diff options
| author | Oleg Pudeyev <oleg@bsdpower.com> | 2012-10-10 00:03:13 -0400 |
|---|---|---|
| committer | Oleg Pudeyev <oleg@bsdpower.com> | 2012-10-10 00:03:13 -0400 |
| commit | cc5923ea43f84d584fc4d69ba5302b439e00c828 (patch) | |
| tree | 6201d5ebb611a08c7b77e9c60fadd1060df243b7 /phpBB/includes/request/request.php | |
| parent | 74e41e79d1a82389da7ea000550ff1100da2059d (diff) | |
| parent | 238fab3bb908013fb0d7c95278b0a2a3b7fa5bae (diff) | |
| download | forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.gz forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.bz2 forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.tar.xz forums-cc5923ea43f84d584fc4d69ba5302b439e00c828.zip | |
Merge PR #993 branch 'bantu/ticket/8713' into develop
* bantu/ticket/8713:
[ticket/8713] Update untrimmed_variable() doc block.
[ticket/8713] Revert changes to ucp_profile, ucp_register and acp_users.
[ticket/8713] Trim password in auth_db to keep compatibility.
[ticket/8713] Call htmlspecialchars_decode() on transfer (e.g. ftp) passwords.
[ticket/8713] Rename untrimed_variable() to untrimmed_variable().
[ticket/8713] DRY: variable() and untrimed_variable() into a protected method.
[ticket/8713] Fix type_cast_helper.php doc blocks: Add punctuation etc.
[ticket/8713] Always trim array keys.
[ticket/8713] Add simple (non-nested) test case for untrimmed set_var().
[ticket/8713] Use \t in double quotes instead of tabs.
[ticket/8713] Use correct parameter for nested data.
[ticket/8713] Adjust test method name to other recursive_set_var() tests.
[ticket/8713] Do not trim login inputs
Diffstat (limited to 'phpBB/includes/request/request.php')
| -rw-r--r-- | phpBB/includes/request/request.php | 125 |
1 files changed, 86 insertions, 39 deletions
diff --git a/phpBB/includes/request/request.php b/phpBB/includes/request/request.php index 4e425dbd27..a06fc0d85d 100644 --- a/phpBB/includes/request/request.php +++ b/phpBB/includes/request/request.php @@ -200,46 +200,31 @@ class phpbb_request implements phpbb_request_interface */ public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST) { - $path = false; - - // deep direct access to multi dimensional arrays - if (is_array($var_name)) - { - $path = $var_name; - // make sure at least the variable name is specified - if (empty($path)) - { - return (is_array($default)) ? array() : $default; - } - // the variable name is the first element on the path - $var_name = array_shift($path); - } - - if (!isset($this->input[$super_global][$var_name])) - { - return (is_array($default)) ? array() : $default; - } - $var = $this->input[$super_global][$var_name]; - - if ($path) - { - // walk through the array structure and find the element we are looking for - foreach ($path as $key) - { - if (is_array($var) && isset($var[$key])) - { - $var = $var[$key]; - } - else - { - return (is_array($default)) ? array() : $default; - } - } - } - - $this->type_cast_helper->recursive_set_var($var, $default, $multibyte); + return $this->_variable($var_name, $default, $multibyte, $super_global, true); + } - return $var; + /** + * Get a variable, but without trimming strings. + * Same functionality as variable(), except does not run trim() on strings. + * This method should be used when handling passwords. + * + * @param string|array $var_name The form variable's name from which data shall be retrieved. + * If the value is an array this may be an array of indizes which will give + * direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a") + * then specifying array("var", 1) as the name will return "a". + * @param mixed $default A default value that is returned if the variable was not set. + * This function will always return a value of the same type as the default. + * @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks + * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global + * Specifies which super global should be used + * + * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * the same as that of $default. If the variable is not set $default is returned. + */ + public function untrimmed_variable($var_name, $default, $multibyte, $super_global = phpbb_request_interface::REQUEST) + { + return $this->_variable($var_name, $default, $multibyte, $super_global, false); } /** @@ -351,4 +336,66 @@ class phpbb_request implements phpbb_request_interface return array_keys($this->input[$super_global]); } + + /** + * Helper function used by variable() and untrimmed_variable(). + * + * @param string|array $var_name The form variable's name from which data shall be retrieved. + * If the value is an array this may be an array of indizes which will give + * direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a") + * then specifying array("var", 1) as the name will return "a". + * @param mixed $default A default value that is returned if the variable was not set. + * This function will always return a value of the same type as the default. + * @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks + * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global + * Specifies which super global should be used + * @param bool $trim Indicates whether trim() should be applied to string values. + * + * @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the + * the same as that of $default. If the variable is not set $default is returned. + */ + protected function _variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST, $trim = true) + { + $path = false; + + // deep direct access to multi dimensional arrays + if (is_array($var_name)) + { + $path = $var_name; + // make sure at least the variable name is specified + if (empty($path)) + { + return (is_array($default)) ? array() : $default; + } + // the variable name is the first element on the path + $var_name = array_shift($path); + } + + if (!isset($this->input[$super_global][$var_name])) + { + return (is_array($default)) ? array() : $default; + } + $var = $this->input[$super_global][$var_name]; + + if ($path) + { + // walk through the array structure and find the element we are looking for + foreach ($path as $key) + { + if (is_array($var) && isset($var[$key])) + { + $var = $var[$key]; + } + else + { + return (is_array($default)) ? array() : $default; + } + } + } + + $this->type_cast_helper->recursive_set_var($var, $default, $multibyte, $trim); + + return $var; + } } |