Parameters
Every page can receive parameters from the user side/browsers. The CodKep can use 3 type of parameters:
- Parameters came from URL
- Standard html GET parameters
- Standard html POST parameters
All type of parameters above can access same way in CodKep.
Defining parameters
By security reasons you have to define each parameter before use it. The definition have to specify the type of the parameter which divided to security classes, and can tell other properties.
You can define a parameter with the following function:
par_def($name,$security_class,$source = 'all',$accept_empty = true,$default = NULL,$required = NULL)
$nameparameter- This is the name of the parameter. If this is an url parameter the name must be identical the placeholder name in route definition string.
$security_classparameter- Specify the content accepted by this parameter. If the parameter not fit in this security class, the CodKep will disable the access, and show an error message. See available security classes
$sourceparameter.- Restrict the parameter came from a specified source. Possible values are:
"all"All source is accepted. (default)"get"Allows as html GET parameter only."post"Allows as html POST parameter only."url"Allows as url parameter only.
- Restrict the parameter came from a specified source. Possible values are:
$accept_emptyparameter- If this parameter is set the
par_ex()function accepts empty value as defined parameter. (This is the default behaviour)
- If this parameter is set the
$default- The default value in case the parameter is not received.
$required- If the required text is not NULL: The system check the existing of this parameter. In case the parameter is not recieived the CodKep will raise error, with the error text set in this parameter above.
Example definition of two get parameter
function mypage()
{
par_def("id","number0","url",false,NULL,"You have to specify the id of the item");
par_def("name","text3");
//...
//parameters are accesible by par()
print "Id: ".par("id");
print "Name:".par("name");
}
Defining in route definition array
It is possible to do the parameter definition in route definition array.
You have to put an associative array under "parameters" index in
route definition array.
The structure of this array structured this way:
"parameters"=- An associative array of parameters where the index is the name of the parameter which defined.
- Easy definition:The value of the array can be a simple string which is a security class of the parameter.
- Complex definition: The value of the array item is an another associative array where the following key values can presents:
securityThe security class of the parametersourceThe source restriction of the parameteracceptemptyAccepts empty parameters or notdefaultThe default value if not receivedrequiredMake the parameter mandatory, and specify missing error text.
- An associative array of parameters where the index is the name of the parameter which defined.
Note: The items of this array are passed to the par_def() function which define the parameters
according to this array. Because the values of this array are passed to the par_def() see
the documentation of that for further explanations.
An examample defineroute hook which defined two parameter "id" and "name"
function hook_mymodule_defineroute()
{
$r = [];
$r[] = [
'path' => 'showitem/{id}',
'callback' => 'showitempage',
'parameters' => [
'id' => ['security' => 'number0'
'source' => 'url',
'required' => 'You have to specify the id of the item',
],
'name' => 'text3',
],
];
return $r;
}
function showitempage()
{
ob_start();
//You can use par() function here to access parameters
print "Id:".par("id");
print "Name:".par("name");
//...
return ob_get_clean();
}
Using parameters
par($name, $autodefine_type = 'no')
Returns the value of the parameter $name. The parameter must be defined before the value is requested.
In case the $site_config->parameter_autodefine is set true in
site settings the par() function can automatically define the
parameter by the security class $autodefine_type.
par_ex($name, $autodefine_type = 'no')
Return true if the parameter is received, otherwise false.
It does not raise error if the parameter is not defined.
par_is($name, $value,$autodefine_type = 'no')
Return true if the parameter is received and have same value as $value parameter, otherwise false.
It does not raise error if the parameter is not defined.
function mypage()
{
par_def("id","number0","url",false,NULL,"You have to specify the id of the item");
par_def("name","text3");
ob_start();
if(par_is("id","0"))
{
//Only displayed if the "id" parameter is "0"
print "This is the first element!";
}
print "Id: ".par("id");
if(par_ex("name"))
{
//Only displayed if the "name" parameter is received
print "Name:".par("name");
}
return ob_get_clean();
}
There are some helper function to easy handle form date fields: (See forms)
par_date_def($name)
This function defines the three parameter of the specified form date field. It means that you call this function
with "birth" it will define the "birth_year", "birth_month" and "birth_day" parameters with "number0" security class.
par_date_ex($name)
This function returns true if all three part of the specified form date field is passed. Otherwise returns false.
(It uses par_ex() inside)
par_date($name,$define = false)
This function returns the isodate string (yyyy-mm-dd) from the parameter passed form date field if all parts is passed.
If some parts are missing null value returned.
If you pass true in parameter $define the function calls par_date_def($name) before the query.
Other parameter related functions
par_reset()
Erase all parameter definition.
parameters(array $change = [], array $infilter = [], array $outfilter = [])
Returns a key-value array with the defined and set parameters.
The parameter name will be the index, the value is the current value of the parameter,
except if modified by $change parameter.
$changeparameter- Value overwrite array, contains name-value pairs. It does not modify real parameter value just the returned array.
$infilterparameter- Filters the returned parameters. If this parameter is set an not an empty array, the function only returns that parameters which index is present in
$filterarray.
- Filters the returned parameters. If this parameter is set an not an empty array, the function only returns that parameters which index is present in
$outfilterparameter- Filters the returned parameters. If this parameter is set an not an empty array, the function skip returning that parameters which index is present in this array.
is_par_defined($name)
Returns true if the $name named parameter is defined, otherwise false.
Security classes
Every parameter is received through the CodKep parameter system, must meet the restriction of a security class which is assigned to the parameter during the definition. Each security class is defined by a regex. (You can add your own security classes, see below)
Built-in security classes in CodKep:
| code name | Allowed characters/contets |
|---|---|
bool | 01onf |
number0 | 0123456789 |
number0ne | 0123456789 (Not empty) |
number1 | whitespaces 0123456789 . , - |
number1ns | 0123456789 . , - |
numberi | 0123456789 - |
number2 | whitespaces 0123456789 . , ; + - |
text0 | whitespaces a-z A-Z 0-9 |
text0ns | a-z A-Z 0-9 |
text0nsne | a-z A-Z 0-9 (Not empty) |
text0sune | a-z 0-9 _ (Not empty) |
text0sdne | a-z 0-9 - (Not empty) |
text0sd | a-z 0-9 - |
text0sudne | a-z 0-9 _ - (Not empty) |
text0sud | a-z 0-9 _ - |
text1 | whitespaces a-z A-Z 0-9 - _ |
text1ns | a-z A-Z 0-9 - _ |
text2 | whitespaces a-z A-Z 0-9 UnicodeLetters |
text2ns | a-z A-Z 0-9 UnicodeLetters |
text3 | whitespaces a-z A-Z 0-9 UnicodeLetters - _ |
text3ns | a-z A-Z 0-9 UnicodeLetters - _ |
text4 | whitespaces a-z A-Z 0-9 UnicodeLetters - _ . , : ? # / ! ( ) = + |
text4m | whitespaces a-z A-Z 0-9 UnicodeLetters - _ . , : ? # / ! ( ) = + @ |
text4ns | a-z A-Z 0-9 UnicodeLetters - _ . , : ? # / ! ( ) = + |
text5 | whitespaces a-z A-Z 0-9 UnicodeLetters - _ . , : ? & # / ! ( ) = % + ; @ * |
text6 | whitespaces a-z A-Z 0-9 UnicodeLetters - _ . , : ? & # / ! ( ) = % + ; @ * " |
textemail | a-z A-Z 0-9 UnicodeLetters - _ . @ " |
textbase64 | a-z A-Z 0-9 = |
tst | whitespaces a-z A-Z 0-9 UnicodeLetters - : . + |
tstns | a-z A-Z 0-9 UnicodeLetters - : . + |
isodate | NNNN-NN-NN e.g: 2016-10-11 |
neuttext | whitespaces a-z A-Z 0-9 UnicodeLetters - _ ? ! . () |
ipv4address | IPv4 addresses eg: 192.168.1.12 |
free | no limitations |
no | only match to empty string |
You can define your own security classes with register_parameter_security_class(name,regex) function.
register_parameter_security_class($name,$regex)
$name- The security class name to define
$regex- The regex pattern to assign with the defined security class
A security class can be defined by a regex. See the following example which define the "user_id" security class in "mymodule" module.
function hook_mymodule_init()
{
register_parameter_security_class('user_id','/^user_[0-9]+$/');
}
function mypage()
{
par_def("uid","user_id");
$uid = par("uid");
//...
}
Parameter handling relates settings
The settings which can set in site settings.
| name | default | description |
|---|---|---|
$site_config->param_event_locations['undefined'] | 'param_undefined_error' | The built-in undefined parameter error page location. |
$site_config->param_event_locations['missing'] | 'missing_parameter_error' | The built-in missing parameter error page location. |
$site_config->param_event_locations['security'] | 'param_security_error' | The built-in parameter not match to the security class error page location. |
Hooks
The following hooks can be implement related to the parameter system.
| Hook | Description |
|---|---|
| HOOK_parameter_missing($name,$required) | The hook is activated when a required parameter is missing. |
| HOOK_parameter_undefined($name) | The hook is activated when a parameter is queried but not defined. |
| HOOK_parameter_security_error($name,$sc) | The hook is activated when a parameter does not fit in the defined security class. |