Retired Documentation:  You are using the documentation for version 1.7.3 which was retired in 2013. Go here for the latest version documentation or check here for your available upgrades to the latest version.

Input Class

Calling the Input Class

ExpressionEngine uses the Input class for fetching all of the incoming data from the superglobal arrays ($_GET, $_POST, $_COOKIE, and $_SERVER), and it also parses the URI of the current page and determines the IP address of the person viewing that page. To use the Input class in your modules, simply call the $IN global in every function that will require the use of any text.

function input_example()
{
	global $IN;

	$user_language = $IN->GBL('language', 'COOKIE');
}

You are not required to use this class to call the incoming data from the superglobal arrays, it will still be available through the superglobals themselves, however, the Input class has the advantage of cleaning up the incoming data by removing any malicious code and managing slashes used for escaping characters. Also, since the ExpressionEngine function for creating cookies [$FNS->set_cookie();] adds a prefix automatically to enable comaptibility with other programs, it is recommended that you use the Input Class, since it automatically strips out that prefix.

Fetching a Superglobal value

$IN->GBL() is used for fetching a value in a superglobal. The first parameter is the name of the key in the superglobal and the second parameter is the case-sensitive name of the superglobal that you wish to check. If no value is found, then FALSE is returned thus allowing you to use this as a check in conditionals or to set default.

$user_language = $IN->GBL('language', 'COOKIE');
// Cookie of the language of the user.

if ( ! $id = $IN->GBL('id', 'GET'))
{
	// If there is no GET value (i.e. &id=4 in URL) do this
}

$group_id = ( ! $IN->GBL('group', 'POST')) ? '4' : $IN->GBL('group', 'POST');
// Sets group_id variable to 4 (Pending), if POST variable is not set

IP Address of Site Visitor

For every page view, ExpressionEngine examines three different server variables in an attempt to detemine the true IP Address of the user visiting the page, even if they are going through a proxy. This IP address' structure is then checked before being set as the class variable $IN->IP. If the IP address does not seem like a valid IP or an IP address is not determinable, then '0.0.0.0' is returned for this variable.

$str = str_replace(LD.'ip_address'.RD, $IN->IP, $str);
$str = str_replace(LD.'ip_hostname'.RD, @gethostbyaddr($IN->IP), $str);

Cleaning Globals without Input Class

There are certain situations where you do not want to use the Input Class, such as multiple variables coming in OR a multi-select list. However, you still probably want the incoming data have any malicious code removed and the slashes for escaped characters managed correctly. You can still do this using the $IN->clean_input_data() function.

foreach ($_POST as $key => $value)
{
	$$key = $IN->clean_input_data($value);
}

Fetch Segments of the URL

There might be a case where you wish to send and retrieve data from the URL. Instead of using $_GET variables (i.e. &var=variablesvalue), you can also send values by creating URL using segments(.../template/variablevalue/). Normally, you can get the last URL segment using the class variable $IN->QSTR, but you might want more segments and then you can use the array variable $IN->SEGS or the $IN->fetch_uri_segment() function.

$entry_id = $IN->QSTR;
// Last segment is often the entry's id or url title.

$entry_id = (! isset($IN->SEGS[sizeof($IN->SEGS)])) ? '0' : $IN->SEGS[sizeof($IN->SEGS)];
$template = (! isset($IN->SEGS[sizeof($IN->SEGS)-1])) ? 'index' : $IN->SEGS[sizeof($IN->SEGS)-1];
// Second to last segment is usually the template's name

if ( ! $template_group = $IN->fetch_uri_segment('1'))
{
    // No URL segments
}

Unlike most numeric PHP arrays, this one does not have a 0 key and instead begins with 1, so that each key/value corresponds to the correct segment and its value in the URL.

Other Class Variables

$IN->SID is the Session ID of the currently logged in user extracted from URI. Only useful if Session ID is required for logging in to either the User side or Control Panel.

$IN->URI is the full URI for this ExpressionEngine page, which is whatever is after the main site file (default is index.php).

$IN->global_vars is an array of the current $global_vars in the path.php file.

$IN->whitelisted is a 'y' or 'n' value specifying whether any data for this request has been matched by the whitelist

$IN->blacklisted is a 'y' or 'n' value specifying whether any data for this request has been matched by the blacklist (if this is "y" and the $IN->whitelisted value is "n", then block the submission).

Top of Page