3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
15 * @copyright CiviCRM LLC https://civicrm.org/licensing
19 * Class for managing a http request
21 class CRM_Utils_Request
{
24 * Get a unique ID for the request.
26 * This unique ID is assigned to mysql when the connection is opened and is
29 * The intent is that it is available for logging purposes and for triggers.
31 * The resulting string is 17 characters long. This consists of 13 characters of uniqid
32 * and 4 more random characters.
34 * Uniqid is unique to the microsecond - to make it more unique we add 4 more characters
35 * but stop short of the full 23 character string that a prefix would generate.
37 * It is intended that this string will be saved to log tables so striking a balance between
38 * uniqueness and length is important. Note that I did check & lining up with byte values
39 * (e.g 16 characters) does not confer any benefits. Using a CHAR field rather than VARCHAR
40 * may improve speed, if indexed.
44 public static function id() {
45 if (!isset(\Civi
::$statics[__CLASS__
]['id'])) {
46 \Civi
::$statics[__CLASS__
]['id'] = uniqid() . CRM_Utils_String
::createRandom(CRM_Utils_String
::ALPHANUMERIC
, 4);
48 return \Civi
::$statics[__CLASS__
]['id'];
52 * Retrieve a value from the request (GET/POST/REQUEST)
55 * Name of the variable to be retrieved.
57 * Type of the variable (see CRM_Utils_Type for details).
58 * @param object $store
59 * Session scope where variable is stored.
61 * TRUE, if the variable is required.
62 * @param mixed $default
63 * Default value of the variable if not present.
64 * @param string $method
65 * Where to look for the variable - 'GET', 'POST' or 'REQUEST'.
66 * @param bool $isThrowException
67 * Should a an exception be thrown rather than a fatal.
70 * The value of the variable
72 * @throws \CRM_Core_Exception
74 public static function retrieve($name, $type, &$store = NULL, $abort = FALSE, $default = NULL, $method = 'REQUEST', $isThrowException = TRUE) {
79 $value = self
::getValue($name, $_GET);
83 $value = self
::getValue($name, $_POST);
87 $value = self
::getValue($name, $_REQUEST);
92 $value = CRM_Utils_Type
::validate($value, $type, $abort, $name);
95 if (!isset($value) && $store) {
96 $value = $store->get($name);
99 if (!isset($value) && $abort) {
100 if ($isThrowException) {
101 throw new CRM_Core_Exception(ts("Could not find valid value for %1", [1 => $name]));
103 CRM_Core_Error
::fatal(ts("Could not find valid value for %1", [1 => $name]));
106 if (!isset($value) && $default) {
110 // minor hack for action
111 if ($name == 'action') {
112 if (!is_numeric($value) && is_string($value)) {
113 $value = CRM_Core_Action
::resolve($value);
117 if (isset($value) && $store) {
118 $store->set($name, $value);
125 * @param string $name
126 * Name of the variable to be retrieved.
128 * @param array $method - '$_GET', '$_POST' or '$_REQUEST'.
131 * The value of the variable
133 protected static function getValue($name, $method) {
134 if (isset($method[$name])) {
135 return $method[$name];
137 // CRM-18384 - decode incorrect keys generated when & is present in url
138 foreach ($method as $key => $value) {
139 if (strpos($key, 'amp;') !== FALSE) {
140 $method[str_replace('amp;', '', $key)] = $method[$key];
141 if (isset($method[$name])) {
142 return $method[$name];
155 * We should use a function that checks url values.
157 * This is a replacement for $_REQUEST which includes $_GET/$_POST
158 * but excludes $_COOKIE / $_ENV / $_SERVER.
162 public static function exportValues() {
163 // For more discussion of default $_REQUEST handling, see:
164 // http://www.php.net/manual/en/reserved.variables.request.php
165 // http://www.php.net/manual/en/ini.core.php#ini.request-order
166 // http://www.php.net/manual/en/ini.core.php#ini.variables-order
170 $result = array_merge($result, $_GET);
173 $result = array_merge($result, $_POST);
179 * Retrieve a variable from the http request.
181 * @param string $name
182 * Name of the variable to be retrieved.
183 * @param string $type
184 * Type of the variable (see CRM_Utils_Type for details).
185 * Most common options are:
188 * - 'CommaSeparatedIntegers'
192 * @param mixed $defaultValue
193 * Default value of the variable if not present.
194 * @param bool $isRequired
195 * Is the variable required for this function to proceed without an exception.
196 * @param string $method
197 * Where to look for the value - GET|POST|REQUEST
200 * @throws \CRM_Core_Exception
202 public static function retrieveValue($name, $type, $defaultValue = NULL, $isRequired = FALSE, $method = 'REQUEST') {
204 return CRM_Utils_Request
::retrieve((string) $name, (string) $type, $null, (bool) $isRequired, $defaultValue, $method, TRUE);
208 * Retrieve the component from the action attribute of a form.
210 * Contribution Page forms and Event Management forms detect the value of a
211 * component (and therefore the desired tab key) by reaching into the "action"
212 * attribute of a form and reading the final item of the path. In WordPress,
213 * however, the URL may be urlencoded, and so the URL may need to be decoded
216 * @see https://lab.civicrm.org/dev/wordpress/issues/12#note_10699
218 * @param array $attributes
219 * The form attributes array.
224 public static function retrieveComponent($attributes) {
225 $url = $attributes['action'] ??
NULL;
226 // Whilst the following is a fallible universal test for urlencoded URLs,
227 // thankfully the "action" URL has a limited and predictable form and
228 // therefore this comparison is sufficient for our purposes.
229 if (rawurlencode(rawurldecode($url)) !== $url) {
230 $value = strtolower(basename(rawurldecode($url)));
233 $value = strtolower(basename($url));