gnh1201/reasonableframework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add multiple methods of get_requested_value()

Browse Source
This commit is contained in:
Namhyeon Go 2019-04-15 04:23:20 +00:00
parent 2b26a1a817
commit 5bdeabe3ab
1 changed files with 25 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
system/uri.php
View File

@ -99,7 +99,6 @@ if(!check_function_exists("read_requests")) {
"_JSON" => false, "_JSON" => false,
"_SEAL" => false, "_SEAL" => false,
"_SERVER" => array_map("make_safe_argument", get_array($_SERVER)), "_SERVER" => array_map("make_safe_argument", get_array($_SERVER)),
"_MIXED" => array(),
); );
// check if json or serialized request // check if json or serialized request
@ -132,9 +131,6 @@ if(!check_function_exists("read_requests")) {
$requests['_SEAL'] = unserialize($requests['_RAW']); $requests['_SEAL'] = unserialize($requests['_RAW']);
} }
// set mixed (PostData + JSON) requests
// todo
// with security module // with security module
$protect_methods = array("_ALL", "_GET", "_POST", "_JSON", "_SEAL", "_MIXED"); $protect_methods = array("_ALL", "_GET", "_POST", "_JSON", "_SEAL", "_MIXED");
if(check_function_exists("get_clean_xss")) { if(check_function_exists("get_clean_xss")) {
@ -269,23 +265,33 @@ if(!check_function_exists("get_requested_value")) {
$value = false; $value = false;
$requests = get_requests(); $requests = get_requests();
// set validated value $req_methods = array();
if(array_key_exists($method, $requests)) { if(is_array($method)) {
if(is_array($requests[$method])) { $req_methods = array_merge($req_methods, $method);
$value = get_value_in_array($name, $requests[$method], $value); } else {
} elseif(is_object($requests[$method])) { $req_methods[] = $mehtod;
$value = get_property_value($name, $requests[$method]); }
} $req_methods = array_reverse($req_methods);
if(is_string($value)) { // set validated value
// security: set escape quotes foreach($req_methods as $method) {
if($escape_quotes == true) { if(array_key_exists($method, $requests)) {
$value = addslashes($value); if(is_array($requests[$method])) {
$value = get_value_in_array($name, $requests[$method], $value);
} elseif(is_object($requests[$method])) {
$value = get_property_value($name, $requests[$method]);
} }
// security: set escape tags if(is_string($value)) {
if($escape_tags == true) { // security: set escape quotes
$value = htmlspecialchars($value); if($escape_quotes == true) {
$value = addslashes($value);
}
// security: set escape tags
if($escape_tags == true) {
$value = htmlspecialchars($value);
}
} }
} }
} }