From 7c60b12da3260cb3046f3f500431a1b7a5fb766d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 8 Feb 2014 18:47:19 +0200 Subject: CI_Input tweaks - Make get_post(), post_get() and server()'s parameter mandatory. - Change default value of parameter to NULL for cookie(), input_stream() and _fetch_from_array() (for consistency with get(), post()). - Delegate Array-vs-single and parameter detection to _fetch_from_array() to overall simplify the code. --- system/core/Input.php | 85 ++++++++----------------------- user_guide_src/source/libraries/input.rst | 20 ++++---- 2 files changed, 30 insertions(+), 75 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index ccb70daec..35ce5f12f 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -152,8 +152,20 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - protected function _fetch_from_array(&$array, $index = '', $xss_clean = NULL) + protected function _fetch_from_array(&$array, $index = NULL, $xss_clean = NULL) { + // If $index is NULL, it means that the whole $array is requested + if ($index === NULL) + { + $output = array(); + foreach (array_keys($array) as $key) + { + $output[$key] = $this->_fetch_from_array($array, $key, $xss_clean); + } + + return $output; + } + is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; if (isset($array[$index])) @@ -202,26 +214,6 @@ class CI_Input { */ public function get($index = NULL, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - - // Check if a field has been provided - if ($index === NULL) - { - if (empty($_GET)) - { - return array(); - } - - $get = array(); - - // loop through the full _GET array - foreach (array_keys($_GET) as $key) - { - $get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean); - } - return $get; - } - return $this->_fetch_from_array($_GET, $index, $xss_clean); } @@ -236,26 +228,6 @@ class CI_Input { */ public function post($index = NULL, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - - // Check if a field has been provided - if ($index === NULL) - { - if (empty($_POST)) - { - return array(); - } - - $post = array(); - - // Loop through the full _POST array and return it - foreach (array_keys($_POST) as $key) - { - $post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean); - } - return $post; - } - return $this->_fetch_from_array($_POST, $index, $xss_clean); } @@ -268,10 +240,8 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function post_get($index = '', $xss_clean = NULL) + public function post_get($index, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - return isset($_POST[$index]) ? $this->post($index, $xss_clean) : $this->get($index, $xss_clean); @@ -286,10 +256,8 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function get_post($index = '', $xss_clean = NULL) + public function get_post($index, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - return isset($_GET[$index]) ? $this->get($index, $xss_clean) : $this->post($index, $xss_clean); @@ -304,10 +272,8 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function cookie($index = '', $xss_clean = NULL) + public function cookie($index = NULL, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } @@ -320,10 +286,8 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function server($index = '', $xss_clean = NULL) + public function server($index, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - return $this->_fetch_from_array($_SERVER, $index, $xss_clean); } @@ -338,23 +302,14 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function input_stream($index = '', $xss_clean = NULL) + public function input_stream($index = NULL, $xss_clean = NULL) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - // The input stream can only be read once, so we'll need to check // if we have already done that first. - if (is_array($this->_input_stream)) - { - return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); - } - - // Parse the input stream in our cache var - parse_str(file_get_contents('php://input'), $this->_input_stream); if ( ! is_array($this->_input_stream)) { - $this->_input_stream = array(); - return NULL; + parse_str(file_get_contents('php://input'), $this->_input_stream); + is_array($this->_input_stream) OR $this->_input_stream = array(); } return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 7ebf0e1c7..6162a6664 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -158,20 +158,20 @@ Class Reference $this->input->get(NULL, TRUE); // returns all GET items with XSS filter $this->input->get(NULL, FALSE); // returns all GET items without XSS filtering - .. method:: post_get([$index = ''[, $xss_clean = NULL]]) + .. method:: post_get($index[, $xss_clean = NULL]) :param string $index: POST/GET parameter name :param bool $xss_clean: Whether to apply XSS filtering :returns: POST/GET value if found, NULL if not :rtype: mixed - This method works the same way as ``post()`` and ``get()``, only combined. - It will search through both POST and GET streams for data, looking in POST - first, and then in GET:: + This method works pretty much the same way as ``post()`` and ``get()``, + only combined. It will search through both POST and GET streams for data, + looking in POST first, and then in GET:: $this->input->post_get('some_data', TRUE); - .. method:: get_post([$index = ''[, $xss_clean = NULL]]) + .. method:: get_post($index[, $xss_clean = NULL]) :param string $index: GET/POST parameter name :param bool $xss_clean: Whether to apply XSS filtering @@ -186,7 +186,7 @@ Class Reference .. note:: This method used to act EXACTLY like ``post_get()``, but it's behavior has changed in CodeIgniter 3.0. - .. method:: cookie([$index = ''[, $xss_clean = NULL]]) + .. method:: cookie([$index = NULL[, $xss_clean = NULL]]) :param string $index: COOKIE parameter name :param bool $xss_clean: Whether to apply XSS filtering @@ -199,19 +199,19 @@ Class Reference $this->input->cookie('some_cookie'); $this->input->cookie('some_cookie, TRUE); // with XSS filter - .. method:: server([$index = ''[, $xss_clean = NULL]]) + .. method:: server($index[, $xss_clean = NULL]) :param string $index: Value name :param bool $xss_clean: Whether to apply XSS filtering :returns: $_SERVER item value if found, NULL if not :rtype: mixed - This method is identical to the ``post()``, ``get()`` and ``cookie()`` methods, - only it fetches server data (``$_SERVER``):: + This method is identical to the ``post()``, ``get()`` and ``cookie()`` + methods, only it fetches server data (``$_SERVER``):: $this->input->server('some_data'); - .. method:: input_stream([$index = ''[, $xss_clean = NULL]]) + .. method:: input_stream([$index = NULL[, $xss_clean = NULL]]) :param string $index: Key name :param bool $xss_clean: Whether to apply XSS filtering -- cgit v1.2.3-24-g4f1b