From 441fd264267ac526730d06183bd3cfebfd26df01 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sun, 11 Aug 2013 20:36:41 +0200 Subject: Input class: change behavior of get_post() method, add post_get() method followup to PR #2522 --- system/core/Input.php | 18 +++++++++++++++++- tests/codeigniter/core/Input_test.php | 12 +++++++++++- user_guide_src/source/changelog.rst | 1 + user_guide_src/source/installation/upgrade_300.rst | 21 ++++++++++++++++----- user_guide_src/source/libraries/input.rst | 16 ++++++++++++---- 5 files changed, 57 insertions(+), 11 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index 1e67ce183..24e21ea08 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -261,7 +261,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function get_post($index = '', $xss_clean = FALSE) + public function post_get($index = '', $xss_clean = FALSE) { return isset($_POST[$index]) ? $this->post($index, $xss_clean) @@ -270,6 +270,22 @@ class CI_Input { // -------------------------------------------------------------------- + /** + * Fetch an item from GET data with fallback to POST + * + * @param string $index Index for item to be fetched from $_GET or $_POST + * @param bool $xss_clean Whether to apply XSS filtering + * @return mixed + */ + public function get_post($index = '', $xss_clean = FALSE) + { + return isset($_GET[$index]) + ? $this->get($index, $xss_clean) + : $this->post($index, $xss_clean); + } + + // -------------------------------------------------------------------- + /** * Fetch an item from the COOKIE array * diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index 5cf25fefa..0a98e556c 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -82,11 +82,21 @@ class Input_test extends CI_TestCase { // -------------------------------------------------------------------- - public function test_get_post() + public function test_post_get() { $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['foo'] = 'bar'; + $this->assertEquals('bar', $this->input->post_get('foo')); + } + + // -------------------------------------------------------------------- + + public function test_get_post() + { + $_SERVER['REQUEST_METHOD'] = 'GET'; + $_GET['foo'] = 'bar'; + $this->assertEquals('bar', $this->input->get_post('foo')); } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 4a45a71b0..ba104bb72 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -388,6 +388,7 @@ Release Date: Not Released - Changed method ``valid_ip()`` to use PHP's native ``filter_var()`` function. - Changed internal method ``_sanitize_globals()`` to skip enforcing reversal of *register_globals* in PHP 5.4+, where this functionality no longer exists. - Changed methods ``get()``, ``post()``, ``get_post()``, ``cookie()``, ``server()``, ``user_agent()`` to return NULL instead of FALSE when no value is found. + - Changed method ``get_post()`` to check in GET then in POST. Added method ``post_get()`` which checks in POST then in GET, as ``get_post()`` was doing before. - Changed method ``_fetch_from_array()`` to parse array notation in field name. - :doc:`Common functions ` changes include: diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 89835585c..21bdd188f 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -181,15 +181,26 @@ Many methods and functions now return NULL instead of FALSE when the required it - element() - elements() +******************************************************** +Step 11: Update usage of Input Class's get_post() method +******************************************************** + +Previously, the :doc:`Input Class <../libraries/input>` method ``get_post()`` +was checking first in POST data, then in GET data. This method has been modified +so that it checks in GET then in POST, as its name suggests. + +A method has been added, ``post_get()``, which checks in POST then in GET, as +``get_post()`` was doing before. + *********************************************************************** -Step 11: Check the calls to Directory Helper's directory_map() function +Step 12: Update usage of Directory Helper's directory_map() function *********************************************************************** In the resulting array, directories now end with a trailing directory separator (i.e. a slash, usually). ************************************************************* -Step 12: Update usage of Database Forge's drop_table() method +Step 13: Update usage of Database Forge's drop_table() method ************************************************************* Up until now, ``drop_table()`` added an IF EXISTS clause by default or it didn't work @@ -211,7 +222,7 @@ If your application relies on IF EXISTS, you'll have to change its usage. all drivers with the exception of ODBC. *********************************************************** -Step 13: Change usage of Email library with multiple emails +Step 14: Change usage of Email library with multiple emails *********************************************************** The :doc:`Email Library <../libraries/email>` will automatically clear the @@ -226,7 +237,7 @@ pass FALSE as the first parameter in the ``send()`` method: } *************************************************** -Step 14: Update your Form_validation language lines +Step 15: Update your Form_validation language lines *************************************************** Two improvements have been made to the :doc:`Form Validation Library @@ -257,7 +268,7 @@ files and error messages format: later. **************************************************************** -Step 15: Remove usage of (previously) deprecated functionalities +Step 16: Remove usage of (previously) deprecated functionalities **************************************************************** In addition to the ``$autoload['core']`` configuration setting, there's a diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 177f5cb64..fb245d7cd 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -98,7 +98,7 @@ The method returns NULL if there are no items in the POST. $this->input->get() =================== -This method is identical to the post method, only it fetches get data +This method is identical to the POST method, only it fetches GET data :: $this->input->get('some_data', TRUE); @@ -116,18 +116,26 @@ The method returns NULL if there are no items in the GET. $this->input->get(); // returns all GET items without XSS filtering +$this->input->post_get() +======================== + +This method will search through both the POST and GET streams for +data, looking first in POST, and then in GET:: + + $this->input->post_get('some_data', TRUE); + $this->input->get_post() ======================== -This method will search through both the post and get streams for -data, looking first in post, and then in get:: +This method will search through both the POST and GET streams for +data, looking first in GET, and then in POST:: $this->input->get_post('some_data', TRUE); $this->input->cookie() ====================== -This method is identical to the post method, only it fetches cookie data +This method is identical to the POST method, only it fetches cookie data :: $this->input->cookie('some_cookie'); -- cgit v1.2.3-24-g4f1b From e8e56d7be01177b3f6c2be5a3c43d21e4a472558 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Mon, 12 Aug 2013 01:36:39 +0200 Subject: Improve changelog entry --- user_guide_src/source/changelog.rst | 2 +- user_guide_src/source/installation/upgrade_300.rst | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index ba104bb72..84989189d 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -388,7 +388,7 @@ Release Date: Not Released - Changed method ``valid_ip()`` to use PHP's native ``filter_var()`` function. - Changed internal method ``_sanitize_globals()`` to skip enforcing reversal of *register_globals* in PHP 5.4+, where this functionality no longer exists. - Changed methods ``get()``, ``post()``, ``get_post()``, ``cookie()``, ``server()``, ``user_agent()`` to return NULL instead of FALSE when no value is found. - - Changed method ``get_post()`` to check in GET then in POST. Added method ``post_get()`` which checks in POST then in GET, as ``get_post()`` was doing before. + - Added method ``post_get()`` and changed ``get_post()`` to search in GET data first. Both methods' names now properly match their GET/POST data search priorities. - Changed method ``_fetch_from_array()`` to parse array notation in field name. - :doc:`Common functions ` changes include: diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 21bdd188f..e8fdd0b15 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -186,10 +186,10 @@ Step 11: Update usage of Input Class's get_post() method ******************************************************** Previously, the :doc:`Input Class <../libraries/input>` method ``get_post()`` -was checking first in POST data, then in GET data. This method has been modified -so that it checks in GET then in POST, as its name suggests. +was searching first in POST data, then in GET data. This method has been +modified so that it searches in GET then in POST, as its name suggests. -A method has been added, ``post_get()``, which checks in POST then in GET, as +A method has been added, ``post_get()``, which searches in POST then in GET, as ``get_post()`` was doing before. *********************************************************************** -- cgit v1.2.3-24-g4f1b