You may access all user input with a few simple methods. You do not need to worry about the HTTP verb for the request when using the Input facade, as input is accessed in the same way for all verbs. The global input helper function is an alias for Input::get.
$name = Input::get('name');
$name = Input::get('name', 'Sally');
if (Input::has('name')) {
//
}
$input = Input::all();
$input = Input::only('username', 'password');
$input = Input::except('credit_card');
When working on forms with "array" inputs, you may use dot notation to access the arrays:
$input = Input::get('products.0.name');
Note: Some JavaScript libraries such as Backbone may send input to the application as JSON. You may access this data via
Input::getlike normal.
By default, all cookies created by the October are encrypted and signed with an authentication code, meaning they will be considered invalid if they have been changed by the client. Cookies named in the cookie.unencryptedCookies config key will not be encrypted.
Note: Cookies are encrypted with the APP_KEY, so there is the potential for cookies to be crafted by the client if they know the APP_KEY. If your application's encryption key is in the hands of a malicious party, that party could craft cookie values using the encryption key and exploit vulnerabilities inherit to PHP object serialization / unserialization, such as calling arbitrary class methods within your application. To mitigate that, always rotate your APP_KEY if you suspect it has been compromised and ensure you always verify that the data you received from a cookie is what you expect it to be before using it.
$value = Cookie::get('name');
$response = Response::make('Hello World');
$response->withCookie(Cookie::make('name', 'value', $minutes));
If you would like to set a cookie before a response has been created, use the Cookie::queue method. The cookie will automatically be attached to the final response from your application.
Cookie::queue($name, $value, $minutes);
$cookie = Cookie::forever('name', 'value');
If you don't want some cookies to be encrypted or decrypted, you can specify them in configuration. This is useful, for example, when you want to pass data from frontend to server side backend via cookies, and vice versa.
Add names of the cookies that should not be encrypted or decrypted to unencryptedCookies parameter in the config/cookie.php configuration file.
/*
|--------------------------------------------------------------------------
| Cookies without encryption
|--------------------------------------------------------------------------
|
| OctoberCMS encrypts/decrypts cookies by default. You can specify cookies
| that should not be encrypted or decrypted here. This is useful, for
| example, when you want to pass data from frontend to server side backend
| via cookies, and vice versa.
|
*/
'unencryptedCookies' => [
'my_cookie',
],
Alternatively for plugins, you can also add these dynamically from Plugin.php of your plugin.
public function boot()
{
Config::push('cookie.unencryptedCookies', "my_cookie");
}
You may need to keep input from one request until the next request. For example, you may need to re-populate a form after checking it for validation errors.
Input::flash();
Input::flashOnly('username', 'email');
Input::flashExcept('password');
Since you often will want to flash input in association with a redirect to the previous page, you may easily chain input flashing onto a redirect.
return Redirect::to('form')->withInput();
return Redirect::to('form')->withInput(Input::except('password'));
Note: You may flash other data across requests using the Session class.
Input::old('username');
$file = Input::file('photo');
if (Input::hasFile('photo')) {
//
}
The object returned by the file method is an instance of the Symfony\Component\HttpFoundation\File\UploadedFile class, which extends the PHP SplFileInfo class and provides a variety of methods for interacting with the file.
if (Input::file('photo')->isValid()) {
//
}
Input::file('photo')->move($destinationPath);
Input::file('photo')->move($destinationPath, $fileName);
$path = Input::file('photo')->getRealPath();
$name = Input::file('photo')->getClientOriginalName();
$extension = Input::file('photo')->getClientOriginalExtension();
$size = Input::file('photo')->getSize();
$mime = Input::file('photo')->getMimeType();
The Request class provides many methods for examining the HTTP request for your application and extends the Symfony\Component\HttpFoundation\Request class. Here are some of the highlights.
$uri = Request::path();
$method = Request::method();
if (Request::isMethod('post')) {
//
}
if (Request::is('admin/*')) {
//
}
$url = Request::url();
$segment = Request::segment(1);
$value = Request::header('Content-Type');
$value = Request::server('PATH_INFO');
if (Request::secure()) {
//
}
if (Request::ajax()) {
//
}
if (Request::isJson()) {
//
}
if (Request::wantsJson()) {
//
}
The Request::format method will return the requested response format based on the HTTP Accept header:
if (Request::format() == 'json') {
//
}