Symfony\Component\HttpFoundation\Request | Symfony API
2.3 branch
2.7 branch
2.8 branch
3.0 branch
3.1 branch
master branch
Request represents an HTTP request.
The methods dealing with URL accept / return a raw path (% encoded):
* getBasePath
* getBaseUrl
* getPathInfo
* getRequestUri
* getUriForPath
HEADER_CLIENT_IP
HEADER_CLIENT_HOST
HEADER_CLIENT_PROTO
HEADER_CLIENT_PORT
Properties
$attributes
Custom parameters
Request body parameters ($_POST)
Query string parameters ($_GET)
Server and execution environment parameters ($_SERVER)
Uploaded files ($_FILES)
Cookies ($_COOKIE)
Headers (taken from the $_SERVER)
(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), string $content = null)
Constructor.
(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), string $content = null)
Sets the parameters for this request.
Creates a new request with values from PHP's super globals.
(string $uri, string $method = 'GET', array $parameters = array(), array $cookies = array(), array $files = array(), array $server = array(), string $content = null)
Creates a Request based on a given URI and configuration.
(array $query = null, array $request = null, array $attributes = null, array $cookies = null, array $files = null, array $server = null)
Clones a request and overrides some of its parameters.
Clones the current request.
Returns the request as a string.
Overrides the PHP global variables according to this request instance.
(array $proxies)
Sets a list of trusted proxies.
static&array
Gets the list of trusted proxies.
(array $hostPatterns)
Sets a list of trusted host patterns.
static&array
Gets the list of trusted host patterns.
(string $key, string $value)
Sets the name for trusted headers.
static&string
(string $key)
Gets the trusted proxy header name.
static&string
(string $qs)
Normalizes a query string.
Enables support for the _method request parameter to determine the intended HTTP method.
static&Boolean
Checks whether support for the _method request parameter is enabled.
(string $key, mixed $default = null, Boolean $deep = false)
Gets a "parameter" value.
Gets the Session.
Whether the request contains a Session which was started in one of the
previous requests.
Whether the request contains a Session object.
( $session)
Sets the Session.
Returns the client IP addresses.
Returns the client IP address.
Returns current script name.
Returns the path being requested relative to the executed script.
Returns the root path from which this request is executed.
Returns the root URL from which this request is executed.
Gets the request's scheme.
Returns the port on which the request is made.
string|null
Returns the user.
string|null
Returns the password.
Gets the user info.
Returns the HTTP host being requested.
Returns the requested URI.
Gets the scheme and HTTP host.
Generates a normalized URI for the Request.
(string $path)
Generates a normalized URI for the given path.
string|null
Generates the normalized query string for the Request.
Checks whether the request is secure or not.
Returns the host name.
(string $method)
Sets the request method.
Gets the request "intended" method.
Gets the "real" request method.
(string $format)
Gets the mime type associated with the format.
string|null
(string $mimeType)
Gets the format associated with the mime type.
(string $format, string|array $mimeTypes)
Associates a format with mime types.
(string $default = 'html')
Gets the request format.
(string $format)
Sets the request format.
string|null
Gets the format associated with the request.
(string $locale)
Sets the default locale.
(string $locale)
Sets the locale.
Get the locale.
(string $method)
Checks if the request method is of specified type.
Checks whether the method is safe or not.
string|resource
(Boolean $asResource = false)
Returns the request body content.
Gets the Etags.
No description
string|null
(array $locales = null)
Returns the preferred language.
Gets a list of languages acceptable by the client browser.
Gets a list of charsets acceptable by the client browser.
Gets a list of content types acceptable by the client browser
Returns true if the request is a XMLHttpRequest.
__construct(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), string $content = null)
Constructor.
initialize(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), string $content = null)
Sets the parameters for this request.
This method also re-initializes all properties.
createFromGlobals()
Creates a new request with values from PHP's super globals.
create(string $uri, string $method = 'GET', array $parameters = array(), array $cookies = array(), array $files = array(), array $server = array(), string $content = null)
Creates a Request based on a given URI and configuration.
The information contained in the URI always take precedence
over the other information (server and parameters).
duplicate(array $query = null, array $request = null, array $attributes = null, array $cookies = null, array $files = null, array $server = null)
Clones a request and overrides some of its parameters.
Clones the current request.
Note that the session is not cloned as duplicated requests
are most of the time sub-requests of the main one.
__toString()
Returns the request as a string.
overrideGlobals()
Overrides the PHP global variables according to this request instance.
It overrides $GET, $POST, $REQUEST, $SERVER, $COOKIE.
$FILES is never override, see rfc1867
setTrustedProxies(array $proxies)
Sets a list of trusted proxies.
You should only list the reverse proxies that you manage directly.
getTrustedProxies()
Gets the list of trusted proxies.
setTrustedHosts(array $hostPatterns)
Sets a list of trusted host patterns.
You should only list the hosts you manage using regexs.
getTrustedHosts()
Gets the list of trusted host patterns.
Sets the name for trusted headers.
The following header keys are supported:
Request::HEADERCLIENTIP:
defaults to X-Forwarded-For
(see getClientIp())
Request::HEADERCLIENTHOST:
defaults to X-Forwarded-Host
(see getClientHost())
Request::HEADERCLIENTPORT:
defaults to X-Forwarded-Port
(see getClientPort())
Request::HEADERCLIENTPROTO: defaults to X-Forwarded-Proto (see getScheme() and isSecure())
Setting an empty value allows to disable the trusted header for the given key.
Gets the trusted proxy header name.
normalizeQueryString(string $qs)
Normalizes a query string.
It builds a normalized query string, where keys/value pairs are alphabetized,
have consistent escaping and unneeded delimiters are removed.
enableHttpMethodParameterOverride()
Enables support for the _method request parameter to determine the intended HTTP method.
Be warned that enabling this feature might lead to CSRF issues in your code.
Check that you are using CSRF tokens when required.
The HTTP method can only be overridden when the real HTTP method is POST.
getHttpMethodParameterOverride()
Checks whether support for the _method request parameter is enabled.
get(string $key, mixed $default = null, Boolean $deep = false)
Gets a "parameter" value.
This method is mainly useful for libraries that want to provide some flexibility.
Order of precedence: GET, PATH, POST
Avoid using this method in controllers:
prefer to get from a "named" source
It is better to explicitly get request parameters from the appropriate
public property instead (query, attributes, request).
getSession()
Gets the Session.
hasPreviousSession()
Whether the request contains a Session which was started in one of the
previous requests.
hasSession()
Whether the request contains a Session object.
This method does not give any information about the state of the session object,
like whether the session is started or not. It is just a way to check if this Request
is associated with a Session instance.
setSession( $session)
Sets the Session.
getClientIps()
Returns the client IP addresses.
In the returned array the most trusted IP address is first, and the
least trusted one last. The "real" client IP address is the last one,
but this is also the least trusted one. Trusted proxies are stripped.
Use t you should use getClientIp() instead.
getClientIp()
Returns the client IP address.
This method can read the client IP address from the "X-Forwarded-For" header
when trusted proxies were set via "setTrustedProxies()". The "X-Forwarded-For"
header value is a comma+space separated list of IP addresses, the left-most
being the original client, and each successive proxy that passed the request
adding the IP address where it received the request from.
If your reverse proxy uses a different header name than "X-Forwarded-For",
("Client-Ip" for instance), configure it via "setTrustedHeaderName()" with
the "client-ip" key.
getScriptName()
Returns current script name.
Returns the path being requested relative to the executed script.
The path info always starts with a /.
Suppose this request is instantiated from /mysite on localhost:
http://localhost/mysite
returns an empty string
http://localhost/mysite/about
returns '/about'
http://localhost/mysite/enco%20ded
returns '/enco%20ded'
http://localhost/mysite/about?var=1
returns '/about'
getBasePath()
Returns the root path from which this request is executed.
Suppose that an index.php file instantiates this request object:
http://localhost/index.php
returns an empty string
http://localhost/index.php/page
returns an empty string
http://localhost/web/index.php
returns '/web'
http://localhost/we%20b/index.php
returns '/we%20b'
getBaseUrl()
Returns the root URL from which this request is executed.
The base URL never ends with a /.
This is similar to getBasePath(), except that it also includes the
script filename (e.g. index.php) if one exists.
getScheme()
Gets the request's scheme.
Returns the port on which the request is made.
This method can read the client port from the "X-Forwarded-Port" header
when trusted proxies were set via "setTrustedProxies()".
The "X-Forwarded-Port" header must contain the client port.
If your reverse proxy uses a different header name than "X-Forwarded-Port",
configure it via "setTrustedHeaderName()" with the "client-port" key.
string|null
Returns the user.
string|null
getPassword()
Returns the password.
Gets the user info.
getHttpHost()
Returns the HTTP host being requested.
The port name will be appended to the host if it's non-standard.
getRequestUri()
Returns the requested URI.
getSchemeAndHttpHost()
Gets the scheme and HTTP host.
If the URL was called with basic authentication, the user
and the password are not added to the generated string.
Generates a normalized URI for the Request.
getUriForPath(string $path)
Generates a normalized URI for the given path.
string|null
getQueryString()
Generates the normalized query string for the Request.
It builds a normalized query string, where keys/value pairs are alphabetized
and have consistent escaping.
isSecure()
Checks whether the request is secure or not.
This method can read the client port from the "X-Forwarded-Proto" header
when trusted proxies were set via "setTrustedProxies()".
The "X-Forwarded-Proto" header must contain the protocol: "https" or "http".
If your reverse proxy uses a different header name than "X-Forwarded-Proto"
("SSL_HTTPS" for instance), configure it via "setTrustedHeaderName()" with
the "client-proto" key.
Returns the host name.
This method can read the client port from the "X-Forwarded-Host" header
when trusted proxies were set via "setTrustedProxies()".
The "X-Forwarded-Host" header must contain the client host name.
If your reverse proxy uses a different header name than "X-Forwarded-Host",
configure it via "setTrustedHeaderName()" with the "client-host" key.
setMethod(string $method)
Sets the request method.
getMethod()
Gets the request "intended" method.
If the X-HTTP-Method-Override header is set, and if the method is a POST,
then it is used to determine the "real" intended HTTP method.
The _method request parameter can also be used to determine the HTTP method,
but only if enableHttpMethodParameterOverride() has been called.
The method is always an uppercased string.
getRealMethod()
Gets the "real" request method.
getMimeType(string $format)
Gets the mime type associated with the format.
string|null
getFormat(string $mimeType)
Gets the format associated with the mime type.
setFormat(string $format, string|array $mimeTypes)
Associates a format with mime types.
getRequestFormat(string $default = 'html')
Gets the request format.
Here is the process to determine the format:
format defined by the user (with setRequestFormat())
_format request parameter
setRequestFormat(string $format)
Sets the request format.
string|null
getContentType()
Gets the format associated with the request.
setDefaultLocale(string $locale)
Sets the default locale.
setLocale(string $locale)
Sets the locale.
getLocale()
Get the locale.
isMethod(string $method)
Checks if the request method is of specified type.
isMethodSafe()
Checks whether the method is safe or not.
string|resource
getContent(Boolean $asResource = false)
Returns the request body content.
Gets the Etags.
isNoCache()
string|null
getPreferredLanguage(array $locales = null)
Returns the preferred language.
getLanguages()
Gets a list of languages acceptable by the client browser.
getCharsets()
Gets a list of charsets acceptable by the client browser.
getAcceptableContentTypes()
Gets a list of content types acceptable by the client browser
isXmlHttpRequest()
Returns true if the request is a XMLHttpRequest.
It works if your JavaScript library set an X-Requested-With HTTP header.
It is known to work with common JavaScript frameworks: