VerbFilter
VerbFilter is a filter for HTTP request methods. Its function is to define the allowed access to specified actions. HTTP request, if an HTTP request that is not allowed comes, an HTTP 405 error will be thrown. If you do not specify the allowed request method, all types of request methods are allowed by default. (Recommended learning: yii tutorial)
Next, try the simple use of VerbFilter.
First, add the code in SiteController
public function actionInfo()
{
return \Yii::createObject([
'class' => 'yii\web\Response',
'format' => \yii\web\Response::FORMAT_JSON,
'data' => [
'message' => 'hello world',
'code' => 100,
],
]);
}The above code returns a string formatted using FORMAT_JSON
Use URL: http://localhost/basic/web/index.php?r=site/info When accessing, it returns successfully
{"message":"hello world","code":100}Then, add the code in behaviors()
public function behaviors()
{
return [
... ...
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
'info' => ['post'],
],
],
];
}The above code uses the filter VerbFilter in behaviors(), which indicates that when accessing the action info, only the POST request method can be used.
At this time, use the RESTClient tool and select the GET request method for access. time, a 405 error is returned
Modify the code again
public function behaviors()
{
return [
... ...
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
'info' => ['post','get'],
],
],
];
}Allow POST and GET two request methods to access the action Info, use the RESTClient tool to access, and obtain the return value when selecting the GET request method for access.
{"message":"hello world","code":100}At this time, use the tool RESTClient to send the request through post and return a 405 error.
At this time, modify the web.php file
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => '4mWc84oNsYJpc-nnnjMwyOOiCTgcThig',
'enableCookieValidation' => false,
'enableCsrfValidation' => false,
],Add these two lines of code to police cookie protection and CSRF prevention strategies
'enableCookieValidation' => false, 'enableCsrfValidation' => false,
Send a request for access through post again, success.
Note: CSRF verification
Because when the Web page is accessed, there will be a corresponding hidden input:_csrf in the form for verification. Only when the verification is passed can the process proceed normally. Access;
rather than web page access (not through a web form, such as command line CURL request) cannot pass csrf verification.
The above is the detailed content of How to process http requests in yii2. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
What are Yii asset bundles, and what is their purpose?
Jul 07, 2025 am 12:06 AM
YiiassetbundlesorganizeandmanagewebassetslikeCSS,JavaScript,andimagesinaYiiapplication.1.Theysimplifydependencymanagement,ensuringcorrectloadorder.2.Theypreventduplicateassetinclusion.3.Theyenableenvironment-specifichandlingsuchasminification.4.Theyp
How do I render a view from a controller?
Jul 07, 2025 am 12:09 AM
In the MVC framework, the mechanism for the controller to render views is based on the naming convention and allows explicit overwriting. If redirection is not explicitly indicated, the controller will automatically find a view file with the same name as the action for rendering. 1. Make sure that the view file exists and is named correctly. For example, the view path corresponding to the action show of the controller PostsController should be views/posts/show.html.erb or Views/Posts/Show.cshtml; 2. Use explicit rendering to specify different templates, such as render'custom_template' in Rails and view('posts.custom_template') in Laravel
How do I save data to the database using Yii models?
Jul 05, 2025 am 12:36 AM
When saving data to the database in the Yii framework, it is mainly implemented through the ActiveRecord model. 1. Creating a new record requires instantiation of the model, loading the data and verifying it before saving; 2. Updating the record requires querying the existing data before assignment; 3. When using the load() method for batch assignment, security attributes must be marked in rules(); 4. When saving associated data, transactions should be used to ensure consistency. The specific steps include: instantiating the model and filling the data with load(), calling validate() verification, and finally performing save() persistence; when updating, first obtaining records and then assigning values; when sensitive fields are involved, massassignment should be restricted; when saving the associated model, beginTran should be combined
How do I create a basic route in Yii?
Jul 09, 2025 am 01:15 AM
TocreateabasicrouteinYii,firstsetupacontrollerbyplacingitinthecontrollersdirectorywithpropernamingandclassdefinitionextendingyii\web\Controller.1)Createanactionwithinthecontrollerbydefiningapublicmethodstartingwith"action".2)ConfigureURLstr
How do I create custom actions in a Yii controller?
Jul 12, 2025 am 12:35 AM
The method of creating custom operations in Yii is to define a common method starting with an action in the controller, optionally accept parameters; then process data, render views, or return JSON as needed; and finally ensure security through access control. The specific steps include: 1. Create a method prefixed with action; 2. Set the method to public; 3. Can receive URL parameters; 4. Process data such as querying the model, processing POST requests, redirecting, etc.; 5. Use AccessControl or manually checking permissions to restrict access. For example, actionProfile($id) can be accessed via /site/profile?id=123 and renders the user profile page. The best practice is
Yii Developer: Roles, Responsibilities, and Skills Required
Jul 12, 2025 am 12:11 AM
AYiidevelopercraftswebapplicationsusingtheYiiframework,requiringskillsinPHP,Yii-specificknowledge,andwebdevelopmentlifecyclemanagement.Keyresponsibilitiesinclude:1)Writingefficientcodetooptimizeperformance,2)Prioritizingsecuritytoprotectapplications,
Yii Developer Job Description: Key Responsibilities and Qualifications
Jul 11, 2025 am 12:13 AM
AYiideveloper'skeyresponsibilitiesincludedesigningandimplementingfeatures,ensuringapplicationsecurity,andoptimizingperformance.QualificationsneededareastronggraspofPHP,experiencewithfront-endtechnologies,databasemanagementskills,andproblem-solvingabi
How do I use the ActiveRecord pattern in Yii?
Jul 09, 2025 am 01:08 AM
TouseActiveRecordinYiieffectively,youcreateamodelclassforeachtableandinteractwiththedatabaseusingobject-orientedmethods.First,defineamodelclassextendingyii\db\ActiveRecordandspecifythecorrespondingtablenameviatableName().Youcangeneratemodelsautomatic
