\REST_Controller

CodeIgniter Rest Controller A fully RESTful server implementation for CodeIgniter using one library, one config file and one controller.

Summary

Methods
Properties
Constants
__construct()
__destruct()
_remap()
response()
set_response()
get()
options()
head()
post()
put()
delete()
patch()
query()
validation_errors()
$db
$dbforge
$benchmark
$calendar
$cart
$config
$controller
$email
$encrypt
$exceptions
$form_validation
$ftp
$hooks
$image_lib
$input
$language
$load
$log
$model
$output
$pagination
$parser
$profiler
$router
$session
$sha1
$table
$trackbackv
$typography
$unit_test
$upload
$uri
$user_agent
$validation
$xmlrpc
$xmlrpcs
$zip
HTTP_CONTINUE
HTTP_SWITCHING_PROTOCOLS
HTTP_PROCESSING
HTTP_OK
HTTP_CREATED
HTTP_ACCEPTED
HTTP_NON_AUTHORITATIVE_INFORMATION
HTTP_NO_CONTENT
HTTP_RESET_CONTENT
HTTP_PARTIAL_CONTENT
HTTP_MULTI_STATUS
HTTP_ALREADY_REPORTED
HTTP_IM_USED
HTTP_MULTIPLE_CHOICES
HTTP_MOVED_PERMANENTLY
HTTP_FOUND
HTTP_SEE_OTHER
HTTP_NOT_MODIFIED
HTTP_USE_PROXY
HTTP_RESERVED
HTTP_TEMPORARY_REDIRECT
HTTP_PERMANENTLY_REDIRECT
HTTP_BAD_REQUEST
HTTP_UNAUTHORIZED
HTTP_PAYMENT_REQUIRED
HTTP_FORBIDDEN
HTTP_NOT_FOUND
HTTP_METHOD_NOT_ALLOWED
HTTP_NOT_ACCEPTABLE
HTTP_PROXY_AUTHENTICATION_REQUIRED
HTTP_REQUEST_TIMEOUT
HTTP_CONFLICT
HTTP_GONE
HTTP_LENGTH_REQUIRED
HTTP_PRECONDITION_FAILED
HTTP_REQUEST_ENTITY_TOO_LARGE
HTTP_REQUEST_URI_TOO_LONG
HTTP_UNSUPPORTED_MEDIA_TYPE
HTTP_REQUESTED_RANGE_NOT_SATISFIABLE
HTTP_EXPECTATION_FAILED
HTTP_I_AM_A_TEAPOT
HTTP_UNPROCESSABLE_ENTITY
HTTP_LOCKED
HTTP_FAILED_DEPENDENCY
HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL
HTTP_UPGRADE_REQUIRED
HTTP_PRECONDITION_REQUIRED
HTTP_TOO_MANY_REQUESTS
HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE
HTTP_INTERNAL_SERVER_ERROR
HTTP_NOT_IMPLEMENTED
HTTP_BAD_GATEWAY
HTTP_SERVICE_UNAVAILABLE
HTTP_GATEWAY_TIMEOUT
HTTP_VERSION_NOT_SUPPORTED
HTTP_VARIANT_ALSO_NEGOTIATES_EXPERIMENTAL
HTTP_INSUFFICIENT_STORAGE
HTTP_LOOP_DETECTED
HTTP_NOT_EXTENDED
HTTP_NETWORK_AUTHENTICATION_REQUIRED
early_checks()
preflight_checks()
_detect_input_format()
_get_default_output_format()
_detect_output_format()
_detect_method()
_detect_api_key()
_detect_lang()
_log_request()
_check_limit()
_auth_override_check()
_parse_get()
_parse_post()
_parse_put()
_parse_head()
_parse_options()
_parse_patch()
_parse_delete()
_parse_query()
_xss_clean()
_perform_ldap_auth()
_perform_library_auth()
_check_login()
_check_php_session()
_prepare_basic_auth()
_prepare_digest_auth()
_check_blacklist_auth()
_check_whitelist_auth()
_force_login()
_log_access_time()
_log_response_code()
_check_access()
_check_cors()
$rest_format
$methods
$allowed_http_methods
$request
$response
$rest
$_get_args
$_post_args
$_put_args
$_delete_args
$_patch_args
$_head_args
$_options_args
$_query_args
$_args
$_insert_id
$_allow
$_user_ldap_dn
$_start_rtime
$_end_rtime
$_supported_formats
$_apiuser
$check_cors
$_enable_xss
$http_status_codes
N/A
No private methods found
No private properties found
N/A

Constants

HTTP_CONTINUE

HTTP_CONTINUE

HTTP_SWITCHING_PROTOCOLS

HTTP_SWITCHING_PROTOCOLS

HTTP_PROCESSING

HTTP_PROCESSING

HTTP_OK

HTTP_OK

The request has succeeded

HTTP_CREATED

HTTP_CREATED

The server successfully created a new resource

HTTP_ACCEPTED

HTTP_ACCEPTED

HTTP_NON_AUTHORITATIVE_INFORMATION

HTTP_NON_AUTHORITATIVE_INFORMATION

HTTP_NO_CONTENT

HTTP_NO_CONTENT

The server successfully processed the request, though no content is returned

HTTP_RESET_CONTENT

HTTP_RESET_CONTENT

HTTP_PARTIAL_CONTENT

HTTP_PARTIAL_CONTENT

HTTP_MULTI_STATUS

HTTP_MULTI_STATUS

HTTP_ALREADY_REPORTED

HTTP_ALREADY_REPORTED

HTTP_IM_USED

HTTP_IM_USED

HTTP_MULTIPLE_CHOICES

HTTP_MULTIPLE_CHOICES

HTTP_MOVED_PERMANENTLY

HTTP_MOVED_PERMANENTLY

HTTP_FOUND

HTTP_FOUND

HTTP_SEE_OTHER

HTTP_SEE_OTHER

HTTP_NOT_MODIFIED

HTTP_NOT_MODIFIED

The resource has not been modified since the last request

HTTP_USE_PROXY

HTTP_USE_PROXY

HTTP_RESERVED

HTTP_RESERVED

HTTP_TEMPORARY_REDIRECT

HTTP_TEMPORARY_REDIRECT

HTTP_PERMANENTLY_REDIRECT

HTTP_PERMANENTLY_REDIRECT

HTTP_BAD_REQUEST

HTTP_BAD_REQUEST

The request cannot be fulfilled due to multiple errors

HTTP_UNAUTHORIZED

HTTP_UNAUTHORIZED

The user is unauthorized to access the requested resource

HTTP_PAYMENT_REQUIRED

HTTP_PAYMENT_REQUIRED

HTTP_FORBIDDEN

HTTP_FORBIDDEN

The requested resource is unavailable at this present time

HTTP_NOT_FOUND

HTTP_NOT_FOUND

The requested resource could not be found

Note: This is sometimes used to mask if there was an UNAUTHORIZED (401) or FORBIDDEN (403) error, for security reasons

HTTP_METHOD_NOT_ALLOWED

HTTP_METHOD_NOT_ALLOWED

The request method is not supported by the following resource

HTTP_NOT_ACCEPTABLE

HTTP_NOT_ACCEPTABLE

The request was not acceptable

HTTP_PROXY_AUTHENTICATION_REQUIRED

HTTP_PROXY_AUTHENTICATION_REQUIRED

HTTP_REQUEST_TIMEOUT

HTTP_REQUEST_TIMEOUT

HTTP_CONFLICT

HTTP_CONFLICT

The request could not be completed due to a conflict with the current state of the resource

HTTP_GONE

HTTP_GONE

HTTP_LENGTH_REQUIRED

HTTP_LENGTH_REQUIRED

HTTP_PRECONDITION_FAILED

HTTP_PRECONDITION_FAILED

HTTP_REQUEST_ENTITY_TOO_LARGE

HTTP_REQUEST_ENTITY_TOO_LARGE

HTTP_REQUEST_URI_TOO_LONG

HTTP_REQUEST_URI_TOO_LONG

HTTP_UNSUPPORTED_MEDIA_TYPE

HTTP_UNSUPPORTED_MEDIA_TYPE

HTTP_REQUESTED_RANGE_NOT_SATISFIABLE

HTTP_REQUESTED_RANGE_NOT_SATISFIABLE

HTTP_EXPECTATION_FAILED

HTTP_EXPECTATION_FAILED

HTTP_I_AM_A_TEAPOT

HTTP_I_AM_A_TEAPOT

HTTP_UNPROCESSABLE_ENTITY

HTTP_UNPROCESSABLE_ENTITY

HTTP_LOCKED

HTTP_LOCKED

HTTP_FAILED_DEPENDENCY

HTTP_FAILED_DEPENDENCY

HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL

HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL

HTTP_UPGRADE_REQUIRED

HTTP_UPGRADE_REQUIRED

HTTP_PRECONDITION_REQUIRED

HTTP_PRECONDITION_REQUIRED

HTTP_TOO_MANY_REQUESTS

HTTP_TOO_MANY_REQUESTS

HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE

HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE

HTTP_INTERNAL_SERVER_ERROR

HTTP_INTERNAL_SERVER_ERROR

The server encountered an unexpected error

Note: This is a generic error message when no specific message is suitable

HTTP_NOT_IMPLEMENTED

HTTP_NOT_IMPLEMENTED

The server does not recognise the request method

HTTP_BAD_GATEWAY

HTTP_BAD_GATEWAY

HTTP_SERVICE_UNAVAILABLE

HTTP_SERVICE_UNAVAILABLE

HTTP_GATEWAY_TIMEOUT

HTTP_GATEWAY_TIMEOUT

HTTP_VERSION_NOT_SUPPORTED

HTTP_VERSION_NOT_SUPPORTED

HTTP_VARIANT_ALSO_NEGOTIATES_EXPERIMENTAL

HTTP_VARIANT_ALSO_NEGOTIATES_EXPERIMENTAL

HTTP_INSUFFICIENT_STORAGE

HTTP_INSUFFICIENT_STORAGE

HTTP_LOOP_DETECTED

HTTP_LOOP_DETECTED

HTTP_NOT_EXTENDED

HTTP_NOT_EXTENDED

HTTP_NETWORK_AUTHENTICATION_REQUIRED

HTTP_NETWORK_AUTHENTICATION_REQUIRED

Properties

$db

$db : \CI_DB_query_builder

Type

\CI_DB_query_builder

$dbforge

$dbforge : \CI_DB_forge

Type

\CI_DB_forge

$benchmark

$benchmark : \CI_Benchmark

Type

\CI_Benchmark

$calendar

$calendar : \CI_Calendar

Type

\CI_Calendar

$cart

$cart : \CI_Cart

Type

\CI_Cart

$config

$config : \CI_Config

Type

\CI_Config

$controller

$controller : \CI_Controller

Type

\CI_Controller

$email

$email : \CI_Email

Type

\CI_Email

$encrypt

$encrypt : \CI_Encrypt

Type

\CI_Encrypt

$exceptions

$exceptions : \CI_Exceptions

Type

\CI_Exceptions

$form_validation

$form_validation : \CI_Form_validation

Type

\CI_Form_validation

$ftp

$ftp : \CI_Ftp

Type

\CI_Ftp

$hooks

$hooks : \CI_Hooks

Type

\CI_Hooks

$image_lib

$image_lib : \CI_Image_lib

Type

\CI_Image_lib

$input

$input : \CI_Input

Type

\CI_Input

$language

$language : \CI_Language

Type

\CI_Language

$load

$load : \CI_Loader

Type

\CI_Loader

$log

$log : \CI_Log

Type

\CI_Log

$model

$model : \CI_Model

Type

\CI_Model

$output

$output : \CI_Output

Type

\CI_Output

$pagination

$pagination : \CI_Pagination

Type

\CI_Pagination

$parser

$parser : \CI_Parser

Type

\CI_Parser

$profiler

$profiler : \CI_Profiler

Type

\CI_Profiler

$router

$router : \CI_Router

Type

\CI_Router

$session

$session : \CI_Session

Type

\CI_Session

$sha1

$sha1 : \CI_Sha1

Type

\CI_Sha1

$table

$table : \CI_Table

Type

\CI_Table

$trackbackv

$trackbackv : \CI_Trackback

Type

\CI_Trackback

$typography

$typography : \CI_Typography

Type

\CI_Typography

$unit_test

$unit_test : \CI_Unit_test

Type

\CI_Unit_test

$upload

$upload : \CI_Upload

Type

\CI_Upload

$uri

$uri : \CI_URI

Type

\CI_URI

$user_agent

$user_agent : \CI_User_agent

Type

\CI_User_agent

$validation

$validation : \CI_Validation

Type

\CI_Validation

$xmlrpc

$xmlrpc : \CI_Xmlrpc

Type

\CI_Xmlrpc

$xmlrpcs

$xmlrpcs : \CI_Xmlrpcs

Type

\CI_Xmlrpcs

$zip

$zip : \CI_Zip

Type

\CI_Zip

$rest_format

$rest_format : string|NULL

This defines the rest format Must be overridden it in a controller so that it is set

Type

string|NULL

$methods

$methods : array

Defines the list of method properties such as limit, log and level

Type

array

$allowed_http_methods

$allowed_http_methods : array

List of allowed HTTP methods

Type

array

$request

$request : object

Contains details about the request Fields: body, format, method, ssl Note: This is a dynamic object (stdClass)

Type

object

$response

$response : object

Contains details about the response Fields: format, lang Note: This is a dynamic object (stdClass)

Type

object

$rest

$rest : object

Contains details about the REST API Fields: db, ignore_limits, key, level, user_id Note: This is a dynamic object (stdClass)

Type

object

$_get_args

$_get_args : array

The arguments for the GET request method

Type

array

$_post_args

$_post_args : array

The arguments for the POST request method

Type

array

$_put_args

$_put_args : array

The arguments for the PUT request method

Type

array

$_delete_args

$_delete_args : array

The arguments for the DELETE request method

Type

array

$_patch_args

$_patch_args : array

The arguments for the PATCH request method

Type

array

$_head_args

$_head_args : array

The arguments for the HEAD request method

Type

array

$_options_args

$_options_args : array

The arguments for the OPTIONS request method

Type

array

$_query_args

$_query_args : array

The arguments for the query parameters

Type

array

$_args

$_args : array

The arguments from GET, POST, PUT, DELETE, PATCH, HEAD and OPTIONS request methods combined

Type

array

$_insert_id

$_insert_id : string

The insert_id of the log entry (if we have one)

Type

string

$_allow

$_allow : boolean

If the request is allowed based on the API key provided

Type

boolean

$_user_ldap_dn

$_user_ldap_dn : string

The LDAP Distinguished Name of the User post authentication

Type

string

$_start_rtime

$_start_rtime : string

The start of the response time from the server

Type

string

$_end_rtime

$_end_rtime : string

The end of the response time from the server

Type

string

$_supported_formats

$_supported_formats : array

List all supported methods, the first will be the default format

Type

array

$_apiuser

$_apiuser : object

Information about the current API user

Type

object

$check_cors

$check_cors : boolean

Whether or not to perform a CORS check and apply CORS headers to the request

Type

boolean

$_enable_xss

$_enable_xss : boolean

Enable XSS flag Determines whether the XSS filter is always active when GET, OPTIONS, HEAD, POST, PUT, DELETE and PATCH data is encountered Set automatically based on config setting

Type

boolean

$http_status_codes

$http_status_codes : array

HTTP status codes and their respective description Note: Only the widely used HTTP status codes are used

Type

array

Methods

__construct()

__construct(string  $config = 'rest') : void

Constructor for the REST API

Parameters

string $config

Configuration filename minus the file extension e.g: my_rest.php is passed as 'my_rest'

__destruct()

__destruct() : void

Deconstructor

_remap()

_remap(string  $object_called, array  $arguments = array()) 

Requests are not made to methods directly, the request will be for an "object". This simply maps the object and method to the correct Controller method

Parameters

string $object_called
array $arguments

The arguments passed to the controller method

response()

response(array|NULL  $data = NULL, integer|NULL  $http_code = NULL, boolean  $continue = FALSE) 

Takes mixed data and optionally a status code, then creates the response

Parameters

array|NULL $data

Data to output to the user

integer|NULL $http_code

HTTP status code

boolean $continue

TRUE to flush the response to the client and continue running the script; otherwise, exit

set_response()

set_response(array|NULL  $data = NULL, integer|NULL  $http_code = NULL) 

Takes mixed data and optionally a status code, then creates the response within the buffers of the Output class. The response is sent to the client lately by the framework, after the current controller's method termination.

All the hooks after the controller's method termination are executable

Parameters

array|NULL $data

Data to output to the user

integer|NULL $http_code

HTTP status code

get()

get(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a GET request

Parameters

NULL $key

Key to retrieve from the GET request If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the GET request; otherwise, NULL

options()

options(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a OPTIONS request

Parameters

NULL $key

Key to retrieve from the OPTIONS request. If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the OPTIONS request; otherwise, NULL

head()

head(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a HEAD request

Parameters

NULL $key

Key to retrieve from the HEAD request If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the HEAD request; otherwise, NULL

post()

post(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a POST request

Parameters

NULL $key

Key to retrieve from the POST request If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the POST request; otherwise, NULL

put()

put(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a PUT request

Parameters

NULL $key

Key to retrieve from the PUT request If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the PUT request; otherwise, NULL

delete()

delete(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a DELETE request

Parameters

NULL $key

Key to retrieve from the DELETE request If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the DELETE request; otherwise, NULL

patch()

patch(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from a PATCH request

Parameters

NULL $key

Key to retrieve from the PATCH request If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the PATCH request; otherwise, NULL

query()

query(NULL  $key = NULL, NULL  $xss_clean = NULL) : array|string|NULL

Retrieve a value from the query parameters

Parameters

NULL $key

Key to retrieve from the query parameters If NULL an array of arguments is returned

NULL $xss_clean

Whether to apply XSS filtering

Returns

array|string|NULL —

Value from the query parameters; otherwise, NULL

validation_errors()

validation_errors() : array

Retrieve the validation errors

Returns

array

early_checks()

early_checks() : void

Extend this function to apply additional checking early on in the process

preflight_checks()

preflight_checks() : \Exception

Checks to see if we have everything we need to run this library.

Returns

\Exception

_detect_input_format()

_detect_input_format() : string|NULL

Get the input format e.g. json or xml

Returns

string|NULL —

Supported input format; otherwise, NULL

_get_default_output_format()

_get_default_output_format() : string

Gets the default format from the configuration. Fallbacks to 'json' if the corresponding configuration option $config['rest_default_format'] is missing or is empty

Returns

string —

The default supported input format

_detect_output_format()

_detect_output_format() : mixed|NULL|string

Detect which format should be used to output the data

Returns

mixed|NULL|string —

Output format

_detect_method()

_detect_method() : string|NULL

Get the HTTP request string e.g. get or post

Returns

string|NULL —

Supported request method as a lowercase string; otherwise, NULL if not supported

_detect_api_key()

_detect_api_key() : boolean

See if the user has provided an API key

Returns

boolean

_detect_lang()

_detect_lang() : string|NULL

Preferred return language

Returns

string|NULL —

The language code

_log_request()

_log_request(boolean  $authorized = FALSE) : boolean

Add the request to the log table

Parameters

boolean $authorized

TRUE the user is authorized; otherwise, FALSE

Returns

boolean —

TRUE the data was inserted; otherwise, FALSE

_check_limit()

_check_limit(string  $controller_method) : boolean

Check if the requests to a controller method exceed a limit

Parameters

string $controller_method

The method being called

Returns

boolean —

TRUE the call limit is below the threshold; otherwise, FALSE

_auth_override_check()

_auth_override_check() : boolean

Check if there is a specific auth type set for the current class/method/HTTP-method being called

Returns

boolean

_parse_get()

_parse_get() : void

Parse the GET request arguments

_parse_post()

_parse_post() : void

Parse the POST request arguments

_parse_put()

_parse_put() : void

Parse the PUT request arguments

_parse_head()

_parse_head() : void

Parse the HEAD request arguments

_parse_options()

_parse_options() : void

Parse the OPTIONS request arguments

_parse_patch()

_parse_patch() : void

Parse the PATCH request arguments

_parse_delete()

_parse_delete() : void

Parse the DELETE request arguments

_parse_query()

_parse_query() : void

Parse the query parameters

_xss_clean()

_xss_clean(string  $value, boolean  $xss_clean) : string

Sanitizes data so that Cross Site Scripting Hacks can be prevented

Parameters

string $value

Input data

boolean $xss_clean

Whether to apply XSS filtering

Returns

string

_perform_ldap_auth()

_perform_ldap_auth(string  $username = '', string  $password = NULL) : boolean

Perform LDAP Authentication

Parameters

string $username

The username to validate

string $password

The password to validate

Returns

boolean

_perform_library_auth()

_perform_library_auth(string  $username = '', string  $password = NULL) : boolean

Perform Library Authentication - Override this function to change the way the library is called

Parameters

string $username

The username to validate

string $password

The password to validate

Returns

boolean

_check_login()

_check_login(string  $username = NULL, boolean|string  $password = FALSE) : boolean

Check if the user is logged in

Parameters

string $username

The user's name

boolean|string $password

The user's password

Returns

boolean

_check_php_session()

_check_php_session() : void

Check to see if the user is logged in with a PHP session key

_prepare_basic_auth()

_prepare_basic_auth() : void

Prepares for basic authentication

_prepare_digest_auth()

_prepare_digest_auth() : void

Prepares for digest authentication

_check_blacklist_auth()

_check_blacklist_auth() : void

Checks if the client's ip is in the 'rest_ip_blacklist' config and generates a 401 response

_check_whitelist_auth()

_check_whitelist_auth() : void

Check if the client's ip is in the 'rest_ip_whitelist' config and generates a 401 response

_force_login()

_force_login(string  $nonce = '') : void

Force logging in by setting the WWW-Authenticate header

Parameters

string $nonce

A server-specified data string which should be uniquely generated each time

_log_access_time()

_log_access_time() : boolean

Updates the log table with the total access time

Returns

boolean —

TRUE log table updated; otherwise, FALSE

_log_response_code()

_log_response_code(  $http_code) : boolean

Updates the log table with HTTP response code

Parameters

$http_code

int HTTP status code

Returns

boolean —

TRUE log table updated; otherwise, FALSE

_check_access()

_check_access() : boolean

Check to see if the API key has access to the controller and methods

Returns

boolean —

TRUE the API key has access; otherwise, FALSE

_check_cors()

_check_cors() : void

Checks allowed domains, and adds appropriate headers for HTTP access control (CORS)