thinkphp function: I method browse: 144722 Release Date: 2013/06/01 Category: Documentation Tutorial Keywords: functions
The I method of thinkphp is 3.1.3 is new, if you are a previous version of 3.*, you can refer directly to the variables section of the 3.1 Quick Start Tutorial series.
Overview
As you can see, the I method is a new member of the thinkphp many single-letter functions, whose name comes from the English input (input), which is mainly used for more convenient and secure access to the system input variables, which may be used anywhere, in the following format:
I (' variable ' type. Variable name ', [' Default '],[' Filter Method '])
The type of the variable refers to the type of request or input, including:
Variable Type |
meaning |
Get |
Get Get Parameters |
Post |
Get Post Parameters |
Param |
Automatically determine request type get get, post or put parameters |
Request |
Get the request parameter |
Put |
Get put parameters |
Session |
Get $_session parameter |
Cookies |
Get $_cookie parameter |
Server |
Get $_server parameter |
Globals |
Get $GLOBALS parameters |
Note: Variable types are not case-sensitive.
Variable names are strictly case-sensitive.
Both the default and filtering methods are optional parameters.
Usage
We take the get variable type as an example to illustrate the use of the next I method:
- echo I(' get.id '); //equivalent to $_get[' id ']
- echo I(' get.name '); //equivalent to $_get[' name ']
Copy Code
Default values are supported:
- echo I(' get.id ',0); //If $_get[' ID ' is not present) returns 0
- echo I(' get.name ','); //If $_get[' name ' is not present, returns an empty string
Copy Code
Filter by Method:
- echo I(' get.name ',' ', 'htmlspecialchars '); //Use the Htmlspecialchars method to filter the $_get[' name '] and return an empty string if it does not exist
Copy Code
Supports direct access to the entire variable type, for example:
- I(' get. ' ); //Get the entire $_get array
Copy Code
In the same way, we can get the variables of post or other input types, for example:
- I(' post.name ',' ', 'htmlspecialchars '); //Use the Htmlspecialchars method to filter the $_post[' name '] and return an empty string if it does not exist
- I(' session.user_id ',0); //Get $_session[' user_id ') default is 0 if not present
- I(' cookies. ') ); //Get the entire $_cookie array
- I(' server. Request_method '); //Get $_server[' Request_method ']
Copy Code
The Param variable type is a framework-specific method of obtaining a variable that automatically determines the current request type, for example:
- echo I(' param.id ');
Copy Code
If the current request type is get, then it is equivalent to $_get[' ID '), if the current request type is POST or put, then it is equivalent to getting $_post[' id ' or put parameter ID.
And the param type variable can also get the URL parameter in the form of a numeric index (must be valid for the PathInfo mode parameter, either get or post), for example:
The current Access URL address is
- HTTP://servername/index.php/new/2013/06/01
Copy Code
Then we can pass
- echo I(' param.1 '); //Output
- echo I(' param.2 '); //Output
- echo I(' param.3 '); //Output
Copy Code
In fact, the Param variable type can be simplified to:
- I(' id '); //equal to I (' param.id ')
- I(' name '); //equal to I (' Param.name ')
Copy code variable filtering
When using the I method, the variable actually passes through two filters, the first is the global filter, the global filter is configured by the Var_filters parameter, it is important to note that after the 3.1 version, the filtering mechanism of the Var_filters parameter has been changed to adopt Array_walk_ Recursive method recursive filtering, the main requirement for the filtering method is that the reference must be returned, so setting htmlspecialchars here is not valid, you can customize a method, for example:
- function filter_default(&$value) {
- $value = htmlspecialchars($value);
- }
Copy Code
Then configure:
- ' var_filters '= 'filter_default '
Copy Code
If you need to filter multiple times, you can use:
- ' var_filters '= 'filter_default,filter_exp '
Copy Code
The Filter_exp method is a security filtering method built into the framework to prevent injection attacks using the EXP function of the model.
Because the Var_filters parameter is set by the global filtering mechanism, and the use of recursive filtering, has an impact on efficiency, so, we recommend directly to get the variable filter, in addition to the I method of the third parameter to set the filter method, you can also use the configuration Default_ Filter parameter, in fact, the default setting for this parameter is:
- ' Default_filter ' = ' htmlspecialchars '
Copy Code
It is also said that all acquisition variables of the I method are htmlspecialchars filtered, then:
- I(' get.name '); //equivalent to Htmlspecialchars ($_get[' name ')
Copy Code
Similarly, this parameter can support multiple filters, such as:
- ' Default_filter ' = ' strip_tags,htmlspecialchars '
Copy Code
- I(' get.name '); //equivalent to Htmlspecialchars (strip_tags ($_get[' name '))
Copy Code
If we specify a filtering method when using the I method, the Default_filter setting is ignored, for example:
- echo I(' get.name ',' ', 'strip_tags '); //equivalent to Strip_tags ($_get[' name ')
Copy Code
The third parameter of the I method, if passed in the function name, means that the function is called to filter the variable and return (automatically using Array_map for filtering if the variable is an array), otherwise the PHP built-in Filter_var method is called to filter processing, for example:
- I(' Post.email ',',filter_validate_email);
Copy Code
Indicates that $_post[' email ' is formatted and returns an empty string if it does not meet the requirements.
(For more verification formats, refer to the Filter_var usage of the official manual.) )
Or you can use the following characters to identify the way:
- I(' Post.email ',' ', 'email ');
Copy Code
The filter names that can be supported must be valid values in the Filter_list method (different server environments may vary) and may support the following:
- Int
- Boolean
- float
- Validate_regexp
- Validate_url
- Validate_email
- Validate_ip
- string
- Stripped
- Encoded
- Special_chars
- Unsafe_raw
- Email
- wr.
- Number_int
- Number_float
- Magic_quotes
- Callback
Copy Code
In some special cases, we do not want to do any filtering, even if the default_filter has been set, you can use:
- I(' get.name ',',NULL);
Copy Code
Once the filter parameter is set to NULL, any filtering is no longer performed.
Thinkphp-i function