堆栈内存溢出
  简体   繁体   English

PHP- Codeigniter - 返回修剪的所有输入数据

[英]PHP- Codeigniter - return all input data trimmed

 原文  2013-07-07 08:31:57       php/ codeigniter/ trim

问题描述

I would like to trim every input-data (get,post,cookie,session and so on) . 我想修剪每个input-data (get,post,cookie,session and so on)

I was trying building up an hook file but don't know when to make it run, since iwould like to pass all input data already trimmed to the controller, before the controller is executed. 我正在尝试构建一个hook文件,但不知道何时使其运行,因为我想在执行控制器之前将已修剪的所有输入数据传递给控制器​​。

Codeigniter documentantion says: Codeigniter文档说:

pre_system pre_system

Called very early during system execution. 在系统执行期间很早就打电话。 Only the 只有

benchmark and hooks class have been loaded at this point. 此时已加载基准测试和钩子类。 No routing or other processes have happened. 没有发生路由或其他进程。

pre_controller pre_controller

Called immediately 马上打电话

prior to any of your controllers being called. 在调用任何控制器之前。 All base classes, routing, and security checks have been done. 已完成所有基类,路由和安全检查。

post_controller_constructor post_controller_constructor

Called immediately after your controller 在你的控制器后立即调用

is instantiated, but prior to any method calls happening. 实例化,但在任何方法调用发生之前。

post_controller post_controller

Called immediately after your controller is fully 在控制器完全启动后立即调用

executed. 执行。

which of those i have to use? 哪些我必须使用? pre_controller? pre_controller?

1 个解决方案

解决方案1
 4 已采纳  2013-07-07 09:05:30

No, you don't use pre_controller for it. 不,你不使用pre_controller Use pre_system instead. 请改用pre_system

You want to do the modification of the input variables as early as possible otherwise Codeigniters input class will work against you (depends a bit on configuration, but pre_system is the safe way if you don't want to get code executed from within config.php context ). 您希望尽早修改输入变量,否则Codeigniters输入类将对您起作用(取决于配置,但如果您不希望从config.php中执行代码,则pre_system是安全的方法) 上下文 )。

For your recursive trim needs, this should do it: array_walk_recursive(array(&$_SERVER, &$_COOKIE, &$_GET, &$_POST), 'trim'); 对于你的递归修剪需求,这应该这样做: array_walk_recursive(array(&$_SERVER, &$_COOKIE, &$_GET, &$_POST), 'trim'); as those input arrays only contain string values at their leaf-nodes. 因为那些输入数组仅在其叶节点处包含字符串值。 However take care with doing general things, it's often cause of side-effects, like with CI XSS filtering. 但是要注意做一般事情,这通常会导致副作用,例如CI XSS过滤。 Another alternative might be extending the input class if you're looking for a CI specific solution. 如果您正在寻找特定于CI的解决方案,另一种方法可能是扩展输入类。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法使用php-(codeigniter)将数据插入mysql - Cannot INSERT data into mysql using php-(codeigniter) 登录后如何打印用户名等数据[php-codeigniter] - How to print data like username after login[php- codeigniter] PHP-在textarea中显示数据 - PHP- Display data in textarea php-数据未输入数据库 - php- data not entered to database 无法使用php-(codeigniter)从表单将数据插入mysql - Can't INSERT data into mysql from form using php-(codeigniter) PHP curl trimmed 发送的数据 - Data sent with PHP curl trimmed PHP-如何返回具有日期比较的行 - php- how to return row with date comparison PHP的jQuery自动完成与动态输入字段? - PHP- Jquery Autocomplete with dynamic input field? PHP-询问用户输入-计算 - PHP- Asking the User Input- Calculating “PHP exec 返回修剪后的命令。” - "PHP exec return trimmed command."
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM