Home > Backend Development > PHP Tutorial > Usage analysis of ThinkPHP's I method

Usage analysis of ThinkPHP's I method

不言
Release: 2023-03-31 06:52:01
Original
1253 people have browsed it

ThinkPHP's I method is a new member among many single-letter functions. It is mainly used to obtain system input variables more conveniently and safely, and can be used anywhere. This article mainly introduces the I method of ThinkPHP. Friends who need it can refer to it

The I method of ThinkPHP is a new member of many single-letter functions. Its name comes from the English Input (input) and is mainly used for It is more convenient and safe to obtain system input variables and can be used anywhere. The usage format is as follows:
I('Variable type.Variable name',['Default value'],['Filter method'])
The variable type refers to the request method or input type.

The meaning of each variable type is as follows:

Variable type Meaning
get Get GET parameters
post Get POST parameters
param Automatically determine the request type to get GET, POST or PUT parameters
request Get the REQUEST parameters
put Get the PUT parameters
session Get $_SESSION parameters
cookie Get $_COOKIE parameter
server Get $_SERVER parameter
globals Get $GLOBALS parameters


Note: Variable types are not case-sensitive.
Variable names are strictly case-sensitive.
Default value and filtering method are optional parameters.

1. Usage:

Let’s take the GET variable type as an example to explain the use of the I method:

echo I('get.id'); // 相当于 $_GET['id']
echo I('get.name'); // 相当于 $_GET['name']
Copy after login

Support default value:

echo I('get.id',0); // 如果不存在$_GET['id'] 则返回0
echo I('get.name',''); // 如果不存在$_GET['name'] 则返回空字符串
Copy after login

Filter by method:

echo I('get.name','','htmlspecialchars'); // 采用htmlspecialchars方法对$_GET['name'] 进行过滤,如果不存在则返回空字符串
Copy after login

Supports directly obtaining the entire variable type, for example:

I('get.'); // 获取整个$_GET 数组
Copy after login

In the same way, We can get variables of post or other input types, for example:

I('post.name','','htmlspecialchars'); // 采用htmlspecialchars方法对$_POST['name'] 进行过滤,如果不存在则返回空字符串
I('session.user_id',0); // 获取$_SESSION['user_id'] 如果不存在则默认为0
I('cookie.'); // 获取整个 $_COOKIE 数组
I('server.REQUEST_METHOD'); // 获取 $_SERVER['REQUEST_METHOD']
Copy after login

The param variable type is a framework-specific variable that supports automatic determination of the current request type. Obtaining method, for example:

echo I('param.id');
Copy after login

If the current request type is GET, then it is equivalent to $_GET['id'], if the current request type is If it is POST or PUT, then it is equivalent to getting $_POST['id'] or PUT parameter id.
And param type variables can also use numeric index to obtain URL parameters (the PATHINFO mode parameter must be valid, whether it is GET or POST), for example:
The current access URL address is
http: //serverName/index.php/New/2013/06/01

Then we can pass

echo I('param.1'); // 输出2013
echo I('param.2'); // 输出06
echo I('param.3'); // 输出01
Copy after login

In fact, The writing method of param variable type can be simplified as:

I('id'); // 等同于 I('param.id')
I('name'); // 等同于 I('param.name')
Copy after login

##2. Variable filtering

Use the I method The variables actually go through two filters. The first is global filtering. Global filtering is done by configuring the VAR_FILTERS parameter. It must be noted here that after version 3.1, the filtering mechanism of the VAR_FILTERS parameter has been changed to recursive filtering using the array_walk_recursive method. Mainly for The requirement of the filtering method is that it must be returned by reference, so setting htmlspecialchars here is invalid. You can customize a method, for example:


function filter_default(&$value){
 $value = htmlspecialchars($value);
 }
Copy after login

and then configure :


'VAR_FILTERS'=>'filter_default'
Copy after login

If you need to filter multiple times, you can use:


'VAR_FILTERS'=>'filter_default,filter_exp'
Copy after login

The filter_exp method is a security filtering method built into the framework, which is used to prevent injection attacks using the EXP function of the model.

Because the VAR_FILTERS parameter sets a global filtering mechanism and uses recursive filtering, which affects efficiency, we recommend directly filtering the variables, except in the third step of the I method. In addition to the parameter setting filtering method, you can also set filtering by configuring the DEFAULT_FILTER parameter. In fact, the default setting of this parameter is:


'DEFAULT_FILTER'  => 'htmlspecialchars'
Copy after login

Also That is to say, all acquisition variables of the I method will be filtered by htmlspecialchars, then:


I('get.name'); // 等同于 htmlspecialchars($_GET['name'])
Copy after login

Similarly, this parameter can also support multiple filters, for example :


'DEFAULT_FILTER'  => 'strip_tags,htmlspecialchars'
Copy after login

I('get.name'); // 等同于 htmlspecialchars(strip_tags($_GET['name']))
Copy after login

If we specify the filtering method when using the I method, then The setting of DEFAULT_FILTER will be ignored, for example:


echo I('get.name','','strip_tags'); // 等同于 strip_tags($_GET['name'])
Copy after login

If the third parameter of the I method is passed in the function name, it means that the function is called The variable is filtered and returned (if the variable is an array, array_map is automatically used for filtering), otherwise PHP's built-in filter_var method is called for filtering, for example:


I('post.email','',FILTER_VALIDATE_EMAIL);
Copy after login

means that the format of $_POST['email'] will be verified. If it does not meet the requirements, an empty string will be returned.

(For more verification formats, please refer to the official manual for filter_var usage.)
Or you can use the following character identification:

I('post.email','','email');
Copy after login

The supported filter names must be valid values ​​in the filter_list method (different server environments may be different). Possible supported filter names include:


int
 boolean
 float
validate_regexp
validate_url
validate_email
validate_ip
 string
stripped
encoded
special_chars
unsafe_raw
email
url
number_int
number_float
magic_quotes
callback
Copy after login

In some special cases, we do not want to perform any filtering, even if DEFAULT_FILTER has been set, you can use:


I('get.name','',NULL);
Copy after login

Once the filtering parameter is set to NULL, it means that no filtering will be performed.

The above is the entire content of this article. I hope it will be helpful to everyone's study. For more related content, please pay attention to the PHP Chinese website!

Related recommendations:

Usage of distinct in Thinkphp

##

The above is the detailed content of Usage analysis of ThinkPHP's I method. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template