+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=11)
+--- Thread: codeigniter $_FILES upload (/showthread.php?tid=65409)
codeigniter $_FILES upload - vladakg - 06-08-2016
In Codeigniter syntax for normal PHP code $_POST['name'] is $this->input->post('name'). Does anyone knows what is syntax in CI for $_FILES['file']?
I don't want to upload, I want to catch file and make some action before uploading. In upload helper is only this: $this->upload->do_upload('file') - and that is uploading. I want to manage file before this step.
Thanks in advance
RE: codeigniter $_FILES upload - Narf - 06-08-2016
There is no special "syntax" for accessing $_FILES, nor is there a way to interact with any such file before it is uploaded.
There's also no particularly good reason to choose input->post() over $_POST.
RE: codeigniter $_FILES upload - vladakg - 06-08-2016
(06-08-2016, 11:11 AM)Narf Wrote: There is no special "syntax" for accessing $_FILES, nor is there a way to interact with any such file before it is uploaded.
There's also no particularly good reason to choose input->post() over $_POST.
I think with input->post() I will avoid XSS.
RE: codeigniter $_FILES upload - Avenirer - 06-09-2016
(06-08-2016, 01:07 PM)vladakg Wrote:(06-08-2016, 11:11 AM)Narf Wrote: There is no special "syntax" for accessing $_FILES, nor is there a way to interact with any such file before it is uploaded.
There's also no particularly good reason to choose input->post() over $_POST.
I think with input->post() I will avoid XSS.
input->post() does not avoid xss, unless told explicitly.
input->post() only replaces: isset($_POST['something']) ? $_POST['something'] : NULL;
https://codeigniter.com/user_guide/libraries/input.html#using-post-get-cookie-or-server-data
RE: codeigniter $_FILES upload - vladakg - 06-11-2016
$this->input->post('some_data', TRUE);
But I set $config['global_xss_filtering'] to TRUE.
RE: codeigniter $_FILES upload - InsiteFX - 06-11-2016
You only need to use one or the other not both.
RE: codeigniter $_FILES upload - Narf - 06-11-2016
(06-11-2016, 02:15 AM)vladakg Wrote: $this->input->post('some_data', TRUE);
You can replace this with xss_clean($_POST['some_data'])
(06-11-2016, 02:15 AM)vladakg Wrote: But I set $config['global_xss_filtering'] to TRUE.
This is bad and deprecated.