summaryrefslogtreecommitdiff
path: root/app/Filter.php
diff options
context:
space:
mode:
authorGreg Roach <fisharebest@webtrees.net>2018-08-25 09:36:32 +0100
committerGreg Roach <fisharebest@webtrees.net>2018-08-26 11:52:16 +0100
commita45f98897789fc9ff88705eb09ae5f037bf49c10 (patch)
treeb7c6a32b461875e564af796eebcad60729440ebe /app/Filter.php
parent20ac4041ff6d2c96733f4df91b821d1c039e0259 (diff)
downloadwebtrees-a45f98897789fc9ff88705eb09ae5f037bf49c10.tar.gz
webtrees-a45f98897789fc9ff88705eb09ae5f037bf49c10.tar.bz2
webtrees-a45f98897789fc9ff88705eb09ae5f037bf49c10.zip
Replace Filter::get() and Filter::post() with $request
Diffstat (limited to 'app/Filter.php')
-rw-r--r--app/Filter.php298
1 files changed, 0 insertions, 298 deletions
diff --git a/app/Filter.php b/app/Filter.php
index 833a4aa080..c43a7450d8 100644
--- a/app/Filter.php
+++ b/app/Filter.php
@@ -129,302 +129,4 @@ class Filter
return $text;
}
}
-
- /**
- * Validate INPUT parameters
- *
- * @param string $source
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string
- */
- private static function input($source, $variable, $regexp = null, $default = '')
- {
- if ($regexp) {
- return filter_input($source, $variable, FILTER_VALIDATE_REGEXP, [
- 'options' => [
- 'regexp' => '/^(' . $regexp . ')$/u',
- 'default' => $default,
- ],
- ]);
- } else {
- $tmp = filter_input($source, $variable, FILTER_CALLBACK, [
- 'options' => function ($x) {
- return mb_check_encoding($x, 'UTF-8') ? $x : false;
- },
- ]);
-
- return ($tmp === null || $tmp === false) ? $default : $tmp;
- }
- }
-
- /**
- * Validate array INPUT parameters
- *
- * @param string $source
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string[]
- */
- private static function inputArray($source, $variable, $regexp = null, $default = '')
- {
- if ($regexp) {
- return filter_input_array($source, [
- $variable => [
- 'flags' => FILTER_REQUIRE_ARRAY,
- 'filter' => FILTER_VALIDATE_REGEXP,
- 'options' => [
- 'regexp' => '/^(' . $regexp . ')$/u',
- 'default' => $default,
- ],
- ],
- ])[$variable] ?: [];
- } else {
- return filter_input_array($source, [
- $variable => [
- 'flags' => FILTER_REQUIRE_ARRAY,
- 'filter' => FILTER_CALLBACK,
- 'options' => function ($x) {
- return mb_check_encoding($x, 'UTF-8') ? $x : false;
- },
- ],
- ])[$variable] ?: [];
- }
- }
-
- /**
- * Validate GET parameters
- *
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string
- */
- public static function get($variable, $regexp = null, $default = '')
- {
- return self::input(INPUT_GET, $variable, $regexp, $default);
- }
-
- /**
- * Validate array GET parameters
- *
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string[]
- */
- public static function getArray($variable, $regexp = null, $default = '')
- {
- return self::inputArray(INPUT_GET, $variable, $regexp, $default);
- }
-
- /**
- * Validate boolean GET parameters
- *
- * @param string $variable
- *
- * @return bool
- */
- public static function getBool($variable)
- {
- return (bool) filter_input(INPUT_GET, $variable, FILTER_VALIDATE_BOOLEAN);
- }
-
- /**
- * Validate integer GET parameters
- *
- * @param string $variable
- * @param int $min
- * @param int $max
- * @param int $default
- *
- * @return int
- */
- public static function getInteger($variable, $min = 0, $max = PHP_INT_MAX, $default = 0)
- {
- return filter_input(INPUT_GET, $variable, FILTER_VALIDATE_INT, [
- 'options' => [
- 'min_range' => $min,
- 'max_range' => $max,
- 'default' => $default,
- ],
- ]);
- }
-
- /**
- * Validate URL GET parameters
- *
- * @param string $variable
- * @param string $default
- *
- * @return string
- */
- public static function getUrl($variable, $default = '')
- {
- return filter_input(INPUT_GET, $variable, FILTER_VALIDATE_URL) ?: $default;
- }
-
- /**
- * Validate POST parameters
- *
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string
- */
- public static function post($variable, $regexp = null, $default = '')
- {
- return self::input(INPUT_POST, $variable, $regexp, $default);
- }
-
- /**
- * Validate array POST parameters
- *
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string[]|string[][]
- */
- public static function postArray($variable, $regexp = null, $default = '')
- {
- return self::inputArray(INPUT_POST, $variable, $regexp, $default);
- }
-
- /**
- * Validate boolean POST parameters
- *
- * @param string $variable
- *
- * @return bool
- */
- public static function postBool($variable)
- {
- return (bool) filter_input(INPUT_POST, $variable, FILTER_VALIDATE_BOOLEAN);
- }
-
- /**
- * Validate integer POST parameters
- *
- * @param string $variable
- * @param int $min
- * @param int $max
- * @param int $default
- *
- * @return int
- */
- public static function postInteger($variable, $min = 0, $max = PHP_INT_MAX, $default = 0)
- {
- return filter_input(INPUT_POST, $variable, FILTER_VALIDATE_INT, [
- 'options' => [
- 'min_range' => $min,
- 'max_range' => $max,
- 'default' => $default,
- ],
- ]);
- }
-
- /**
- * Validate URL GET parameters
- *
- * @param string $variable
- * @param string $default
- *
- * @return string
- */
- public static function postUrl($variable, $default = '')
- {
- return filter_input(INPUT_POST, $variable, FILTER_VALIDATE_URL) ?: $default;
- }
-
- /**
- * Validate COOKIE parameters
- *
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string
- */
- public static function cookie($variable, $regexp = null, $default = '')
- {
- return self::input(INPUT_COOKIE, $variable, $regexp, $default);
- }
-
- /**
- * Validate SERVER parameters
- *
- * @param string $variable
- * @param string|null $regexp
- * @param string $default
- *
- * @return string
- */
- public static function server($variable, $regexp = null, $default = '')
- {
- // On some servers, variables that are present in $_SERVER cannot be
- // found via filter_input(INPUT_SERVER). Instead, they are found via
- // filter_input(INPUT_ENV). Since we cannot rely on filter_input(),
- // we must use the superglobal directly.
- if (array_key_exists($variable, $_SERVER) && ($regexp === null || preg_match('/^(' . $regexp . ')$/', $_SERVER[$variable]))) {
- return $_SERVER[$variable];
- } else {
- return $default;
- }
- }
-
- /**
- * Cross-Site Request Forgery tokens - ensure that the user is submitting
- * a form that was generated by the current session.
- *
- * @return string
- */
- public static function getCsrfToken()
- {
- if (!Session::has('CSRF_TOKEN')) {
- $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcedfghijklmnopqrstuvwxyz0123456789';
- $csrf_token = '';
- for ($n = 0; $n < 32; ++$n) {
- $csrf_token .= substr($charset, random_int(0, 61), 1);
- }
- Session::put('CSRF_TOKEN', $csrf_token);
- }
-
- return Session::get('CSRF_TOKEN');
- }
-
- /**
- * Generate an <input> element - to protect the current form from CSRF attacks.
- *
- * @return string
- */
- public static function getCsrf()
- {
- return '<input type="hidden" name="csrf" value="' . self::getCsrfToken() . '">';
- }
-
- /**
- * Check that the POST request contains the CSRF token generated above.
- *
- * @return bool
- */
- public static function checkCsrf()
- {
- if (isset($_SERVER['HTTP_X_CSRF_TOKEN']) && $_SERVER['HTTP_X_CSRF_TOKEN'] !== self::getCsrfToken()) {
- // Oops. Something is not quite right
- Log::addAuthenticationLog('CSRF mismatch - session expired or malicious attack');
- FlashMessages::addMessage(I18N::translate('This form has expired. Try again.'), 'error');
-
- return false;
- }
-
- return true;
- }
}