请求环境

最后更新于:2018-09-13 20:46:10

每个 HTTP 请求(通常由浏览器发起),包含了请求参数、HTTP 头信息(包括Cookies)、文件等。Web 应用程序需要解析这些信息,并根据这些信息返回正确的响应给请求者。 请求对象 Phalcon\Http\Request 封装了这些信息,你可以以面向对象的方式访问它。

<?php

use Phalcon\Http\Request;

// 获取phalcon封装的请求类
$request = new Request();

// 检查请求方法是否是POST
if ($request->isPost()) {
    // 检查是否是ajax请求
    if ($request->isAjax()) {
        echo "Request was made using POST and AJAX";
    }
}

获取值(Getting Values)

默认情况下,PHP的请求参数会被封装在 $_GET and $_POST 全局变量,但是这些数据并没有经过过滤,所以有很大的安全风险,可能有 数据库注入 或者
跨站攻击 (XSS) 的危险.

Phalcon\Http\Request 允许您获得 $_REQUEST
$_GET$_POST 变量中的数据,并允许您使用过滤器数据,这会极大提升安全性 (by default
Phalcon\Filter). 下面是简单的例子:

<?php

use Phalcon\Filter;

$filter = new Filter();

// 使用email过滤器
$email = $filter->sanitize($_POST["user_email"], "email");

// Manually applying the filter to the value
$email = $filter->sanitize($request->getPost("user_email"), "email");

// Automatically applying the filter
$email = $request->getPost("user_email", "email");

// Setting a default value if the param is null
$email = $request->getPost("user_email", "email", "some@example.com");

// Setting a default value if the param is null without filtering
$email = $request->getPost("user_email", null, "some@example.com");

控制器中访问请求(Accessing the Request from Controllers)

默认情况下Phalcon\Http\Request 已经被注册为服务,可以直接在控制器内通过 $this->request 访问:

<?php

use Phalcon\Mvc\Controller;

class PostsController extends Controller
{
    public function indexAction()
    {

    }

    public function saveAction()
    {
        // 检查请求方法是否是POST
        if ($this->request->isPost()) {
            // Access POST data
            $customerName = $this->request->getPost("name");
            $customerBorn = $this->request->getPost("born");
        }
    }
}

文件上传(Uploading Files)

另一个常见的场景是文件上传。 Phalcon\Http\Request 中也有相应的实现:

<?php

use Phalcon\Mvc\Controller;

class PostsController extends Controller
{
    public function uploadAction()
    {
        // Check if the user has uploaded files
        if ($this->request->hasFiles()) {
            $files = $this->request->getUploadedFiles();

            // Print the real file names and sizes
            foreach ($files as $file) {
                // Print file details
                echo $file->getName(), " ", $file->getSize(), "\n";

                // Move the file into the application
                $file->moveTo(
                    "files/" . $file->getName()
                );
            }
        }
    }
}

Each object returned by Phalcon\Http\Request::getUploadedFiles() is an instance of the
Phalcon\Http\Request\File class. Using the $_FILES superglobal
array offers the same behavior. Phalcon\Http\Request\File encapsulates
only the information related to each file uploaded with the request.

使用头信息(Working with Headers)

As mentioned above, request headers contain useful information that allow us to send the proper response back to
the user. The following examples show usages of that information:

<?php

// Get the Http-X-Requested-With header
$requestedWith = $request->getHeader("HTTP_X_REQUESTED_WITH");

if ($requestedWith === "XMLHttpRequest") {
    echo "The request was made with Ajax";
}

// Same as above
if ($request->isAjax()) {
    echo "The request was made with Ajax";
}

// Check the request layer
if ($request->isSecure()) {
    echo "The request was made using a secure layer";
}

// Get the servers's IP address. ie. 192.168.0.100
$ipAddress = $request->getServerAddress();

// Get the client's IP address ie. 201.245.53.51
$ipAddress = $request->getClientAddress();

// Get the User Agent (HTTP_USER_AGENT)
$userAgent = $request->getUserAgent();

// Get the best acceptable content by the browser. ie text/xml
$contentType = $request->getAcceptableContent();

// Get the best charset accepted by the browser. ie. utf-8
$charset = $request->getBestCharset();

// Get the best language accepted configured in the browser. ie. en-us
$language = $request->getBestLanguage();