0 follower

CHttpRequest

Package system.web
Inheritance class CHttpRequest » CApplicationComponent » CComponent
Implements IApplicationComponent
Since 1.0
Version $Id$
Source Code framework/web/CHttpRequest.php
CHttpRequest encapsulates the $_SERVER variable and resolves its inconsistency among different Web servers.

CHttpRequest also manages the cookies sent from and sent to the user. By setting enableCookieValidation to true, cookies sent from the user will be validated to see if they are tampered. The property cookies returns the collection of cookies. For more details, see CCookieCollection.

CHttpRequest is a default application component loaded by CWebApplication. It can be accessed via CWebApplication::getRequest().

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
acceptTypes string user browser accept types CHttpRequest
baseUrl string Returns the relative URL for the application. CHttpRequest
behaviors array the behaviors that should be attached to this component. CApplicationComponent
browser array Returns information about the capabilities of user browser. CHttpRequest
cookies CCookieCollection Returns the cookie collection. CHttpRequest
csrfCookie array the property values (in name-value pairs) used to initialize the CSRF cookie. CHttpRequest
csrfToken string Returns the random token used to perform CSRF validation. CHttpRequest
csrfTokenName string the name of the token used to prevent CSRF. CHttpRequest
enableCookieValidation boolean whether cookies should be validated to ensure they are not tampered. CHttpRequest
enableCsrfValidation boolean whether to enable CSRF (Cross-Site Request Forgery) validation. CHttpRequest
hostInfo string Returns the schema and host part of the application URL. CHttpRequest
isAjaxRequest boolean whether this is an AJAX (XMLHttpRequest) request. CHttpRequest
isInitialized boolean whether this application component has been initialized (i.e., init() is invoked. CApplicationComponent
isPostRequest boolean whether this is POST request. CHttpRequest
isSecureConnection boolean if the request is sent via secure channel (https) CHttpRequest
pathInfo string Returns the path info of the currently requested URL. CHttpRequest
preferredLanguage string the user preferred language. CHttpRequest
queryString string part of the request URL that is after the question mark CHttpRequest
requestType string request type, such as GET, POST, HEAD, PUT, DELETE. CHttpRequest
requestUri string Returns the request URI portion for the currently requested URL. CHttpRequest
scriptFile string entry script file path (processed w/ realpath()) CHttpRequest
scriptUrl string Returns the relative URL of the entry script. CHttpRequest
serverName string server name CHttpRequest
serverPort integer server port number CHttpRequest
url string part of the request URL after the host info. CHttpRequest
urlReferrer string URL referrer, null if not present CHttpRequest
userAgent string user agent CHttpRequest
userHost string user host name, null if cannot be determined CHttpRequest
userHostAddress string user IP address CHttpRequest

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. CComponent
__get() Returns a property value, an event handler list or a behavior based on its name. CComponent
__isset() Checks if a property value is null. CComponent
__set() Sets value of a component property. CComponent
__unset() Sets a component property to be null. CComponent
asa() Returns the named behavior object. CComponent
attachBehavior() Attaches a behavior to this component. CComponent
attachBehaviors() Attaches a list of behaviors to the component. CComponent
attachEventHandler() Attaches an event handler to an event. CComponent
canGetProperty() Determines whether a property can be read. CComponent
canSetProperty() Determines whether a property can be set. CComponent
detachBehavior() Detaches a behavior from the component. CComponent
detachBehaviors() Detaches all behaviors from the component. CComponent
detachEventHandler() Detaches an existing event handler. CComponent
disableBehavior() Disables an attached behavior. CComponent
disableBehaviors() Disables all behaviors attached to this component. CComponent
enableBehavior() Enables an attached behavior. CComponent
enableBehaviors() Enables all behaviors attached to this component. CComponent
getAcceptTypes() Returns user browser accept types CHttpRequest
getBaseUrl() Returns the relative URL for the application. CHttpRequest
getBrowser() Returns information about the capabilities of user browser. CHttpRequest
getCookies() Returns the cookie collection. CHttpRequest
getCsrfToken() Returns the random token used to perform CSRF validation. CHttpRequest
getEventHandlers() Returns the list of attached event handlers for an event. CComponent
getHostInfo() Returns the schema and host part of the application URL. CHttpRequest
getIsAjaxRequest() Checks whether this is an AJAX (XMLHttpRequest) request. CHttpRequest
getIsInitialized() Checks whether this application component has been initialized (i.e., init() is invoked.) CApplicationComponent
getIsPostRequest() Checks whether this is POST request. CHttpRequest
getIsSecureConnection() Checks if the request is sent via secure channel (https) CHttpRequest
getParam() Returns the named GET or POST parameter value. CHttpRequest
getPathInfo() Returns the path info of the currently requested URL. CHttpRequest
getPost() Returns the named POST parameter value. CHttpRequest
getPreferredLanguage() Returns the user preferred language. The returned language ID will be canonicalized using CLocale::getCanonicalID. This method returns false if the user does not have language preference. CHttpRequest
getQuery() Returns the named GET parameter value. CHttpRequest
getQueryString() Returns part of the request URL that is after the question mark CHttpRequest
getRequestType() Returns request type, such as GET, POST, HEAD, PUT, DELETE. CHttpRequest
getRequestUri() Returns the request URI portion for the currently requested URL. CHttpRequest
getScriptFile() Returns entry script file path (processed w/ realpath()) CHttpRequest
getScriptUrl() Returns the relative URL of the entry script. CHttpRequest
getServerName() Returns server name CHttpRequest
getServerPort() Returns server port number CHttpRequest
getUrl() Returns part of the request URL after the host info. It consists of the following parts: CHttpRequest
getUrlReferrer() Returns URL referrer, null if not present CHttpRequest
getUserAgent() Returns user agent CHttpRequest
getUserHost() Returns user host name, null if cannot be determined CHttpRequest
getUserHostAddress() Returns user IP address CHttpRequest
hasEvent() Determines whether an event is defined. CComponent
hasEventHandler() Checks whether the named event has attached handlers. CComponent
hasProperty() Determines whether a property is defined. CComponent
init() Initializes the application component. CHttpRequest
raiseEvent() Raises an event. CComponent
redirect() Redirects the browser to the specified URL. CHttpRequest
sendFile() Sends a file to user. CHttpRequest
setBaseUrl() Sets the relative URL for the application. CHttpRequest
setHostInfo() Sets the schema and host part of the application URL. CHttpRequest
setScriptUrl() Sets the relative URL for the application entry script. CHttpRequest
stripSlashes() Strips slashes from input data. CHttpRequest
validateCsrfToken() Performs the CSRF validation. CHttpRequest

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
createCsrfCookie() Creates a cookie with a randomly generated CSRF token. CHttpRequest
normalizeRequest() Normalizes the request data. CHttpRequest

Property Details

acceptTypes property read-only
public string getAcceptTypes()

user browser accept types

baseUrl property
public string getBaseUrl(boolean $absolute=false)
public void setBaseUrl(string $value)

Returns the relative URL for the application. This is similar to scriptUrl except that it does not have the script file name, and the ending slashes are stripped off.

See Also

browser property read-only
public array getBrowser(string $userAgent=NULL)

Returns information about the capabilities of user browser.

cookies property read-only

Returns the cookie collection. The result can be used like an associative array. Adding CHttpCookie objects to the collection will send the cookies to the client; and removing the objects from the collection will delete those cookies on the client.

csrfCookie property
public array $csrfCookie;

the property values (in name-value pairs) used to initialize the CSRF cookie. Any property of CHttpCookie may be initialized. This property is effective only when enableCsrfValidation is true.

csrfToken property read-only
public string getCsrfToken()

Returns the random token used to perform CSRF validation. The token will be read from cookie first. If not found, a new token will be generated.

csrfTokenName property
public string $csrfTokenName;

the name of the token used to prevent CSRF. Defaults to 'YII_CSRF_TOKEN'. This property is effectively only when enableCsrfValidation is true.

enableCookieValidation property
public boolean $enableCookieValidation;

whether cookies should be validated to ensure they are not tampered. Defaults to false.

enableCsrfValidation property
public boolean $enableCsrfValidation;

whether to enable CSRF (Cross-Site Request Forgery) validation. Defaults to false. By setting this property to true, forms submitted to an Yii Web application must be originated from the same application. If not, a 400 HTTP exception will be raised. Note, this feature requires that the user client accepts cookie. You also need to use CHtml::form or CHtml::statefulForm to generate the needed HTML forms in your pages.

hostInfo property
public string getHostInfo(string $schema='')
public void setHostInfo(string $value)

Returns the schema and host part of the application URL. The returned URL does not have an ending slash. By default this is determined based on the user request information. You may explicitly specify it by setting the hostInfo property.

See Also

isAjaxRequest property read-only
public boolean getIsAjaxRequest()

whether this is an AJAX (XMLHttpRequest) request.

isPostRequest property read-only
public boolean getIsPostRequest()

whether this is POST request.

isSecureConnection property read-only
public boolean getIsSecureConnection()

if the request is sent via secure channel (https)

pathInfo property read-only
public string getPathInfo()

Returns the path info of the currently requested URL. This refers to the part that is after the entry script and before the question mark. The starting and ending slashes are stripped off.

preferredLanguage property read-only
public string getPreferredLanguage()

the user preferred language. The returned language ID will be canonicalized using CLocale::getCanonicalID. This method returns false if the user does not have language preference.

queryString property read-only
public string getQueryString()

part of the request URL that is after the question mark

requestType property read-only
public string getRequestType()

request type, such as GET, POST, HEAD, PUT, DELETE.

requestUri property read-only (available since v1.0.1)
public string getRequestUri()

Returns the request URI portion for the currently requested URL. This refers to the portion that is after the host info part. It includes the query string part if any. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.

scriptFile property read-only
public string getScriptFile()

entry script file path (processed w/ realpath())

scriptUrl property
public string getScriptUrl()
public void setScriptUrl(string $value)

Returns the relative URL of the entry script. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.

serverName property read-only
public string getServerName()

server name

serverPort property read-only
public integer getServerPort()

server port number

url property read-only
public string getUrl()

part of the request URL after the host info. It consists of the following parts:

urlReferrer property read-only
public string getUrlReferrer()

URL referrer, null if not present

userAgent property read-only
public string getUserAgent()

user agent

userHost property read-only
public string getUserHost()

user host name, null if cannot be determined

userHostAddress property read-only
public string getUserHostAddress()

user IP address

Method Details

createCsrfCookie() method
protected CHttpCookie createCsrfCookie()
{return} CHttpCookie the generated cookie
Source Code: framework/web/CHttpRequest.php#594 (show)
protected function createCsrfCookie()
{
    
$cookie=new CHttpCookie($this->csrfTokenName,sha1(uniqid(rand(),true)));
    if(
is_array($this->csrfCookie))
    {
        foreach(
$this->csrfCookie as $name=>$value)
            
$cookie->$name=$value;
    }
    return 
$cookie;
}

Creates a cookie with a randomly generated CSRF token. Initial values specified in csrfCookie will be applied to the generated cookie.

getAcceptTypes() method
public string getAcceptTypes()
{return} string user browser accept types
Source Code: framework/web/CHttpRequest.php#477 (show)
public function getAcceptTypes()
{
    return 
$_SERVER['HTTP_ACCEPT'];
}

getBaseUrl() method
public string getBaseUrl(boolean $absolute=false)
$absolute boolean whether to return an absolute URL. Defaults to false, meaning returning a relative one. This parameter has been available since 1.0.2.
{return} string the relative URL for the application
Source Code: framework/web/CHttpRequest.php#243 (show)
public function getBaseUrl($absolute=false)
{
    if(
$this->_baseUrl===null)
        
$this->_baseUrl=rtrim(dirname($this->getScriptUrl()),'\\/');
    return 
$absolute $this->getHostInfo() . $this->_baseUrl $this->_baseUrl;
}

Returns the relative URL for the application. This is similar to scriptUrl except that it does not have the script file name, and the ending slashes are stripped off.

See Also

getBrowser() method
public array getBrowser(string $userAgent=NULL)
$userAgent string the user agent to be analyzed. Defaults to null, meaning using the current User-Agent HTTP header information.
{return} array user browser capabilities.
Source Code: framework/web/CHttpRequest.php#469 (show)
public function getBrowser($userAgent=null)
{
    return 
get_browser($userAgent,true);
}

Returns information about the capabilities of user browser.

getCookies() method
public CCookieCollection getCookies()
{return} CCookieCollection the cookie collection.
Source Code: framework/web/CHttpRequest.php#489 (show)
public function getCookies()
{
    if(
$this->_cookies!==null)
        return 
$this->_cookies;
    else
        return 
$this->_cookies=new CCookieCollection($this);
}

Returns the cookie collection. The result can be used like an associative array. Adding CHttpCookie objects to the collection will send the cookies to the client; and removing the objects from the collection will delete those cookies on the client.

getCsrfToken() method
public string getCsrfToken()
{return} string the random token for CSRF validation.
Source Code: framework/web/CHttpRequest.php#571 (show)
public function getCsrfToken()
{
    if(
$this->_csrfToken===null)
    {
        
$cookie=$this->getCookies()->itemAt($this->csrfTokenName);
        if(!
$cookie || ($this->_csrfToken=$cookie->value)==null)
        {
            
$cookie=$this->createCsrfCookie();
            
$this->_csrfToken=$cookie->value;
            
$this->getCookies()->add($cookie->name,$cookie);
        }
    }

    return 
$this->_csrfToken;
}

Returns the random token used to perform CSRF validation. The token will be read from cookie first. If not found, a new token will be generated.

getHostInfo() method
public string getHostInfo(string $schema='')
$schema string schema to use (e.g. http, https). If empty, the schema used for the current request will be used.
{return} string schema and hostname part (with port number if needed) of the request URL (e.g. http://www.yiiframework.com)
Source Code: framework/web/CHttpRequest.php#199 (show)
public function getHostInfo($schema='')
{
    if(
$this->_hostInfo===null)
    {
        if(
$secure=$this->getIsSecureConnection())
            
$http='https';
        else
            
$http='http';
        if(isset(
$_SERVER['HTTP_HOST']))
            
$this->_hostInfo=$http.'://'.$_SERVER['HTTP_HOST'];
        else
        {
            
$this->_hostInfo=$http.'://'.$_SERVER['SERVER_NAME'];
            
$port=$_SERVER['SERVER_PORT'];
            if((
$port!=80 && !$secure) || ($port!=443 && $secure))
                
$this->_hostInfo.=':'.$port;
        }
    }
    if(
$schema!=='' && ($pos=strpos($this->_hostInfo,':'))!==false)
        return 
$schema.substr($this->_hostInfo,$pos);
    else
        return 
$this->_hostInfo;
}

Returns the schema and host part of the application URL. The returned URL does not have an ending slash. By default this is determined based on the user request information. You may explicitly specify it by setting the hostInfo property.

See Also

getIsAjaxRequest() method
public boolean getIsAjaxRequest()
{return} boolean whether this is an AJAX (XMLHttpRequest) request.
Source Code: framework/web/CHttpRequest.php#398 (show)
public function getIsAjaxRequest()
{
    return isset(
$_SERVER['HTTP_X_REQUESTED_WITH'])?$_SERVER['HTTP_X_REQUESTED_WITH']==='XMLHttpRequest' false;
}

getIsPostRequest() method
public boolean getIsPostRequest()
{return} boolean whether this is POST request.
Source Code: framework/web/CHttpRequest.php#390 (show)
public function getIsPostRequest()
{
    return !
strcasecmp($_SERVER['REQUEST_METHOD'],'POST');
}

getIsSecureConnection() method
public boolean getIsSecureConnection()
{return} boolean if the request is sent via secure channel (https)
Source Code: framework/web/CHttpRequest.php#374 (show)
public function getIsSecureConnection()
{
    return isset(
$_SERVER['HTTPS']) && !strcasecmp($_SERVER['HTTPS'],'on');
}

getParam() method (available since v1.0.4)
public mixed getParam(string $name, mixed $defaultValue=NULL)
$name string the GET parameter name
$defaultValue mixed the default parameter value if the GET parameter does not exist.
{return} mixed the GET parameter value
Source Code: framework/web/CHttpRequest.php#126 (show)
public function getParam($name,$defaultValue=null)
{
    return isset(
$_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $defaultValue);
}

Returns the named GET or POST parameter value. If the GET or POST parameter does not exist, the second parameter to this method will be returned. If both GET and POST contains such a named parameter, the GET parameter takes precedence.

See Also

getPathInfo() method
public string getPathInfo()
{return} string part of the request URL that is after the entry script and before the question mark.
Source Code: framework/web/CHttpRequest.php#305 (show)
public function getPathInfo()
{
    if(
$this->_pathInfo===null)
    {
        
$requestUri=$this->getRequestUri();
        
$scriptUrl=$this->getScriptUrl();
        
$baseUrl=$this->getBaseUrl();
        if(
strpos($requestUri,$scriptUrl)===0)
            
$pathInfo=substr($requestUri,strlen($scriptUrl));
        else if(
$baseUrl==='' || strpos($requestUri,$baseUrl)===0)
            
$pathInfo=substr($requestUri,strlen($baseUrl));
        else if(
strpos($_SERVER['PHP_SELF'],$scriptUrl)===0)
            
$pathInfo=substr($_SERVER['PHP_SELF'],strlen($scriptUrl));
        else
            throw new 
CException(Yii::t('yii','CHttpRequest is unable to determine the path info of the request.'));

        if((
$pos=strpos($pathInfo,'?'))!==false)
            
$pathInfo=substr($pathInfo,0,$pos);

        
$this->_pathInfo=trim($pathInfo,'/');
    }
    return 
$this->_pathInfo;
}

Returns the path info of the currently requested URL. This refers to the part that is after the entry script and before the question mark. The starting and ending slashes are stripped off.

getPost() method (available since v1.0.4)
public mixed getPost(string $name, mixed $defaultValue=NULL)
$name string the POST parameter name
$defaultValue mixed the default parameter value if the POST parameter does not exist.
{return} mixed the POST parameter value
Source Code: framework/web/CHttpRequest.php#156 (show)
public function getPost($name,$defaultValue=null)
{
    return isset(
$_POST[$name]) ? $_POST[$name] : $defaultValue;
}

Returns the named POST parameter value. If the POST parameter does not exist, the second parameter to this method will be returned.

See Also

getPreferredLanguage() method
public string getPreferredLanguage()
{return} string the user preferred language. The returned language ID will be canonicalized using CLocale::getCanonicalID. This method returns false if the user does not have language preference.
Source Code: framework/web/CHttpRequest.php#519 (show)
public function getPreferredLanguage()
{
    if(
$this->_preferredLanguage===null)
    {
        if(isset(
$_SERVER['HTTP_ACCEPT_LANGUAGE']) && ($n=preg_match_all('/([\w\-_]+)\s*(;\s*q\s*=\s*(\d*\.\d*))?/',$_SERVER['HTTP_ACCEPT_LANGUAGE'],$matches))>0)
        {
            
$languages=array();
            for(
$i=0;$i<$n;++$i)
                
$languages[$matches[1][$i]]=empty($matches[3][$i]) ? 1.0 floatval($matches[3][$i]);
            
arsort($languages);
            foreach(
$languages as $language=>$pref)
                return 
$this->_preferredLanguage=CLocale::getCanonicalID($language);
        }
        return 
$this->_preferredLanguage=false;
    }
    return 
$this->_preferredLanguage;
}

getQuery() method (available since v1.0.4)
public mixed getQuery(string $name, mixed $defaultValue=NULL)
$name string the GET parameter name
$defaultValue mixed the default parameter value if the GET parameter does not exist.
{return} mixed the GET parameter value
Source Code: framework/web/CHttpRequest.php#141 (show)
public function getQuery($name,$defaultValue=null)
{
    return isset(
$_GET[$name]) ? $_GET[$name] : $defaultValue;
}

Returns the named GET parameter value. If the GET parameter does not exist, the second parameter to this method will be returned.

See Also

getQueryString() method
public string getQueryString()
{return} string part of the request URL that is after the question mark
Source Code: framework/web/CHttpRequest.php#366 (show)
public function getQueryString()
{
    return isset(
$_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'';
}

getRequestType() method
public string getRequestType()
{return} string request type, such as GET, POST, HEAD, PUT, DELETE.
Source Code: framework/web/CHttpRequest.php#382 (show)
public function getRequestType()
{
    return 
strtoupper(isset($_SERVER['REQUEST_METHOD'])?$_SERVER['REQUEST_METHOD']:'GET');
}

getRequestUri() method (available since v1.0.1)
public string getRequestUri()
{return} string the request URI portion for the currently requested URL.
Source Code: framework/web/CHttpRequest.php#338 (show)
public function getRequestUri()
{
    if(
$this->_requestUri===null)
    {
        if(isset(
$_SERVER['HTTP_X_REWRITE_URL'])) // IIS
            
$this->_requestUri=$_SERVER['HTTP_X_REWRITE_URL'];
        else if(isset(
$_SERVER['REQUEST_URI']))
        {
            
$this->_requestUri=$_SERVER['REQUEST_URI'];
            if(
strpos($this->_requestUri,$_SERVER['HTTP_HOST'])!==false)
                
$this->_requestUri=preg_replace('/^\w+:\/\/[^\/]+/','',$this->_requestUri);
        }
        else if(isset(
$_SERVER['ORIG_PATH_INFO']))  // IIS 5.0 CGI
        
{
            
$this->_requestUri=$_SERVER['ORIG_PATH_INFO'];
            if(!empty(
$_SERVER['QUERY_STRING']))
                
$this->_requestUri.='?'.$_SERVER['QUERY_STRING'];
        }
        else
            throw new 
CException(Yii::t('yii','CHttpRequest is unable to determine the request URI.'));
    }

    return 
$this->_requestUri;
}

Returns the request URI portion for the currently requested URL. This refers to the portion that is after the host info part. It includes the query string part if any. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.

getScriptFile() method
public string getScriptFile()
{return} string entry script file path (processed w/ realpath())
Source Code: framework/web/CHttpRequest.php#454 (show)
public function getScriptFile()
{
    if(
$this->_scriptFile!==null)
        return 
$this->_scriptFile;
    else
        return 
$this->_scriptFile=realpath($_SERVER['SCRIPT_FILENAME']);
}

getScriptUrl() method
public string getScriptUrl()
{return} string the relative URL of the entry script.
Source Code: framework/web/CHttpRequest.php#266 (show)
public function getScriptUrl()
{
    if(
$this->_scriptUrl===null)
    {
        
$scriptName=basename($_SERVER['SCRIPT_FILENAME']);
        if(
basename($_SERVER['SCRIPT_NAME'])===$scriptName)
            
$this->_scriptUrl=$_SERVER['SCRIPT_NAME'];
        else if(
basename($_SERVER['PHP_SELF'])===$scriptName)
            
$this->_scriptUrl=$_SERVER['PHP_SELF'];
        else if(isset(
$_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME'])===$scriptName)
            
$this->_scriptUrl=$_SERVER['ORIG_SCRIPT_NAME'];
        else if((
$pos=strpos($_SERVER['PHP_SELF'],'/'.$scriptName))!==false)
            
$this->_scriptUrl=substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$scriptName;
        else if(isset(
$_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT'])===0)
            
$this->_scriptUrl=str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
        else
            throw new 
CException(Yii::t('yii','CHttpRequest is unable to determine the entry script URL.'));
    }
    return 
$this->_scriptUrl;
}

Returns the relative URL of the entry script. The implementation of this method referenced Zend_Controller_Request_Http in Zend Framework.

getServerName() method
public string getServerName()
{return} string server name
Source Code: framework/web/CHttpRequest.php#406 (show)
public function getServerName()
{
    return 
$_SERVER['SERVER_NAME'];
}

getServerPort() method
public integer getServerPort()
{return} integer server port number
Source Code: framework/web/CHttpRequest.php#414 (show)
public function getServerPort()
{
    return 
$_SERVER['SERVER_PORT'];
}

getUrl() method
public string getUrl()
{return} string part of the request URL after the host info. It consists of the following parts:
Source Code: framework/web/CHttpRequest.php#170 (show)
public function getUrl()
{
    if(
$this->_url!==null)
        return 
$this->_url;
    else
    {
        if(isset(
$_SERVER['REQUEST_URI']))
            
$this->_url=$_SERVER['REQUEST_URI'];
        else
        {
            
$this->_url=$this->getScriptUrl();
            if((
$pathInfo=$this->getPathInfo())!=='')
                
$this->_url.='/'.$pathInfo;
            if((
$queryString=$this->getQueryString())!=='')
                
$this->_url.='?'.$queryString;
        }
        return 
$this->_url;
    }
}

getUrlReferrer() method
public string getUrlReferrer()
{return} string URL referrer, null if not present
Source Code: framework/web/CHttpRequest.php#422 (show)
public function getUrlReferrer()
{
    return isset(
$_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:null;
}

getUserAgent() method
public string getUserAgent()
{return} string user agent
Source Code: framework/web/CHttpRequest.php#430 (show)
public function getUserAgent()
{
    return 
$_SERVER['HTTP_USER_AGENT'];
}

getUserHost() method
public string getUserHost()
{return} string user host name, null if cannot be determined
Source Code: framework/web/CHttpRequest.php#446 (show)
public function getUserHost()
{
    return isset(
$_SERVER['REMOTE_HOST'])?$_SERVER['REMOTE_HOST']:null;
}

getUserHostAddress() method
public string getUserHostAddress()
{return} string user IP address
Source Code: framework/web/CHttpRequest.php#438 (show)
public function getUserHostAddress()
{
    return isset(
$_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'127.0.0.1';
}

init() method
public void init()
Source Code: framework/web/CHttpRequest.php#73 (show)
public function init()
{
    
parent::init();
    
$this->normalizeRequest();
}

Initializes the application component. This method overrides the parent implementation by preprocessing the user request data.

normalizeRequest() method
protected void normalizeRequest()
Source Code: framework/web/CHttpRequest.php#84 (show)
protected function normalizeRequest()
{
    
// normalize request
    
if(get_magic_quotes_gpc())
    {
        if(isset(
$_GET))
            
$_GET=$this->stripSlashes($_GET);
        if(isset(
$_POST))
            
$_POST=$this->stripSlashes($_POST);
        if(isset(
$_REQUEST))
            
$_REQUEST=$this->stripSlashes($_REQUEST);
        if(isset(
$_COOKIE))
            
$_COOKIE=$this->stripSlashes($_COOKIE);
    }

    if(
$this->enableCsrfValidation)
        
Yii::app()->attachEventHandler('onBeginRequest',array($this,'validateCsrfToken'));
}

Normalizes the request data. This method strips off slashes in request data if get_magic_quotes_gpc() returns true. It also performs CSRF validation if enableCsrfValidation is true.

redirect() method
public void redirect(string $url, boolean $terminate=true, integer $statusCode=302)
$url string URL to be redirected to. If the URL is a relative one, the base URL of the application will be inserted at the beginning.
$terminate boolean whether to terminate the current application
$statusCode integer the HTTP status code. Defaults to 302. See http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html for details about HTTP status code. This parameter has been available since version 1.0.4.
Source Code: framework/web/CHttpRequest.php#505 (show)
public function redirect($url,$terminate=true,$statusCode=302)
{
    if(
strpos($url,'/')===0)
        
$url=$this->getHostInfo().$url;
    
header('Location: '.$urltrue$statusCode);
    if(
$terminate)
        
Yii::app()->end();
}

Redirects the browser to the specified URL.

sendFile() method
public void sendFile(string $fileName, string $content, string $mimeType=NULL, boolean $terminate=true)
$fileName string file name
$content string content to be set.
$mimeType string mime type of the content. If null, it will be guessed automatically based on the given file name.
$terminate boolean whether to terminate the current application after calling this method
Source Code: framework/web/CHttpRequest.php#544 (show)
public function sendFile($fileName,$content,$mimeType=null,$terminate=true)
{
    if(
$mimeType===null)
    {
        if((
$mimeType=CFileHelper::getMimeTypeByExtension($fileName))===null)
            
$mimeType='text/plain';
    }
    
header('Pragma: public');
    
header('Expires: 0');
    
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    
header("Content-type: $mimeType");
    if(
ini_get("output_handler")=='')
        
header('Content-Length: '.strlen($content));
    
header("Content-Disposition: attachment; filename=\"$fileName\"");
    
header('Content-Transfer-Encoding: binary');
    echo 
$content;
    if(
$terminate)
        
Yii::app()->end();
}

Sends a file to user.

setBaseUrl() method
public void setBaseUrl(string $value)
$value string the relative URL for the application
Source Code: framework/web/CHttpRequest.php#256 (show)
public function setBaseUrl($value)
{
    
$this->_baseUrl=$value;
}

Sets the relative URL for the application. By default the URL is determined based on the entry script URL. This setter is provided in case you want to change this behavior.

setHostInfo() method
public void setHostInfo(string $value)
$value string the schema and host part of the application URL.
Source Code: framework/web/CHttpRequest.php#229 (show)
public function setHostInfo($value)
{
    
$this->_hostInfo=rtrim($value,'/');
}

Sets the schema and host part of the application URL. This setter is provided in case the schema and hostname cannot be determined on certain Web servers.

setScriptUrl() method
public void setScriptUrl(string $value)
$value string the relative URL for the application entry script.
Source Code: framework/web/CHttpRequest.php#293 (show)
public function setScriptUrl($value)
{
    
$this->_scriptUrl='/'.trim($value,'/');
}

Sets the relative URL for the application entry script. This setter is provided in case the entry script URL cannot be determined on certain Web servers.

stripSlashes() method
public mixed stripSlashes(mixed &$data)
$data mixed input data to be processed
{return} mixed processed data
Source Code: framework/web/CHttpRequest.php#110 (show)
public function stripSlashes(&$data)
{
    return 
is_array($data)?array_map(array($this,'stripSlashes'),$data):stripslashes($data);
}

Strips slashes from input data. This method is applied when magic quotes is enabled.

validateCsrfToken() method (available since v1.0.4)
public void validateCsrfToken(CEvent $event)
$event CEvent event parameter
Source Code: framework/web/CHttpRequest.php#614 (show)
public function validateCsrfToken($event)
{
    if(
$this->getIsPostRequest())
    {
        
// only validate POST requests
        
$cookies=$this->getCookies();
        if(
$cookies->contains($this->csrfTokenName) && isset($_POST[$this->csrfTokenName]))
        {
            
$tokenFromCookie=$cookies->itemAt($this->csrfTokenName)->value;
            
$tokenFromPost=$_POST[$this->csrfTokenName];
            
$valid=$tokenFromCookie===$tokenFromPost;
        }
        else
            
$valid=false;
        if(!
$valid)
            throw new 
CHttpException(400,Yii::t('yii','The CSRF token could not be verified.'));
    }
}

Performs the CSRF validation. This is the event handler responding to CApplication::onBeginRequest. The default implementation will compare the CSRF token obtained from a cookie and from a POST field. If they are different, a CSRF attack is detected.