mirror of
https://github.com/skipperbent/simple-php-router.git
synced 2026-07-10 23:42:12 +00:00
Development
- Moved request-types constants from abstract Route class to global Request-class and changed references. - Changed code to use new global request-type constants. - Optimized InputHandler class so it only parses inputs once when calling all-method. - Forced csrf-token post-value are now availible in all requestTypePost methods.
This commit is contained in:
@@ -27,6 +27,24 @@ class InputHandler
|
||||
*/
|
||||
protected $request;
|
||||
|
||||
/**
|
||||
* Original post variables
|
||||
* @var array
|
||||
*/
|
||||
protected $originalPost = [];
|
||||
|
||||
/**
|
||||
* Original get variables
|
||||
* @var array
|
||||
*/
|
||||
protected $originalGet = [];
|
||||
|
||||
/**
|
||||
* Get original file variables
|
||||
* @var array
|
||||
*/
|
||||
protected $originalFile = [];
|
||||
|
||||
/**
|
||||
* Input constructor.
|
||||
* @param Request $request
|
||||
@@ -46,22 +64,34 @@ class InputHandler
|
||||
{
|
||||
/* Parse get requests */
|
||||
if (\count($_GET) !== 0) {
|
||||
$this->get = $this->parseInputItem($_GET);
|
||||
$this->originalGet = $_GET;
|
||||
$this->get = $this->parseInputItem($this->originalGet);
|
||||
}
|
||||
|
||||
/* Parse post requests */
|
||||
$postVars = $_POST;
|
||||
$this->originalPost = $_POST;
|
||||
|
||||
if (\in_array($this->request->getMethod(), ['put', 'patch', 'delete'], false) === true) {
|
||||
parse_str(file_get_contents('php://input'), $postVars);
|
||||
if (\in_array($this->request->getMethod(), Request::$requestTypesPost, false) === true) {
|
||||
|
||||
$contents = file_get_contents('php://input');
|
||||
|
||||
// Append any PHP-input json
|
||||
if (strpos(trim($contents), '{') === 0) {
|
||||
$post = json_decode($contents, true);
|
||||
|
||||
if ($post !== false) {
|
||||
$this->originalPost += $post;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (\count($postVars) !== 0) {
|
||||
$this->post = $this->parseInputItem($postVars);
|
||||
if (\count($this->originalPost) !== 0) {
|
||||
$this->post = $this->parseInputItem($this->originalPost);
|
||||
}
|
||||
|
||||
/* Parse get requests */
|
||||
if (\count($_FILES) !== 0) {
|
||||
$this->originalFile = $_FILES;
|
||||
$this->file = $this->parseFiles();
|
||||
}
|
||||
}
|
||||
@@ -192,11 +222,11 @@ class InputHandler
|
||||
{
|
||||
$element = null;
|
||||
|
||||
if (\count($methods) === 0 || \in_array('get', $methods, true) === true) {
|
||||
if (\count($methods) === 0 || \in_array(Request::REQUEST_TYPE_GET, $methods, true) === true) {
|
||||
$element = $this->get($index);
|
||||
}
|
||||
|
||||
if (($element === null && \count($methods) === 0) || (\count($methods) !== 0 && \in_array('post', $methods, true) === true)) {
|
||||
if (($element === null && \count($methods) === 0) || (\count($methods) !== 0 && \in_array(Request::REQUEST_TYPE_POST, $methods, true) === true)) {
|
||||
$element = $this->post($index);
|
||||
}
|
||||
|
||||
@@ -288,24 +318,7 @@ class InputHandler
|
||||
*/
|
||||
public function all(array $filter = []): array
|
||||
{
|
||||
$output = $_GET;
|
||||
|
||||
if ($this->request->getMethod() === 'post') {
|
||||
|
||||
// Append POST data
|
||||
$output += $_POST;
|
||||
$contents = file_get_contents('php://input');
|
||||
|
||||
// Append any PHP-input json
|
||||
if (strpos(trim($contents), '{') === 0) {
|
||||
$post = json_decode($contents, true);
|
||||
|
||||
if ($post !== false) {
|
||||
$output += $post;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$output = $this->originalGet + $this->originalPost;
|
||||
$output = (\count($filter) > 0) ? array_intersect_key($output, array_flip($filter)) : $output;
|
||||
|
||||
foreach ($filter as $filterKey) {
|
||||
|
||||
@@ -63,13 +63,12 @@ class BaseCsrfVerifier implements IMiddleware
|
||||
*/
|
||||
public function handle(Request $request): void
|
||||
{
|
||||
|
||||
if ($this->skip($request) === false && \in_array($request->getMethod(), ['post', 'put', 'patch', 'delete'], true) === true) {
|
||||
if ($this->skip($request) === false && \in_array($request->getMethod(), Request::$requestTypesPost, true) === true) {
|
||||
|
||||
$token = $request->getInputHandler()->value(
|
||||
static::POST_KEY,
|
||||
$request->getHeader(static::HEADER_KEY) ?? $request->getHeader('HTTP-' . static::HEADER_KEY),
|
||||
'post'
|
||||
Request::$requestTypesPost
|
||||
);
|
||||
|
||||
if ($this->tokenProvider->validate((string)$token) === false) {
|
||||
@@ -80,7 +79,6 @@ class BaseCsrfVerifier implements IMiddleware
|
||||
|
||||
// Refresh existing token
|
||||
$this->tokenProvider->refresh();
|
||||
|
||||
}
|
||||
|
||||
public function getTokenProvider(): ITokenProvider
|
||||
|
||||
@@ -10,6 +10,39 @@ use Pecee\SimpleRouter\SimpleRouter;
|
||||
|
||||
class Request
|
||||
{
|
||||
public const REQUEST_TYPE_GET = 'get';
|
||||
public const REQUEST_TYPE_POST = 'post';
|
||||
public const REQUEST_TYPE_PUT = 'put';
|
||||
public const REQUEST_TYPE_PATCH = 'patch';
|
||||
public const REQUEST_TYPE_OPTIONS = 'options';
|
||||
public const REQUEST_TYPE_DELETE = 'delete';
|
||||
public const REQUEST_TYPE_HEAD = 'head';
|
||||
|
||||
/**
|
||||
* All request-types
|
||||
* @var string[]
|
||||
*/
|
||||
public static $requestTypes = [
|
||||
self::REQUEST_TYPE_GET,
|
||||
self::REQUEST_TYPE_POST,
|
||||
self::REQUEST_TYPE_PUT,
|
||||
self::REQUEST_TYPE_PATCH,
|
||||
self::REQUEST_TYPE_OPTIONS,
|
||||
self::REQUEST_TYPE_DELETE,
|
||||
self::REQUEST_TYPE_HEAD,
|
||||
];
|
||||
|
||||
/**
|
||||
* Post request-types.
|
||||
* @var string[]
|
||||
*/
|
||||
public static $requestTypesPost = [
|
||||
self::REQUEST_TYPE_POST,
|
||||
self::REQUEST_TYPE_PUT,
|
||||
self::REQUEST_TYPE_PATCH,
|
||||
self::REQUEST_TYPE_DELETE,
|
||||
];
|
||||
|
||||
/**
|
||||
* Additional data
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user