diff options
Diffstat (limited to 'phpBB/phpbb/request')
| -rw-r--r-- | phpBB/phpbb/request/deactivated_super_global.php | 14 | ||||
| -rw-r--r-- | phpBB/phpbb/request/request.php | 37 | ||||
| -rw-r--r-- | phpBB/phpbb/request/request_interface.php | 22 | ||||
| -rw-r--r-- | phpBB/phpbb/request/type_cast_helper.php | 13 | ||||
| -rw-r--r-- | phpBB/phpbb/request/type_cast_helper_interface.php | 12 |
5 files changed, 70 insertions, 28 deletions
diff --git a/phpBB/phpbb/request/deactivated_super_global.php b/phpBB/phpbb/request/deactivated_super_global.php index b6940cf51f..ab56240b14 100644 --- a/phpBB/phpbb/request/deactivated_super_global.php +++ b/phpBB/phpbb/request/deactivated_super_global.php @@ -1,9 +1,13 @@ <?php /** * -* @package \phpbb\request\request -* @copyright (c) 2010 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -12,8 +16,6 @@ namespace phpbb\request; /** * Replacement for a superglobal (like $_GET or $_POST) which calls * trigger_error on all operations but isset, overloads the [] operator with SPL. -* -* @package \phpbb\request\request */ class deactivated_super_global implements \ArrayAccess, \Countable, \IteratorAggregate { @@ -54,7 +56,7 @@ class deactivated_super_global implements \ArrayAccess, \Countable, \IteratorAgg $file = ''; $line = 0; - $message = 'Illegal use of $' . $this->name . '. You must use the request class or request_var() to access input data. Found in %s on line %d. This error message was generated by deactivated_super_global.'; + $message = 'Illegal use of $' . $this->name . '. You must use the request class to access input data. Found in %s on line %d. This error message was generated by deactivated_super_global.'; $backtrace = debug_backtrace(); if (isset($backtrace[1])) diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index 3171a6edb7..56ce3999ed 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -1,9 +1,13 @@ <?php /** * -* @package \phpbb\request\request -* @copyright (c) 2010 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -14,8 +18,6 @@ namespace phpbb\request; * * It provides a method to disable access to input data through super globals. * This should force MOD authors to read about data validation. -* -* @package \phpbb\request\request */ class request implements \phpbb\request\request_interface { @@ -273,7 +275,7 @@ class request implements \phpbb\request\request_interface */ public function file($form_name) { - return $this->variable($form_name, array('name' => 'none'), false, \phpbb\request\request_interface::FILES); + return $this->variable($form_name, array('name' => 'none'), true, \phpbb\request\request_interface::FILES); } /** @@ -414,4 +416,27 @@ class request implements \phpbb\request\request_interface { return $this->input[$super_global]; } + + /** + * {@inheritdoc} + */ + public function escape($var, $multibyte) + { + if (is_array($var)) + { + $result = array(); + foreach ($var as $key => $value) + { + $this->type_cast_helper->set_var($key, $key, gettype($key), $multibyte); + $result[$key] = $this->escape($value, $multibyte); + } + $var = $result; + } + else + { + $this->type_cast_helper->set_var($var, $var, 'string', $multibyte); + } + + return $var; + } } diff --git a/phpBB/phpbb/request/request_interface.php b/phpBB/phpbb/request/request_interface.php index 1f9978b276..47b3b3a4ed 100644 --- a/phpBB/phpbb/request/request_interface.php +++ b/phpBB/phpbb/request/request_interface.php @@ -1,9 +1,13 @@ <?php /** * -* @package \phpbb\request\request -* @copyright (c) 2010 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\request; /** * An interface through which all application input can be accessed. -* -* @package \phpbb\request\request */ interface request_interface { @@ -140,4 +142,14 @@ interface request_interface * @return array The original array of the requested super global. */ public function get_super_global($super_global = \phpbb\request\request_interface::REQUEST); + + /** + * Escape a string variable. + * + * @param mixed $value The contents to fill with + * @param bool $multibyte Indicates whether string values may contain UTF-8 characters. + * Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks. + * @return string|array + */ + public function escape($value, $multibyte); } diff --git a/phpBB/phpbb/request/type_cast_helper.php b/phpBB/phpbb/request/type_cast_helper.php index e9b55663af..96e66950ca 100644 --- a/phpBB/phpbb/request/type_cast_helper.php +++ b/phpBB/phpbb/request/type_cast_helper.php @@ -1,9 +1,13 @@ <?php /** * -* @package \phpbb\request\request -* @copyright (c) 2010 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\request; /** * A helper class that provides convenience methods for type casting. -* -* @package \phpbb\request\request */ class type_cast_helper implements \phpbb\request\type_cast_helper_interface { @@ -170,7 +172,6 @@ class type_cast_helper implements \phpbb\request\type_cast_helper_interface } list($default_key, $default_value) = each($default); - $value_type = gettype($default_value); $key_type = gettype($default_key); $_var = $var; diff --git a/phpBB/phpbb/request/type_cast_helper_interface.php b/phpBB/phpbb/request/type_cast_helper_interface.php index f12795eef9..2cb28d021f 100644 --- a/phpBB/phpbb/request/type_cast_helper_interface.php +++ b/phpBB/phpbb/request/type_cast_helper_interface.php @@ -1,9 +1,13 @@ <?php /** * -* @package \phpbb\request\request -* @copyright (c) 2010 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,8 +15,6 @@ namespace phpbb\request; /** * An interface for type cast operations. -* -* @package \phpbb\request\request */ interface type_cast_helper_interface { |