ApacheRequest

Constructor.

Sets the parameters for this request.

This method also re-initializes all properties.

Creates a new request with values from PHP's super globals.

Creates a Request based on a given URI and configuration.

The information contained in the URI always take precedence over the other information (server and parameters).

Clones a request and overrides some of its parameters.

Clones the current request.

Note that the session is not cloned as duplicated requests are most of the time sub-requests of the main one.

Returns the request as a string.

Overrides the PHP global variables according to this request instance.

It overrides $GET, $POST, $REQUEST, $SERVER, $COOKIE. $FILES is never override, see rfc1867

Sets a list of trusted proxies.

You should only list the reverse proxies that you manage directly.

Gets the list of trusted proxies.

Sets a list of trusted host patterns.

You should only list the hosts you manage using regexs.

Gets the list of trusted host patterns.

Sets the name for trusted headers.

The following header keys are supported:

• Request::HEADERCLIENTIP: defaults to X-Forwarded-For (see getClientIp())
• Request::HEADERCLIENTHOST: defaults to X-Forwarded-Host (see getClientHost())
• Request::HEADERCLIENTPORT: defaults to X-Forwarded-Port (see getClientPort())
• Request::HEADERCLIENTPROTO: defaults to X-Forwarded-Proto (see getScheme() and isSecure())

Setting an empty value allows to disable the trusted header for the given key.

Gets the trusted proxy header name.

Normalizes a query string.

It builds a normalized query string, where keys/value pairs are alphabetized, have consistent escaping and unneeded delimiters are removed.

Enables support for the _method request parameter to determine the intended HTTP method.

Be warned that enabling this feature might lead to CSRF issues in your code. Check that you are using CSRF tokens when required.

The HTTP method can only be overridden when the real HTTP method is POST.

Checks whether support for the _method request parameter is enabled.

Gets a "parameter" value.

This method is mainly useful for libraries that want to provide some flexibility.

Order of precedence: GET, PATH, POST

Avoid using this method in controllers:

• slow
• prefer to get from a "named" source

It is better to explicitly get request parameters from the appropriate public property instead (query, attributes, request).

Gets the Session.

Whether the request contains a Session which was started in one of the previous requests.

Whether the request contains a Session object.

This method does not give any information about the state of the session object, like whether the session is started or not. It is just a way to check if this Request is associated with a Session instance.

Sets the Session.

Returns the client IP addresses.

In the returned array the most trusted IP address is first, and the least trusted one last. The "real" client IP address is the last one, but this is also the least trusted one. Trusted proxies are stripped.

Use this method carefully; you should use getClientIp() instead.

Returns the client IP address.

This method can read the client IP address from the "X-Forwarded-For" header when trusted proxies were set via "setTrustedProxies()". The "X-Forwarded-For" header value is a comma+space separated list of IP addresses, the left-most being the original client, and each successive proxy that passed the request adding the IP address where it received the request from.

If your reverse proxy uses a different header name than "X-Forwarded-For", ("Client-Ip" for instance), configure it via "setTrustedHeaderName()" with the "client-ip" key.

Returns current script name.

Returns the path being requested relative to the executed script.

The path info always starts with a /.

Suppose this request is instantiated from /mysite on localhost:

• http://localhost/mysite returns an empty string
• http://localhost/mysite/about returns '/about'
• http://localhost/mysite/enco%20ded returns '/enco%20ded'
• http://localhost/mysite/about?var=1 returns '/about'

Returns the root path from which this request is executed.

Suppose that an index.php file instantiates this request object:

• http://localhost/index.php returns an empty string
• http://localhost/index.php/page returns an empty string
• http://localhost/web/index.php returns '/web'
• http://localhost/we%20b/index.php returns '/we%20b'

Returns the root URL from which this request is executed.

The base URL never ends with a /.

This is similar to getBasePath(), except that it also includes the script filename (e.g. index.php) if one exists.

Gets the request's scheme.

Returns the port on which the request is made.

This method can read the client port from the "X-Forwarded-Port" header when trusted proxies were set via "setTrustedProxies()".

The "X-Forwarded-Port" header must contain the client port.

If your reverse proxy uses a different header name than "X-Forwarded-Port", configure it via "setTrustedHeaderName()" with the "client-port" key.

Returns the user.

Returns the password.

Gets the user info.

Returns the HTTP host being requested.

The port name will be appended to the host if it's non-standard.

Returns the requested URI.

Gets the scheme and HTTP host.

If the URL was called with basic authentication, the user and the password are not added to the generated string.

Generates a normalized URI for the Request.

Generates a normalized URI for the given path.

Generates the normalized query string for the Request.

It builds a normalized query string, where keys/value pairs are alphabetized and have consistent escaping.

Checks whether the request is secure or not.

This method can read the client port from the "X-Forwarded-Proto" header when trusted proxies were set via "setTrustedProxies()".

The "X-Forwarded-Proto" header must contain the protocol: "https" or "http".

If your reverse proxy uses a different header name than "X-Forwarded-Proto" ("SSL_HTTPS" for instance), configure it via "setTrustedHeaderName()" with the "client-proto" key.

Returns the host name.

This method can read the client port from the "X-Forwarded-Host" header when trusted proxies were set via "setTrustedProxies()".

The "X-Forwarded-Host" header must contain the client host name.

If your reverse proxy uses a different header name than "X-Forwarded-Host", configure it via "setTrustedHeaderName()" with the "client-host" key.

Sets the request method.

Gets the request "intended" method.

If the X-HTTP-Method-Override header is set, and if the method is a POST, then it is used to determine the "real" intended HTTP method.

The _method request parameter can also be used to determine the HTTP method, but only if enableHttpMethodParameterOverride() has been called.

The method is always an uppercased string.

Gets the "real" request method.

Gets the mime type associated with the format.

Gets the format associated with the mime type.

Associates a format with mime types.

Gets the request format.

Here is the process to determine the format:

• format defined by the user (with setRequestFormat())
• _format request parameter
• $default

Sets the request format.

Gets the format associated with the request.

Sets the default locale.

Sets the locale.

Get the locale.

Checks if the request method is of specified type.

Checks whether the method is safe or not.

Returns the request body content.

Gets the Etags.

Returns the preferred language.

Gets a list of languages acceptable by the client browser.

Gets a list of charsets acceptable by the client browser.

Gets a list of content types acceptable by the client browser

Returns true if the request is a XMLHttpRequest.

It works if your JavaScript library set an X-Requested-With HTTP header. It is known to work with common JavaScript frameworks: