Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
fee14197 | 4 | | CiviCRM version 5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
6b83d5bd | 6 | | Copyright CiviCRM LLC (c) 2004-2019 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
d25dd0ee | 26 | */ |
6a488035 TO |
27 | |
28 | /** | |
29 | * | |
30 | * @package CRM | |
6b83d5bd | 31 | * @copyright CiviCRM LLC (c) 2004-2019 |
6a488035 TO |
32 | */ |
33 | ||
34 | /** | |
50bfb460 | 35 | * Class for managing a http request |
6a488035 TO |
36 | */ |
37 | class CRM_Utils_Request { | |
38 | ||
40101d37 | 39 | /** |
40 | * Get a unique ID for the request. | |
41 | * | |
42 | * This unique ID is assigned to mysql when the connection is opened and is | |
43 | * available in PHP. | |
44 | * | |
45 | * The intent is that it is available for logging purposes and for triggers. | |
46 | * | |
47 | * The resulting string is 17 characters long. This consists of 13 characters of uniqid | |
48 | * and 4 more random characters. | |
49 | * | |
50 | * Uniqid is unique to the microsecond - to make it more unique we add 4 more characters | |
51 | * but stop short of the full 23 character string that a prefix would generate. | |
52 | * | |
53 | * It is intended that this string will be saved to log tables so striking a balance between | |
54 | * uniqueness and length is important. Note that I did check & lining up with byte values | |
55 | * (e.g 16 characters) does not confer any benefits. Using a CHAR field rather than VARCHAR | |
56 | * may improve speed, if indexed. | |
57 | * | |
58 | * @return string | |
59 | */ | |
60 | public static function id() { | |
61 | if (!isset(\Civi::$statics[__CLASS__]['id'])) { | |
62 | \Civi::$statics[__CLASS__]['id'] = uniqid() . CRM_Utils_String::createRandom(CRM_Utils_String::ALPHANUMERIC, 4); | |
63 | } | |
64 | return \Civi::$statics[__CLASS__]['id']; | |
65 | } | |
66 | ||
6a488035 TO |
67 | /** |
68 | * Retrieve a value from the request (GET/POST/REQUEST) | |
69 | * | |
a3379cc1 AH |
70 | * @param string $name |
71 | * Name of the variable to be retrieved. | |
72 | * @param string $type | |
73 | * Type of the variable (see CRM_Utils_Type for details). | |
74 | * @param object $store | |
75 | * Session scope where variable is stored. | |
76 | * @param bool $abort | |
77 | * TRUE, if the variable is required. | |
78 | * @param mixed $default | |
79 | * Default value of the variable if not present. | |
80 | * @param string $method | |
81 | * Where to look for the variable - 'GET', 'POST' or 'REQUEST'. | |
5e4ccea5 | 82 | * @param bool $isThrowException |
83 | * Should a an exception be thrown rather than a fatal. | |
6a488035 | 84 | * |
a3379cc1 AH |
85 | * @return mixed |
86 | * The value of the variable | |
5e4ccea5 | 87 | * |
88 | * @throws \CRM_Core_Exception | |
6a488035 | 89 | */ |
5e4ccea5 | 90 | public static function retrieve($name, $type, &$store = NULL, $abort = FALSE, $default = NULL, $method = 'REQUEST', $isThrowException = FALSE) { |
6a488035 TO |
91 | |
92 | $value = NULL; | |
93 | switch ($method) { | |
94 | case 'GET': | |
00479d26 | 95 | $value = self::getValue($name, $_GET); |
6a488035 TO |
96 | break; |
97 | ||
98 | case 'POST': | |
00479d26 | 99 | $value = self::getValue($name, $_POST); |
6a488035 TO |
100 | break; |
101 | ||
102 | default: | |
00479d26 | 103 | $value = self::getValue($name, $_REQUEST); |
6a488035 TO |
104 | break; |
105 | } | |
106 | ||
107 | if (isset($value) && | |
108 | (CRM_Utils_Type::validate($value, $type, $abort, $name) === NULL) | |
109 | ) { | |
110 | $value = NULL; | |
111 | } | |
112 | ||
113 | if (!isset($value) && $store) { | |
114 | $value = $store->get($name); | |
115 | } | |
116 | ||
117 | if (!isset($value) && $abort) { | |
5e4ccea5 | 118 | if ($isThrowException) { |
119 | throw new CRM_Core_Exception(ts("Could not find valid value for %1", array(1 => $name))); | |
120 | } | |
6a488035 TO |
121 | CRM_Core_Error::fatal(ts("Could not find valid value for %1", array(1 => $name))); |
122 | } | |
123 | ||
6ad0a621 | 124 | if (!isset($value) && $default) { |
6a488035 TO |
125 | $value = $default; |
126 | } | |
127 | ||
128 | // minor hack for action | |
25cdc89e MWMC |
129 | if ($name == 'action') { |
130 | if (!is_numeric($value) && is_string($value)) { | |
131 | $value = CRM_Core_Action::resolve($value); | |
132 | } | |
6a488035 TO |
133 | } |
134 | ||
135 | if (isset($value) && $store) { | |
136 | $store->set($name, $value); | |
137 | } | |
138 | ||
139 | return $value; | |
140 | } | |
ba56a28f | 141 | |
00479d26 | 142 | /** |
143 | * @param string $name | |
144 | * Name of the variable to be retrieved. | |
145 | * | |
146 | * @param array $method - '$_GET', '$_POST' or '$_REQUEST'. | |
147 | * | |
148 | * @return mixed | |
149 | * The value of the variable | |
150 | */ | |
5e4ccea5 | 151 | protected static function getValue($name, $method) { |
131cc2eb | 152 | if (isset($method[$name])) { |
153 | return $method[$name]; | |
154 | } | |
00479d26 | 155 | // CRM-18384 - decode incorrect keys generated when & is present in url |
156 | foreach ($method as $key => $value) { | |
131cc2eb | 157 | if (strpos($key, 'amp;') !== FALSE) { |
00479d26 | 158 | $method[str_replace('amp;', '', $key)] = $method[$key]; |
131cc2eb | 159 | if (isset($method[$name])) { |
160 | return $method[$name]; | |
161 | } | |
162 | else { | |
163 | continue; | |
164 | } | |
00479d26 | 165 | } |
166 | } | |
131cc2eb | 167 | return NULL; |
00479d26 | 168 | } |
169 | ||
ba56a28f | 170 | /** |
5e4ccea5 | 171 | * @deprecated |
172 | * | |
173 | * We should use a function that checks url values. | |
174 | * | |
ba56a28f TO |
175 | * This is a replacement for $_REQUEST which includes $_GET/$_POST |
176 | * but excludes $_COOKIE / $_ENV / $_SERVER. | |
177 | * | |
ba56a28f | 178 | * @return array |
ba56a28f | 179 | */ |
00be9182 | 180 | public static function exportValues() { |
ba56a28f TO |
181 | // For more discussion of default $_REQUEST handling, see: |
182 | // http://www.php.net/manual/en/reserved.variables.request.php | |
183 | // http://www.php.net/manual/en/ini.core.php#ini.request-order | |
184 | // http://www.php.net/manual/en/ini.core.php#ini.variables-order | |
185 | ||
186 | $result = array(); | |
187 | if ($_GET) { | |
188 | $result = array_merge($result, $_GET); | |
189 | } | |
190 | if ($_POST) { | |
191 | $result = array_merge($result, $_POST); | |
192 | } | |
193 | return $result; | |
194 | } | |
96025800 | 195 | |
5e4ccea5 | 196 | /** |
197 | * Retrieve a variable from the http request. | |
198 | * | |
199 | * @param string $name | |
200 | * Name of the variable to be retrieved. | |
201 | * @param string $type | |
202 | * Type of the variable (see CRM_Utils_Type for details). | |
203 | * Most common options are: | |
204 | * - 'Integer' | |
205 | * - 'Positive' | |
206 | * - 'CommaSeparatedIntegers' | |
207 | * - 'Boolean' | |
208 | * - 'String' | |
209 | * | |
210 | * @param mixed $defaultValue | |
211 | * Default value of the variable if not present. | |
212 | * @param bool $isRequired | |
213 | * Is the variable required for this function to proceed without an exception. | |
214 | * @param string $method | |
215 | * Where to look for the value - GET|POST|REQUEST | |
216 | * | |
217 | * @return mixed | |
218 | */ | |
219 | public static function retrieveValue($name, $type, $defaultValue = NULL, $isRequired = FALSE, $method = 'REQUEST') { | |
220 | $null = NULL; | |
221 | return CRM_Utils_Request::retrieve((string) $name, (string) $type, $null, (bool) $isRequired, $defaultValue, $method, TRUE); | |
222 | } | |
223 | ||
b90552b7 CW |
224 | /** |
225 | * Retrieve the component from the action attribute of a form. | |
226 | * | |
227 | * Contribution Page forms and Event Management forms detect the value of a | |
228 | * component (and therefore the desired tab key) by reaching into the "action" | |
229 | * attribute of a form and reading the final item of the path. In WordPress, | |
230 | * however, the URL may be urlencoded, and so the URL may need to be decoded | |
231 | * before parsing it. | |
232 | * | |
233 | * @see https://lab.civicrm.org/dev/wordpress/issues/12#note_10699 | |
234 | * | |
235 | * @param array $attributes | |
236 | * The form attributes array. | |
237 | * | |
238 | * @return string $value | |
239 | * The desired value. | |
240 | */ | |
241 | public static function retrieveComponent($attributes) { | |
242 | $url = CRM_Utils_Array::value('action', $attributes); | |
243 | // Whilst the following is a fallible universal test for urlencoded URLs, | |
244 | // thankfully the "action" URL has a limited and predictable form and | |
245 | // therefore this comparison is sufficient for our purposes. | |
246 | if (rawurlencode(rawurldecode($url)) !== $url) { | |
247 | $value = strtolower(basename(rawurldecode($url))); | |
248 | } | |
249 | else { | |
250 | $value = strtolower(basename($url)); | |
251 | } | |
252 | return $value; | |
253 | } | |
254 | ||
6a488035 | 255 | } |