Correctly process request parameters other than GET or POST, dont use globals in the class but inject it

This commit is contained in:
Bernhard Posselt 2014-04-12 15:02:19 +02:00
parent 266325eac4
commit e7fa2790f3
2 changed files with 39 additions and 50 deletions

View File

@ -60,7 +60,10 @@ class Request implements \ArrayAccess, \Countable, IRequest {
* @param string|false 'requesttoken' the requesttoken or false when not available * @param string|false 'requesttoken' the requesttoken or false when not available
* @see http://www.php.net/manual/en/reserved.variables.php * @see http://www.php.net/manual/en/reserved.variables.php
*/ */
public function __construct(array $vars=array()) { public function __construct(array $vars=array(), $stream='php://input') {
$this->inputStream = $stream;
$this->items['params'] = array();
foreach($this->allowedKeys as $name) { foreach($this->allowedKeys as $name) {
$this->items[$name] = isset($vars[$name]) $this->items[$name] = isset($vars[$name])
@ -68,25 +71,29 @@ class Request implements \ArrayAccess, \Countable, IRequest {
: array(); : array();
} }
if (defined('PHPUNIT_RUN') && PHPUNIT_RUN // 'application/json' must be decoded manually.
&& in_array('fakeinput', stream_get_wrappers())) { if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) {
$this->inputStream = 'fakeinput://data'; $params = json_decode(file_get_contents($this->inputStream), true);
} else { if(count($params) > 0) {
$this->inputStream = 'php://input'; $this->items['params'] = $params;
} }
// Handle application/x-www-form-urlencoded for methods other than GET
// Only 'application/x-www-form-urlencoded' requests are automatically // or post correctly
// transformed by PHP, 'application/json' must be decoded manually. } elseif($vars['method'] !== 'GET'
if ($this->method === 'POST' && $vars['method'] !== 'POST'
&& strpos($this->getHeader('Content-Type'), 'application/json') !== false && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
) {
$this->items['params'] = $this->items['post'] = json_decode(file_get_contents($this->inputStream), true); parse_str(file_get_contents($this->inputStream), $params);
} if(is_array($params)) {
$this->items['params'] = $params;
}
}
$this->items['parameters'] = array_merge( $this->items['parameters'] = array_merge(
$this->items['get'], $this->items['get'],
$this->items['post'], $this->items['post'],
$this->items['urlParams'] $this->items['urlParams'],
$this->items['params']
); );
} }
@ -313,47 +320,22 @@ class Request implements \ArrayAccess, \Countable, IRequest {
* @throws \LogicException * @throws \LogicException
*/ */
protected function getContent() { protected function getContent() {
if ($this->content === false && $this->method === 'PUT') {
throw new \LogicException(
'"put" can only be accessed once if not '
. 'application/x-www-form-urlencoded or application/json.'
);
}
// If the content can't be parsed into an array then return a stream resource. // If the content can't be parsed into an array then return a stream resource.
if ($this->method === 'PUT' if ($this->method === 'PUT'
&& strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') === false && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') === false
&& strpos($this->getHeader('Content-Type'), 'application/json') === false && strpos($this->getHeader('Content-Type'), 'application/json') === false
) { ) {
if ($this->content === false) {
throw new \LogicException(
'"put" can only be accessed once if not '
. 'application/x-www-form-urlencoded or application/json.'
);
}
$this->content = false; $this->content = false;
return fopen($this->inputStream, 'rb'); return fopen($this->inputStream, 'rb');
} else {
return $this->parameters;
} }
if (is_null($this->content)) {
$this->content = file_get_contents($this->inputStream);
/*
* Normal jquery ajax requests are sent as application/x-www-form-urlencoded
* and in $_GET and $_POST PHP transformes the data into an array.
* The first condition mimics this.
* The second condition allows for sending raw application/json data while
* still getting the result as an array.
*
*/
if (strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
parse_str($this->content, $content);
if(is_array($content)) {
$this->content = $content;
}
} elseif (strpos($this->getHeader('Content-Type'), 'application/json') !== false) {
$content = json_decode($this->content, true);
if(is_array($content)) {
$this->content = $content;
}
}
}
return $this->content;
} }
/** /**

View File

@ -35,6 +35,13 @@ class Server extends SimpleContainer implements IServerContainer {
$requesttoken = false; $requesttoken = false;
} }
if (defined('PHPUNIT_RUN') && PHPUNIT_RUN
&& in_array('fakeinput', stream_get_wrappers())) {
$stream = 'fakeinput://data';
} else {
$stream = 'php://input';
}
return new Request( return new Request(
array( array(
'get' => $_GET, 'get' => $_GET,
@ -48,7 +55,7 @@ class Server extends SimpleContainer implements IServerContainer {
: null, : null,
'urlParams' => $urlParams, 'urlParams' => $urlParams,
'requesttoken' => $requesttoken, 'requesttoken' => $requesttoken,
) ), $stream
); );
}); });
$this->registerService('PreviewManager', function($c) { $this->registerService('PreviewManager', function($c) {