-3.1.11/Input_controller/get_method, it shows the output, as shown below.

CodeIgniter Input Class

Pin It on Pinterest

Share This