thinkphp i method
ThinkPHP’s I method is new in version 3.1.3, if you are before For the 3.* version, you can directly refer to the variables section of the 3.1 quick start tutorial series.
Overview
As you can see, the I method is a new member of ThinkPHP’s many single-letter functions. Its name comes from the English Input (input), It is mainly used to obtain system input variables more conveniently and safely. It can be used anywhere. The usage format is as follows:
I('变量类型.变量名',['默认值'],['过滤方法'])
The variable type refers to the request method or input type, including:
Note: Variable types are not case-sensitive.
Variable names are strictly case-sensitive.
Default value and filtering method are optional parameters.
Usage
We take the GET variable type as an example to illustrate the use of the I method:
echo I('get.id'); // 相当于 $_GET['id'] echo I('get.name'); // 相当于 $_GET['name']
Supports default value:
echo I('get.id',0); // 如果不存在$_GET['id'] 则返回0 echo I('get.name',''); // 如果不存在$_GET['name'] 则返回空字符串
Use method filtering:
echo I('get.name','','htmlspecialchars'); // 采用htmlspecialchars方法对$_GET['name'] 进行过滤,如果不存在则返回空字符串
Supports directly obtaining the entire variable type, for example:
I('get.'); // 获取整个$_GET 数组
In the same way, we can obtain variables of post or other input types, for example:
I('post.name','','htmlspecialchars'); // 采用htmlspecialchars方法对$_POST['name'] 进行过滤,如果不存在则返回空字符串 I('session.user_id',0); // 获取$_SESSION['user_id'] 如果不存在则默认为0 I('cookie.'); // 获取整个 $_COOKIE 数组 I('server.REQUEST_METHOD'); // 获取 $_SERVER['REQUEST_METHOD']
The param variable type is a framework-specific variable acquisition method that supports automatic determination of the current request type. For example:
echo I('param.id');
If the current request type is GET, then it is equivalent to $_GET['id '], if the current request type is POST or PUT, then it is equivalent to getting $_POST['id'] or PUT parameter id.
And the param type variable can also use numeric index to obtain URL parameters (the PATHINFO mode parameter must be valid, whether it is GET or POST), for example:
The current access URL address is
http://serverName/index.php/New/2013/06/01
Then we can pass
echo I('param.1'); // 输出2013 echo I('param.2'); // 输出06 echo I('param.3'); // 输出01
In fact, the writing method of param variable type can be simplified to:
I('id'); // 等同于 I('param.id') I('name'); // 等同于 I('param.name')
Variable filtering
Using the I method Variables actually go through two filters. The first is global filtering. Global filtering is done by configuring the VAR_FILTERS parameter. It must be noted here that after version 3.1, the filtering mechanism of the VAR_FILTERS parameter has been changed to recursive filtering using the array_walk_recursive method, which is mainly used for filtering. The requirement of the method is that it must be returned by reference, so setting htmlspecialchars here is invalid. You can customize a method, for example:
function filter_default(&$value){ $value = htmlspecialchars($value); }
and then configure:
'VAR_FILTERS'=>'filter_default'
If you need to filter multiple times, you can Use:
'VAR_FILTERS'=>'filter_default,filter_exp'
The filter_exp method is a security filtering method built into the framework, which is used to prevent injection attacks using the EXP function of the model.
Because the VAR_FILTERS parameter sets a global filtering mechanism and uses recursive filtering, which affects efficiency, we recommend directly filtering the variables, except in the third step of the I method. In addition to the parameter setting filtering method, you can also set filtering by configuring the DEFAULT_FILTER parameter. In fact, the default setting of this parameter is:
'DEFAULT_FILTER' => 'htmlspecialchars'
In other words, all acquisition variables of the I method will be filtered by htmlspecialchars, then :
I('get.name'); // 等同于 htmlspecialchars($_GET['name'])
Similarly, this parameter can also support multiple filters, for example:
'DEFAULT_FILTER' => 'strip_tags,htmlspecialchars'
I('get.name'); // 等同于 htmlspecialchars(strip_tags($_GET['name']))
If we specify the filtering method when using the I method, the DEFAULT_FILTER setting will be ignored, for example :
echo I('get.name','','strip_tags'); // 等同于 strip_tags($_GET['name'])
If the third parameter of the I method is passed in the function name, it means calling the function to filter the variable and return it (when the variable is an array, array_map is automatically used for filtering), otherwise it will Call PHP's built-in filter_var method for filtering processing. For example:
I('post.email','',FILTER_VALIDATE_EMAIL);
means that the format of $_POST['email'] will be verified. If it does not meet the requirements, an empty string will be returned.
(For more verification formats, please refer to the official manual for filter_var usage.)
Or you can use the following character identification:
I('post.email','','email');
Supported filter names Must be a valid value in the filter_list method (different server environments may be different). Possible supports include:
int boolean float validate_regexp validate_url validate_email validate_ip string stripped encoded special_chars unsafe_raw email url number_int number_float magic_quotes callback
In some special cases, we do not want to perform any filtering, even if DEFAULT_FILTER has some Setting, you can use:
I('get.name','',NULL);
Once the filtering parameter is set to NULL, it means that no filtering will be performed.
This article comes from the ThinkPHP framework technical article column: http://www.php.cn/phpkj/thinkphp/
The above is the detailed content of thinkphp i method. For more information, please follow other related articles on the PHP Chinese website!