HTTP 请求环境Request Environment

每个HTTP请求(通常有浏览器发出)都包含了如头信息,文件,变量等。基于web的应用程序需要去解析这些请求并返回正确信息。:doc:`Phalcon\Http\Request <../api/Phalcon_Http_Request>`封装了请求的信息,让我们可以以面向对象的方式去访问这些请求。

Every HTTP request (usually originated by a browser) contains additional information regarding the request such as header data, files, variables, etc. A web based application needs to parse that information so as to provide the correct response back to the requester. Phalcon\Http\Request encapsulates the information of the request, allowing you to access it in an object-oriented way.

  1. <?php
  2. use Phalcon\Http\Request;
  3. // Getting a request instance
  4. $request = new Request();
  5. // Check whether the request was made with method POST
  6. if ($request->isPost() == true) {
  7. // Check whether the request was made with Ajax
  8. if ($request->isAjax() == true) {
  9. echo "Request was made using POST and AJAX";
  10. }
  11. }

获取值Getting Values

PHP根据请求类型自动将全局变量填充到$_GET 和 $_POST变量中。这些变量包含了URL请求或者表单请求的参数信息。 这些信息可能会包含恶意的字符或代码从而引起`SQL injection`_ SQL注入或者是`Cross Site Scripting (XSS)`_ 跨站攻击。

PHP automatically fills the superglobal arrays $_GET and $_POST depending on the type of the request. These arrays contain the values present in forms submitted or the parameters sent via the URL. The variables in the arrays are never sanitized and can contain illegal characters or even malicious code, which can lead to SQL injection or Cross Site Scripting (XSS) attacks.

通过:doc:Phalcon\Http\Request <../api/Phalcon_Http_Request>`可以访问储存在$_REQUEST,$_GET 和 $_POST数据中的变量,并使用filter服务(默认是:doc:`Phalcon\Filter <filter>)过滤清理变量,如下所示:

Phalcon\Http\Request allows you to access the values stored in the $_REQUEST, $_GET and $_POST arrays and sanitize or filter them with the ‘filter’ service, (by default Phalcon\Filter). The following examples offer the same behavior:

  1. <?php
  2. use Phalcon\Filter;
  3. // Manually applying the filter
  4. $filter = new Filter();
  5. $email = $filter->sanitize($_POST["user_email"], "email");
  6. // Manually applying the filter to the value
  7. $filter = new Filter();
  8. $email = $filter->sanitize($request->getPost("user_email"), "email");
  9. // Automatically applying the filter
  10. $email = $request->getPost("user_email", "email");
  11. // Setting a default value if the param is null
  12. $email = $request->getPost("user_email", "email", "some@example.com");
  13. // Setting a default value if the param is null without filtering
  14. $email = $request->getPost("user_email", null, "some@example.com");

控制器中访问请求Accessing the Request from Controllers

最常见的是在控制器中访问请求参数。从控制器访问:doc:Phalcon\Http\Request <../api/Phalcon_Http_Request> 对象需要使用控制器的$this->request开放属性:

The most common place to access the request environment is in an action of a controller. To access the Phalcon\Http\Request object from a controller you will need to use the $this->request public property of the controller:

  1. <?php
  2. use Phalcon\Mvc\Controller;
  3. class PostsController extends Controller
  4. {
  5. public function indexAction()
  6. {
  7. }
  8. public function saveAction()
  9. {
  10. // Check if request has made with POST
  11. if ($this->request->isPost() == true) {
  12. // Access POST data
  13. $customerName = $this->request->getPost("name");
  14. $customerBorn = $this->request->getPost("born");
  15. }
  16. }
  17. }

文件上传Uploading Files

另一个常见任务是文件上传。:doc:`Phalcon\Http\Request <../api/Phalcon_Http_Request>`提供了面向对象方式去完成文件上传:

Another common task is file uploading. Phalcon\Http\Request offers an object-oriented way to achieve this task:

  1. <?php
  2. use Phalcon\Mvc\Controller;
  3. class PostsController extends Controller
  4. {
  5. public function uploadAction()
  6. {
  7. // Check if the user has uploaded files
  8. if ($this->request->hasFiles() == true) {
  9. // Print the real file names and sizes
  10. foreach ($this->request->getUploadedFiles() as $file) {
  11. //Print file details
  12. echo $file->getName(), " ", $file->getSize(), "\n";
  13. //Move the file into the application
  14. $file->moveTo('files/' . $file->getName());
  15. }
  16. }
  17. }
  18. }

由Phalcon\Http\Request::getUploadedFiles() 返回的每个对象都是 Phalcon\Http\Request\File 只是封装了请求中的文件的相关信息。

Each object returned by Phalcon\Http\Request::getUploadedFiles() is an instance of the Phalcon\Http\Request\File class. Using the $_FILES superglobal array offers the same behavior. Phalcon\Http\Request\File encapsulates only the information related to each file uploaded with the request.

使用头信息Working with Headers

就像上面说的那样,请求的头信息中包含了必要的信息决定了我们该给用户返回哪些信息。下面代码说明如何使用:

As mentioned above, request headers contain useful information that allow us to send the proper response back to the user. The following examples show usages of that information:

  1. <?php
  2. // get the Http-X-Requested-With header
  3. $requestedWith = $request->getHeader("HTTP_X_REQUESTED_WITH");
  4. if ($requestedWith == "XMLHttpRequest") {
  5. echo "The request was made with Ajax";
  6. }
  7. // Same as above
  8. if ($request->isAjax()) {
  9. echo "The request was made with Ajax";
  10. }
  11. // Check the request layer
  12. if ($request->isSecureRequest() == true) {
  13. echo "The request was made using a secure layer";
  14. }
  15. // Get the servers's ip address. ie. 192.168.0.100
  16. $ipAddress = $request->getServerAddress();
  17. // Get the client's ip address ie. 201.245.53.51
  18. $ipAddress = $request->getClientAddress();
  19. // Get the User Agent (HTTP_USER_AGENT)
  20. $userAgent = $request->getUserAgent();
  21. // Get the best acceptable content by the browser. ie text/xml
  22. $contentType = $request->getAcceptableContent();
  23. // Get the best charset accepted by the browser. ie. utf-8
  24. $charset = $request->getBestCharset();
  25. // Get the best language accepted configured in the browser. ie. en-us
  26. $language = $request->getBestLanguage();