Added Request::spoofed method.

5bb5adcf · Taylor Otwell · d0fafd13 · 5bb5adcf
Commit 5bb5adcf authored Jul 08, 2011 by Taylor Otwell
Show whitespace changes
Inline Side-by-side

Showing with 14 additions and 4 deletions

request.php system/request.php +14 -4

No files found.
--- a/system/request.php
+++ b/system/request.php
@@ -69,14 +69,24 @@ class Request {
 	/**
 	 * Get the request method.
 	 *
-	 * The request method may be spoofed if a hidden "REQUEST_METHOD" POST element 
-	 * is present, allowing HTML forms to simulate PUT and DELETE requests.
-	 *
 	 * @return string
 	 */
 	public static function method()
 	{
-		return (array_key_exists('REQUEST_METHOD', $_POST)) ? $_POST['REQUEST_METHOD'] : $_SERVER['REQUEST_METHOD'];
+		return (static::spoofed()) ? $_POST['REQUEST_METHOD'] : $_SERVER['REQUEST_METHOD'];
+	}
+
+	/**
+	 * Determine if the request method is being spoofed by a hidden Form element.
+	 *
+	 * Hidden form elements are used to spoof PUT and DELETE requests since
+	 * they are not supported by HTML forms.
+	 *
+	 * @return bool
+	 */
+	public static function spoofed()
+	{
+		return array_key_exists('REQUEST_METHOD', $_POST);
 	}

 	/**