Changeset 4578 for trunk/core/httprequest.core.php

Timestamp:

08/15/10 18:45:12 (22 months ago)

Author:

vain

Message:

• several changes to copyright, router, bootstrap, frontcontroller and various other files

File:

• trunk/core/httprequest.core.php (modified) (30 diffs)

trunk/core/httprequest.core.php

@@ -24 +24 @@
     *
     * @license    GNU/GPL v2 or (at your option) any later version, see "/doc/LICENSE".
-    *
     * @author     Jens-André Koch <vain@clansuite.com>
-    * @copyright  Jens-André Koch (2005 - onwards)
-    *
+    * @copyright  Copyleft: All rights reserved. Jens-André Koch (2005 - onwards)
     * @link       http://www.clansuite.com
-    * @link       http://gna.org/projects/clansuite
-    *
+    * 
     * @version    SVN: $Id$
     */
@@ -51 +48 @@
     # Parameters
     public function getParameterNames();
-    public function issetParameter($parametername, $parameterArrayName = 'POST', $where = false);
-    public function getParameter($parametername, $parameterArrayName = 'POST');
+    public function issetParameter($name, $arrayname = 'POST', $where = false);
+    public function getParameter($name, $arrayname = 'POST');
     public static function getHeader($name);
-    public function getCookie($name);
+
+    # Direct Access to individual Parameters Arrays
+    public function getParameterFromCookie($name);
+    public function getParameterFromGet($name);
+    public function getParameterFromPost($name);
+    public function getParameterFromServer($name);
 
     # Request Method
     public static function getRequestMethod();
     public static function setRequestMethod($method);
+    public static function isAjax();
+    public static function isPost();
+    public static function isGet();
+    public static function isPut();
+    public static function isDelete();
 
     # $_SERVER Stuff
@@ -80 +87 @@
 {
     /**
-     * @var array Contains the cleaned $_POST Parameters
+     * @var array Contains the cleaned $_POST Parameters.
      */
     private $post_parameters;
 
     /**
-     * @var array Contains the cleaned $_GET Parameters
+     * @var array Contains the cleaned $_GET Parameters.
      */
     private $get_parameters;
 
     /**
-     * @var array Contains the cleaned $_COOKIE Parameters
+     * @var array Contains the cleaned $_COOKIE Parameters.
      */
     private $cookie_parameters;
@@ -107 +114 @@
      * @var boolean for magic_quotes_gpc
      */
-    private $magic_quotes_gpc;
+    private static $magic_quotes_gpc;
+
+    /**
+     * @var object Object with pieces of informations about the target route.
+     */
+    private static $route;
 
     /**
@@ -129 +141 @@
         if ((bool) ini_get('register_globals') and mb_strtolower(ini_get('register_globals')) != 'off')
         {
-            $this->cleanGlobals();
+            self::cleanGlobals();
         }
 
@@ -138 +150 @@
         if ( 1 == get_magic_quotes_gpc() )
         {
-            $this->magic_quotes_gpc = true;
-            $this->fix_magic_quotes();
+            self::$magic_quotes_gpc = true;
+            self::fix_magic_quotes();
             ini_set('magic_quotes_gpc', 0);
         }
@@ -146 +158 @@
          *  3) Additional Security Checks
          */
-        # Block Proxies
-        Clansuite_DoorKeeper::blockProxies();
+        # Clansuite_DoorKeeper::blockProxies();
+
+        # block XSS
+        $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
+        $_SERVER['QUERY_STRING'] = htmlspecialchars($_SERVER['QUERY_STRING']);
 
         /**
-         *  4) Clear Array, Filter and Assign the $_REQUEST Global to it
+         *  4) Init Parameter Arrays and Assign the GLOBALS
          */
 
@@ -158 +173 @@
         $this->cookie_parameters    = array();
 
-        # Sanitize
-        $this->sanitizeRequest();
-
-        # Assign the GLOBALS $_REQUEST, $_GET, $_POST, $_COOKIE
+        # Assign the GLOBALS $_GET, $_POST, $_COOKIE
         $this->get_parameters     = $_GET;
         $this->post_parameters    = $_POST;
@@ -177 +189 @@
      * @return boolean true | false
      */
-    public function isGet()
-    {
-        if($this->requestMethod == 'GET')
+    public static function isGet()
+    {
+        if(self::$requestMethod == 'GET')
         {
             return true;
@@ -191 +203 @@
      * @return boolean true | false
      */
-    public function isPost()
-    {
-        if($this->requestMethod == 'POST')
+    public static function isPost()
+    {
+        if(self::$requestMethod == 'POST')
         {
             return true;
@@ -205 +217 @@
      * @return boolean true | false
      */
-    public function isPut()
-    {
-        if($this->requestMethod == 'PUT')
+    public static function isPut()
+    {
+        if(self::$requestMethod == 'PUT')
         {
             return true;
@@ -219 +231 @@
      * @return boolean true | false
      */
-    public function isDelete()
-    {
-        if($this->requestMethod == 'DELETE')
+    public static function isDelete()
+    {
+        if(self::$requestMethod == 'DELETE')
         {
             return true;
@@ -232 +244 @@
      * Defaults to Request parameters array
      *
-     * @param string $parameterArrayName R, G, P, C (REQUEST, GET, POST, COOKIE)
+     * @param string $arrayname GET, POST, COOKIE
      * @return array
      */
-    public function getParameterNames($parameterArrayName = 'REQUEST')
-    {
-        $parameterArrayName = mb_strtoupper($parameterArrayName);
-
-        if(in_array($parameterArrayName, $this->{mb_strtolower($parameterArrayName).'_arraynames'}))
-        {
-            return array_keys($this->{mb_strtolower($parameterArrayName).'_parameters'});
+    public function getParameterNames($arrayname = 'GET')
+    {
+        $arrayname = mb_strtoupper($arrayname);
+
+        if(in_array($arrayname, $this->{mb_strtolower($arrayname).'_arraynames'}))
+        {
+            return array_keys($this->{mb_strtolower($arrayname).'_parameters'});
         }
         else
@@ -252 +264 @@
      * isset, checks if a certain parameter exists in the parameters array
      *
-     * @param string $parametername Name of the Parameter
-     * @param string $parameterArrayName G, P, C. Default = POST.
+     * @param string $name Name of the Parameter
+     * @param string $arrayname G, P, C. Default = POST.
      * @param boolean $where If set to true, method will return the name of the array the parameter was found in.
      * @return mixed | boolean true|false | string arrayname
      */
-    public function issetParameter($parametername, $parameterArrayName = 'POST', $where = false)
-    {
-        $parameterArrayName = mb_strtoupper($parameterArrayName);
-
-        if(in_array($parameterArrayName, array ('P', 'POST')) and isset($this->post_parameters[$parametername]))
+    public function issetParameter($name, $arrayname = 'POST', $where = false)
+    {
+        $arrayname = mb_strtoupper($arrayname);
+
+        if(in_array($arrayname, array ('P', 'POST')) and isset($this->post_parameters[$name]))
         {
             if($where == false)
@@ -273 +285 @@
         }
 
-        if(in_array($parameterArrayName, array ('G', 'GET')) and isset($this->get_parameters[$parametername]))
+        if(in_array($arrayname, array ('G', 'GET')) and isset($this->get_parameters[$name]))
         {
             if($where == false)
@@ -285 +297 @@
         }
 
-        if(in_array($parameterArrayName, array ('C', 'COOKIE')) and isset($this->cookie_parameters[$parametername]))
+        if(in_array($arrayname, array ('C', 'COOKIE')) and isset($this->cookie_parameters[$name]))
         {
             if($where == false)
@@ -303 +315 @@
      * get, returns a certain parameter if existing
      *
-     * @param string $parametername Name of the Parameter
-     * @param string $parameterArrayName G, P, C. Default = POST.
+     * @param string $name Name of the Parameter
+     * @param string $arrayname G, P, C. Default = POST.
      * @param string $default You can set a default value. It's returned if parametername was not found.
      *
      * @return mixed data | null
      */
-    public function getParameter($parametername, $parameterArrayName = 'POST', $default = null)
+    public function getParameter($name, $arrayname = 'POST', $default = null)
     {
         /**
-         * check if the parameter exists in $parameterArrayName
+         * check if the parameter exists in $arrayname
          * the third property of issetParameter is set to true, so that we get the full and correct array name back
-         * even if shortcut like R, G, P or C ($parameterArrayName) was used.
+         * even if shortcut like G, P or C ($arrayname) was used.
          */
-        $parameter_array = $this->issetParameter($parametername, $parameterArrayName, true);
+        $parameter_array = $this->issetParameter($name, $arrayname, true);
 
         /**
@@ -324 +336 @@
         {
             # this returns a value from the parameterarray
-            return $this->{mb_strtolower($parameter_array).'_parameters'}[$parametername];
+            return $this->{mb_strtolower($parameter_array).'_parameters'}[$name];
         }
         elseif($default !== null)
@@ -340 +352 @@
      * set, returns a certain parameter if existing
      *
-     * @param string $parametername Name of the Parameter
-     * @param string $parameterArrayName G, P, C. Default = POST.
+     * @param string $name Name of the Parameter
+     * @param string $arrayname G, P, C. Default = POST.
      * @return mixed data | null
      */
-    public function setParameter($parametername, $parameterArrayName = 'POST')
-    {
-        if(true == $this->issetParameter($parametername, $parameterArrayName))
-        {
-            return $this->{mb_strtolower($parameterArrayName).'_parameters'}[$parametername];
+    public function setParameter($name, $arrayname = 'POST')
+    {
+        if(true == $this->issetParameter($name, $arrayname))
+        {
+            return $this->{mb_strtolower($arrayname).'_parameters'}[$name];
         }
         else
@@ -359 +371 @@
      * Shortcut to get a Parameter from $_POST
      *
-     * @param string $parametername Name of the Parameter
+     * @param string $name Name of the Parameter
      * @return mixed data | null
      */
-    public function getParameterFromPost($parametername)
-    {
-        return $this->getParameter($parametername, 'POST');
+    public function getParameterFromPost($name)
+    {
+        return $this->getParameter($name, 'POST');
     }
 
@@ -370 +382 @@
      * Shortcut to get a Parameter from $_GET
      *
-     * @param string $parametername Name of the Parameter
+     * @param string $name Name of the Parameter
      * @return mixed data | null
      */
-    public function getParameterFromGet($parametername)
-    {
-        return $this->getParameter($parametername, 'GET');
+    public function getParameterFromGet($name)
+    {
+        return $this->getParameter($name, 'GET');
     }
 
@@ -381 +393 @@
      * Shortcut to get a Parameter from $_SERVER
      *
-     * @param string $parametername Name of the Parameter
+     * @param string $name Name of the Parameter
      * @return mixed data | null
      */
-    public function getParameterFromServer($parametername)
-    {
-        if (in_array($parametername, array_keys($_SERVER)))
-        {
-            return $_SERVER[$parametername];
+    public function getParameterFromServer($name)
+    {
+        if (in_array($name, array_keys($_SERVER)))
+        {
+            return $_SERVER[$name];
         }
         else
         {
             return null;
+        }
+    }
+
+    /**
+     * Get previously set cookies.
+     *
+     * @param string $name Name of the Cookie
+     * @return Returns an associative array containing any previously set cookies.
+     */
+    public function getParameterFromCookie($name)
+    {
+        if(isset($this->cookie_parameters[$name]) == true)
+        {
+            return $this->cookie_parameters($name);
         }
     }
@@ -405 +431 @@
     {
         $name = 'HTTP_' . mb_strtoupper(str_replace('-','_', $name));
+
         if (isset($_SERVER[$name]))
         {
             return $_SERVER[$name];
         }
+
         return null;
     }
@@ -417 +445 @@
      *
      * @todo check $_SERVER['SSL_PROTOCOL'] + $_SERVER['HTTP_X_FORWARD_PROTO']?
+     * @todo check -> or $_SERVER['SSL_PROTOCOL']
+     *
      * @return string
      */
     public static function getServerProtocol()
     {
-        if(self::isSecure()) # @todo check -> or $_SERVER['SSL_PROTOCOL']
+        if(self::isSecure())
         {
              return 'https://';
@@ -646 +676 @@
     }
 
+    /**
+     * Get Route
+     *
+     * @return TargetRoute Container
+     */
+    public static function getRoute()
+    {
+        return self::$route;
+    }
+
+    /**
+     * Set Route
+     *
+     * @param $route The route container.
+     */
+    public static function setRoute($route)
+    {
+        self::$route = $route;
+    }
 
     /**
@@ -726 +775 @@
 
     /**
-     * Get previously set cookies.
-     *
-     * @param string $name Name of the Cookie
-     * @return Returns an associative array containing any previously set cookies.
-     */
-    public function getCookie($name)
-    {
-        if(isset($this->cookie_parameters[$name]) == true)
-        {
-            return $this->cookie_parameters($name);
-        }
-    }
-
-    /**
-     * Checks if a ajax-request is given, by checking
-     * X-Requested-With Header for xmlhttprequest.
+     * Checks if a ajax(xhr)-request is given,
+     * by checking X-Requested-With Header for xmlhttprequest.
      *
      * @return bool
      */
-    public function isXhr()
+    public static function isAjax()
     {
         if(isset($_SERVER['X-Requested-With']) and mb_strtolower($_SERVER['X-Requested-With']) === 'xmlhttprequest')
@@ -759 +794 @@
             return false;
         }
-    }
-
-    /**
-     * Shorthand for isXhr()
-     *
-     * @return boolean
-     */
-    public function isAjax()
-    {
-        return $this->isXhr();
     }
 
@@ -777 +802 @@
      * This code originally from Richard Heyes and Stefan Esser
      */
-    private function cleanGlobals()
+    private static function cleanGlobals()
     {
         # Intercept GLOBALS overwrite
@@ -832 +857 @@
 
     /**
-     * Handles possible Injections and clean up of $_REQUEST
-     */
-    private function sanitizeRequest()
-    {
-        # Filter for Request-Parameter: id
-        if(isset($_REQUEST['id']) and ctype_digit($_REQUEST['id']))
-        {
-            $this->parameters['id'] = (int) $_REQUEST['id'];
-        }
-
-        # Filter for Request-Parameter: items
-        if(isset($_REQUEST['items']) and ctype_digit($_REQUEST['items']))
-        {
-            $this->parameters['items'] = (int) $_REQUEST['items'];
-        }
-
-        # Filter for Request-Parameter: defaultCol (Smarty Paginate Get Variable)
-        if(isset($_REQUEST['defaultCol']) and ctype_digit($_REQUEST['defaultCol']))
-        {
-            $this->parameters['defaultCol'] = (int) $_REQUEST['defaultCol'];
-        }
-
-        # Filter for Request-Parameter: defaultSort (Smarty Paginate Get Variable)
-        if(isset($_REQUEST['defaultSort']) and ctype_alpha($_REQUEST['defaultSort']) and (($_REQUEST['defaultSort'] == 'desc') or ($_REQUEST['defaultSort'] == 'asc')) )
-        {
-            $this->parameters['defaultSort'] = (int) $_REQUEST['defaultSort'];
-        }
-    }
-
-    /**
      * Revert magic_quotes() if still enabled
      * stripslashes + array_deep + non_recursive
@@ -872 +867 @@
      * @return Returns the magic quotes fixed $var
      */
-    private function fix_magic_quotes($input = null)
-    {
-        if($this->magic_quotes_gpc == false)
+    private static function fix_magic_quotes($input = null)
+    {
+        if(self::$magic_quotes_gpc == false)
         {
             return $input;