XOOPS  2.6.0
Request.php
Go to the documentation of this file.
1 <?php
2 /*
3  You may not change or alter any portion of this comment or credits
4  of supporting developers from this source code or any supporting source code
5  which is considered copyrighted (c) material of the original comment or credit authors.
6 
7  This program is distributed in the hope that it will be useful,
8  but WITHOUT ANY WARRANTY; without even the implied warranty of
9  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10  */
11 
12 namespace Xoops\Core;
13 
15 
34 class Request
35 {
36 
40  const NOTRIM = 1;
41  const ALLOWRAW = 2;
42  const ALLOWHTML = 4;
43 
49  public static function getMethod()
50  {
51  $method = strtoupper($_SERVER['REQUEST_METHOD']);
52 
53  return $method;
54  }
55 
85  public static function getVar($name, $default = null, $hash = 'default', $type = 'none', $mask = 0)
86  {
87  // Ensure hash and type are uppercase
88  $hash = strtoupper($hash);
89  if ($hash === 'METHOD') {
90  $hash = self::getMethod();
91  }
92  $type = strtoupper($type);
93 
94  // Get the input hash
95  switch ($hash) {
96  case 'GET':
97  $input = &$_GET;
98  break;
99  case 'POST':
100  $input = &$_POST;
101  break;
102  case 'FILES':
103  $input = &$_FILES;
104  break;
105  case 'COOKIE':
106  $input = &$_COOKIE;
107  break;
108  case 'ENV':
109  $input = &$_ENV;
110  break;
111  case 'SERVER':
112  $input = &$_SERVER;
113  break;
114  default:
115  $input = &$_REQUEST;
116  $hash = 'REQUEST';
117  break;
118  }
119 
120  if (isset($input[$name]) && $input[$name] !== null) {
121  // Get the variable from the input hash and clean it
122  $var = self::cleanVar($input[$name], $mask, $type);
123 
124  // Handle magic quotes compatability
125  if (get_magic_quotes_gpc() && ($var != $default) && ($hash != 'FILES')) {
126  $var = self::stripSlashesRecursive($var);
127  }
128  } else {
129  if ($default !== null) {
130  // Clean the default value
131  $var = self::cleanVar($default, $mask, $type);
132  } else {
133  $var = $default;
134  }
135  }
136 
137  return $var;
138  }
139 
153  public static function getInt($name, $default = 0, $hash = 'default')
154  {
155  return self::getVar($name, $default, $hash, 'int');
156  }
157 
171  public static function getFloat($name, $default = 0.0, $hash = 'default')
172  {
173  return self::getVar($name, $default, $hash, 'float');
174  }
175 
189  public static function getBool($name, $default = false, $hash = 'default')
190  {
191  return self::getVar($name, $default, $hash, 'bool');
192  }
193 
207  public static function getWord($name, $default = '', $hash = 'default')
208  {
209  return self::getVar($name, $default, $hash, 'word');
210  }
211 
225  public static function getCmd($name, $default = '', $hash = 'default')
226  {
227  return self::getVar($name, $default, $hash, 'cmd');
228  }
229 
244  public static function getString($name, $default = '', $hash = 'default', $mask = 0)
245  {
246  // Cast to string, in case self::ALLOWRAW was specified for mask
247  return (string) self::getVar($name, $default, $hash, 'string', $mask);
248  }
249 
259  public static function getArray($name, $default = array(), $hash = 'default')
260  {
261  return self::getVar($name, $default, $hash, 'array');
262  }
263 
273  public static function getText($name, $default = '', $hash = 'default')
274  {
275  return (string) self::getVar($name, $default, $hash, 'string', self::ALLOWRAW);
276  }
277 
287  public static function getUrl($name, $default = '', $hash = 'default')
288  {
289  return (string) self::getVar($name, $default, $hash, 'weburl');
290  }
291 
301  public static function getPath($name, $default = '', $hash = 'default')
302  {
303  return (string) self::getVar($name, $default, $hash, 'path');
304  }
305 
315  public static function getEmail($name, $default = '', $hash = 'default')
316  {
317  $ret = (string) self::getVar($name, $default, $hash, 'email');
318  return empty($ret) ? $default : $ret;
319  }
320 
330  public static function getIP($name, $default = '', $hash = 'default')
331  {
332  $ret = (string) self::getVar($name, $default, $hash, 'ip');
333  return empty($ret) ? $default : $ret;
334  }
335 
346  public static function setVar($name, $value = null, $hash = 'method', $overwrite = true)
347  {
348  $hash = strtoupper($hash);
349  if ($hash === 'METHOD') {
350  $hash = strtoupper($_SERVER['REQUEST_METHOD']);
351  }
352 
353  // Get the requested hash and determine existing value
354  $original = self::get($hash, self::ALLOWRAW);
355  if (isset($original[$name])) {
356  $previous = $original[$name];
357  // don't overwrite value unless asked
358  if (!$overwrite) {
359  return $previous;
360  }
361  } else {
362  $previous = null;
363  }
364 
365  // set the value
366  switch ($hash) {
367  case 'GET':
368  $_GET[$name] = $value;
369  $_REQUEST[$name] = $value;
370  break;
371  case 'POST':
372  $_POST[$name] = $value;
373  $_REQUEST[$name] = $value;
374  break;
375  case 'REQUEST':
376  $_REQUEST[$name] = $value;
377  break;
378  case 'COOKIE':
379  $_COOKIE[$name] = $value;
380  $_REQUEST[$name] = $value;
381  break;
382  case 'FILES':
383  $_FILES[$name] = $value;
384  break;
385  case 'ENV':
386  $_ENV['name'] = $value;
387  break;
388  case 'SERVER':
389  $_SERVER['name'] = $value;
390  break;
391  }
392 
393  return $previous;
394  }
395 
419  public static function get($hash = 'default', $mask = 0)
420  {
421  $hash = strtoupper($hash);
422 
423  if ($hash === 'METHOD') {
424  $hash = strtoupper($_SERVER['REQUEST_METHOD']);
425  }
426 
427  switch ($hash) {
428  case 'GET':
429  $input = $_GET;
430  break;
431  case 'POST':
432  $input = $_POST;
433  break;
434  case 'FILES':
435  $input = $_FILES;
436  break;
437  case 'COOKIE':
438  $input = $_COOKIE;
439  break;
440  case 'ENV':
441  $input = &$_ENV;
442  break;
443  case 'SERVER':
444  $input = &$_SERVER;
445  break;
446  default:
447  $input = $_REQUEST;
448  break;
449  }
450 
451  // Handle magic quotes compatability
452  if (get_magic_quotes_gpc() && ($hash != 'FILES')) {
453  $input = self::stripSlashesRecursive($input);
454  }
455 
456  $result = self::cleanVars($input, $mask);
457 
458  return $result;
459  }
460 
470  public static function set($array, $hash = 'default', $overwrite = true)
471  {
472  foreach ($array as $key => $value) {
473  self::setVar($key, $value, $hash, $overwrite);
474  }
475  }
476 
492  private static function cleanVar($var, $mask = 0, $type = null)
493  {
494  // Static input filters for specific settings
495  static $noHtmlFilter = null;
496  static $safeHtmlFilter = null;
497 
498  // convert $var in array if $type is ARRAY
499  if (strtolower($type) == 'array' && !is_array($var)) {
500  $var = array($var);
501  }
502 
503  // If the no trim flag is not set, trim the variable
504  if (!($mask & 1) && is_string($var)) {
505  $var = trim($var);
506  }
507 
508  // Now we handle input filtering
509  if ($mask & 2) {
510  // If the allow raw flag is set, do not modify the variable
511  } else {
512  if ($mask & 4) {
513  // If the allow html flag is set, apply a safe html filter to the variable
514  if (is_null($safeHtmlFilter)) {
515  $safeHtmlFilter = FilterInput::getInstance(null, null, 1, 1);
516  }
517  $var = $safeHtmlFilter->clean($var, $type);
518  } else {
519  // Since no allow flags were set, we will apply the most strict filter to the variable
520  if (is_null($noHtmlFilter)) {
521  $noHtmlFilter = FilterInput::getInstance();
522  }
523  $var = $noHtmlFilter->clean($var, $type);
524  }
525  }
526 
527  return $var;
528  }
529 
539  private static function cleanVars($var, $mask = 0, $type = null)
540  {
541  if (is_string($var)) {
542  $var = self::cleanVar($var, $mask, $type);
543  } else {
544  foreach ($var as $key => &$value) {
545  $value = self::cleanVars($value, $mask, $type);
546  }
547  }
548 
549  return $var;
550  }
551 
552 
560  private static function stripSlashesRecursive($value)
561  {
562  $value = is_array($value) ? array_map(array('Xoops\Core\Request', 'stripSlashesRecursive'), $value)
563  : stripslashes($value);
564 
565  return $value;
566  }
567 }
static getCmd($name, $default= '', $hash= 'default')
Definition: Request.php:225
static cleanVars($var, $mask=0, $type=null)
Definition: Request.php:539
static getWord($name, $default= '', $hash= 'default')
Definition: Request.php:207
static getInstance($tagsArray=array(), $attrArray=array(), $tagsMethod=0, $attrMethod=0, $xssAuto=1)
static getFloat($name, $default=0.0, $hash= 'default')
Definition: Request.php:171
$result
Definition: pda.php:33
$_SERVER['REQUEST_URI']
static getVar($name, $default=null, $hash= 'default', $type= 'none', $mask=0)
Definition: Request.php:85
static cleanVar($var, $mask=0, $type=null)
Definition: Request.php:492
static set($array, $hash= 'default', $overwrite=true)
Definition: Request.php:470
static getPath($name, $default= '', $hash= 'default')
Definition: Request.php:301
static getMethod()
Definition: Request.php:49
static getText($name, $default= '', $hash= 'default')
Definition: Request.php:273
static getInt($name, $default=0, $hash= 'default')
Definition: Request.php:153
$type
Definition: misc.php:33
static getEmail($name, $default= '', $hash= 'default')
Definition: Request.php:315
static stripSlashesRecursive($value)
Definition: Request.php:560
static getString($name, $default= '', $hash= 'default', $mask=0)
Definition: Request.php:244
$var
Definition: userinfo.php:125
static setVar($name, $value=null, $hash= 'method', $overwrite=true)
Definition: Request.php:346
static getIP($name, $default= '', $hash= 'default')
Definition: Request.php:330
static getUrl($name, $default= '', $hash= 'default')
Definition: Request.php:287
static getArray($name, $default=array(), $hash= 'default')
Definition: Request.php:259
static getBool($name, $default=false, $hash= 'default')
Definition: Request.php:189