diff options
| author | Nils Adermann <naderman@naderman.de> | 2010-03-13 11:08:12 +0100 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2010-09-17 14:00:01 +0200 |
| commit | 85b6d3b9a1b346f36232d98bcf308f5635eb7f49 (patch) | |
| tree | f7a17fba1790cbaa145d904ec57ddcd43938f5e1 /phpBB/includes/request | |
| parent | 6beeda79eb5a001b589e987d832acf4ea0ae5b4f (diff) | |
| download | forums-85b6d3b9a1b346f36232d98bcf308f5635eb7f49.tar forums-85b6d3b9a1b346f36232d98bcf308f5635eb7f49.tar.gz forums-85b6d3b9a1b346f36232d98bcf308f5635eb7f49.tar.bz2 forums-85b6d3b9a1b346f36232d98bcf308f5635eb7f49.tar.xz forums-85b6d3b9a1b346f36232d98bcf308f5635eb7f49.zip | |
[feature/request-class] Extracted type casting helpers from the request class.
These methods should be available without having to instantiate a request class
object, better separation of concerns. A set_var wrapper around this class no
longer requires a request object at all.
PHPBB3-9716
Diffstat (limited to 'phpBB/includes/request')
| -rw-r--r-- | phpBB/includes/request/type_cast_helper.php | 178 | ||||
| -rw-r--r-- | phpBB/includes/request/type_cast_helper_interface.php | 63 |
2 files changed, 241 insertions, 0 deletions
diff --git a/phpBB/includes/request/type_cast_helper.php b/phpBB/includes/request/type_cast_helper.php new file mode 100644 index 0000000000..ff392fbf8f --- /dev/null +++ b/phpBB/includes/request/type_cast_helper.php @@ -0,0 +1,178 @@ +<?php +/** +* +* @package phpbb_request +* @copyright (c) 2010 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* A helper class that provides convenience methods for type casting. +* +* @package phpbb_request +*/ +class phpbb_type_cast_helper implements phpbb_type_cast_helper_interface +{ + + /** + * @var string Whether slashes need to be stripped from input + */ + protected $strip; + + /** + * Initialises the type cast helper class. + * All it does is find out whether magic quotes are turned on. + */ + public function __construct() + { + if (version_compare(PHP_VERSION, '6.0.0-dev', '>=')) + { + $this->strip = false; + } + else + { + $this->strip = (@get_magic_quotes_gpc()) ? true : false; + } + } + + /** + * Recursively applies addslashes to a variable. + * + * @param mixed &$var Variable passed by reference to which slashes will be added. + */ + public function addslashes_recursively(&$var) + { + if (is_string($var)) + { + $var = addslashes($var); + } + else if (is_array($var)) + { + $var_copy = $var; + $var = array(); + foreach ($var_copy as $key => $value) + { + if (is_string($key)) + { + $key = addslashes($key); + } + $var[$key] = $value; + + $this->addslashes_recursively($var[$key]); + } + } + } + + /** + * Recursively applies addslashes to a variable if magic quotes are turned on. + * + * @param mixed &$var Variable passed by reference to which slashes will be added. + */ + public function add_magic_quotes(&$var) + { + if ($this->strip) + { + $this->addslashes_recursively($var); + } + } + + /** + * Set variable $result to a particular type. + * + * @param mixed &$result The variable to fill + * @param mixed $var The contents to fill with + * @param mixed $type The variable type. Will be used with {@link settype()} + * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + */ + public function set_var(&$result, $var, $type, $multibyte = false) + { + settype($var, $type); + $result = $var; + + if ($type == 'string') + { + $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); + + if (!empty($result)) + { + // Make sure multibyte characters are wellformed + if ($multibyte) + { + if (!preg_match('/^./u', $result)) + { + $result = ''; + } + } + else + { + // no multibyte, allow only ASCII (0-127) + $result = preg_replace('/[\x80-\xFF]/', '?', $result); + } + } + + $result = ($this->strip) ? stripslashes($result) : $result; + } + } + + /** + * Recursively sets a variable to a given type using {@link set_var set_var} + * + * @param string $var The value which shall be sanitised (passed by reference). + * @param mixed $default Specifies the type $var shall have. + * If it is an array and $var is not one, then an empty array is returned. + * Otherwise var is cast to the same type, and if $default is an array all + * keys and values are cast recursively using this function too. + * @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to + * be replaced with question marks. + */ + public function recursive_set_var(&$var, $default, $multibyte) + { + if (is_array($var) !== is_array($default)) + { + $var = (is_array($default)) ? array() : $default; + return; + } + + if (!is_array($default)) + { + $type = gettype($default); + $this->set_var($var, $var, $type, $multibyte); + } + else + { + // make sure there is at least one key/value pair to use get the + // types from + if (empty($default)) + { + $var = array(); + return; + } + + list($default_key, $default_value) = each($default); + $value_type = gettype($default_value); + $key_type = gettype($default_key); + + $_var = $var; + $var = array(); + + foreach ($_var as $k => $v) + { + $this->set_var($k, $k, $key_type, $multibyte, $multibyte); + + $this->recursive_set_var($v, $default_value, $multibyte); + $this->set_var($var[$k], $v, $value_type, $multibyte); + } + } + } +} diff --git a/phpBB/includes/request/type_cast_helper_interface.php b/phpBB/includes/request/type_cast_helper_interface.php new file mode 100644 index 0000000000..96e984003c --- /dev/null +++ b/phpBB/includes/request/type_cast_helper_interface.php @@ -0,0 +1,63 @@ +<?php +/** +* +* @package phpbb_request +* @copyright (c) 2010 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* An interface for type cast operations. +* +* @package phpbb_request +*/ +interface phpbb_type_cast_helper_interface +{ + /** + * Recursively applies addslashes to a variable. + * + * @param mixed &$var Variable passed by reference to which slashes will be added. + */ + public function addslashes_recursively(&$var); + + /** + * Recursively applies addslashes to a variable if magic quotes are turned on. + * + * @param mixed &$var Variable passed by reference to which slashes will be added. + */ + public function add_magic_quotes(&$var); + + /** + * Set variable $result to a particular type. + * + * @param mixed &$result The variable to fill + * @param mixed $var The contents to fill with + * @param mixed $type The variable type. Will be used with {@link settype()} + * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + */ + public function set_var(&$result, $var, $type, $multibyte = false); + + /** + * Recursively sets a variable to a given type using {@link set_var set_var}. + * + * @param string $var The value which shall be sanitised (passed by reference). + * @param mixed $default Specifies the type $var shall have. + * If it is an array and $var is not one, then an empty array is returned. + * Otherwise var is cast to the same type, and if $default is an array all + * keys and values are cast recursively using this function too. + * @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to + * be replaced with question marks. + */ + public function recursive_set_var(&$var, $default, $multibyte); +} |