The system Request object is created at the very beginning of the framework's HTTP request processing.
It is not only created but also populated with information (headers, parameters, etc.)
This object facilitates the initial functioning of the HLEB2 framework while processing a request.
The system Request is solely intended for this purpose.
The Request service, which can be obtained from the container by default and through which the current request data can be utilized, is a wrapper over the system object.
Methods of obtaining data from the Request in controllers (and all classes inherited from Hleb\Base\Container) using the current HTTP method:
Example of obtaining the HTTP method from the Request in application code:
Additionally, the Request object can be obtained through dependency injection via the Hleb\Reference\Interface\Request interface.
To simplify examples, henceforth they will only contain references through Hleb\Static\Request.
A request to the application is made with a specific HTTP method; the framework supports the following: 'GET', 'POST', 'DELETE', 'PUT', 'PATCH', 'OPTIONS' (and 'HEAD').
The methods getMethod() and isMethod() help determine the current method.
The former returns a value like 'GET', while the isMethod(...) method requires specifying the sought value for comparison.
Data sent along with the request can be used in various ways. They can be stored in their original form without requiring preliminary processing. However, if they need to be displayed immediately in the response, the data should be secured against the injection of executable scripts. The get() and post() methods return an object with the corresponding parameter. This object can be used to obtain both raw data and data transformed into the required format.
The most common mistake when using the object returned by these methods is using this object as a value instead of obtaining the value from the object.
If you need to get the result as an array, for example, for a query with '?param[key]=value', the object with the value has an asArray() method, where array values will be protected from XSS vulnerabilities. The value() method returns an array but contains raw, unprocessed data.
The input() method is used to determine and retrieve an array of data from the body of the request.
This can be JSON data or url-encoded parameters transformed into an array.
Thus, you can retrieve as an array POST-, PUT-, PATCH-, or DELETE parameters or parameters passed in the body of the request in JSON format.
Data obtained with the input() method represents processed values with HTML tags converted into special characters.
If you need to get the body of the request as an array in its original form, the getParsedBody() method is designed for this purpose. It is similar to input(), but it returns data in unprocessed form.
If the previous formats do not fit, the request body in its original form, as a string value, is returned by the getRawBody() method. This way, you can transform the data into the required format yourself.
These request parameters refer to the dynamic parts of the route, with specific values assigned to them in the request. The param() method allows retrieving these values by the name of the dynamic parameter. The result will be an object through which the value can be accessed in the desired format.
For instance, if a request matches a route of this type:
For the URL /10/main/, the parameters 'version' and 'page' are defined as follows:
A common mistake when using the object returned by this method can be using this object as the value itself, rather than extracting the value from the object.
The data() method returns an array of objects for all dynamic parameters. Values from these objects can similarly be accessed in both raw and processed formats.
To retrieve the original dynamic route parameters as an array of values without processing, use the rawData() method.
Note that when the framework processes incoming data (when selected), it only protects against XSS attacks. In other cases, such as when quote escaping is required for database storage, additional security measures must be applied.
The object returned by the getUri() method is based on the UriInterface from PSR-7, enabling you to retrieve the following request data:
getUri()->getHost() - the domain name of the current request, such as 'mob.example.com'. It may include the port if it’s specified in the request.
getUri()->getPath() - the path in the address following the host, e.g., '/ru/example/page' or '/ru/example/page/'.
getUri()->getQuery() - the query parameters, such as '?param1=value1¶m2=value2'.
getUri()->getPort() - the request port.
getUri()->getScheme() - the HTTP scheme of the request, 'http' or 'https'.
getUri()->getIp() - the request IP address.
To specify the type of HTTP scheme, use the isHttpSecure() method. It returns whether the scheme is 'https'.
The getHttpScheme() method returns the current HTTP scheme as either 'http://' or 'https://'.
The getHost() method is used to retrieve the domain name of the current request. It is equivalent to getUri()->getHost().
Together with the HTTP scheme, you can get the host address by using the getSchemeAndHost() method.
The getAddress() method returns the full URL of the request, excluding GET parameters.
When a user uploads a file or files, you can retrieve their data using the getFiles() method. It returns an array of arrays with data or an array of objects, depending on whether the framework was initiated with an external Request.
The array of all incoming request headers is returned by the getHeaders() method. These are request headers sorted by key (name).
You can check for the existence of a header by name using the hasHeader() method.
The getHeader() method returns an array of matching headers (values) by name.
The getHeaderLine() method also returns header values by name, but as a string in enumeration form.
To retrieve data set by the web server in the $_SERVER variable, you can use the server() method. It returns the value by parameter name.
The getProtocolVersion() method returns the request protocol version, for example '1.1'.
← Dependency Injection Response →