From 08bf8812d3bc7c22671e7e0dc88a0e99fcf403d7 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 25 Nov 2016 22:51:29 +0100 Subject: [ticket/14875] Use raw_variable() method in _variable() to get raw data The raw_variable() method uses the same exact code the _variable method has been using until now. PHPBB3-14875 --- phpBB/phpbb/request/request.php | 39 ++++++--------------------------------- 1 file changed, 6 insertions(+), 33 deletions(-) (limited to 'phpBB/phpbb/request') diff --git a/phpBB/phpbb/request/request.php b/phpBB/phpbb/request/request.php index 318d9f66f9..0d9ffa1780 100644 --- a/phpBB/phpbb/request/request.php +++ b/phpBB/phpbb/request/request.php @@ -431,41 +431,14 @@ class request implements \phpbb\request\request_interface */ protected function _variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST, $trim = true) { - $path = false; - - // deep direct access to multi dimensional arrays - if (is_array($var_name)) - { - $path = $var_name; - // make sure at least the variable name is specified - if (empty($path)) - { - return (is_array($default)) ? array() : $default; - } - // the variable name is the first element on the path - $var_name = array_shift($path); - } - - if (!isset($this->input[$super_global][$var_name])) - { - return (is_array($default)) ? array() : $default; - } - $var = $this->input[$super_global][$var_name]; + $var = $this->raw_variable($var_name, $default, $super_global); - if ($path) + // Return prematurely if raw variable is empty array or the same as + // the default. Using strict comparison to ensure that one can't + // prevent proper type checking on any input variable + if ($var === array() || $var === $default) { - // walk through the array structure and find the element we are looking for - foreach ($path as $key) - { - if (is_array($var) && isset($var[$key])) - { - $var = $var[$key]; - } - else - { - return (is_array($default)) ? array() : $default; - } - } + return $var; } $this->type_cast_helper->recursive_set_var($var, $default, $multibyte, $trim); -- cgit v1.2.1