|
1
|
|
|
<?php |
|
|
|
|
|
|
2
|
|
|
|
|
3
|
|
|
ar_pinp::allow( 'ar_http'); |
|
4
|
|
|
ar_pinp::allow( 'ar_httpClientStream' ); |
|
5
|
|
|
|
|
6
|
|
|
/* |
|
7
|
|
|
* prevent mess detector from warning for the private static fields |
|
8
|
|
|
* @SuppressWarnings(PHPMD.UnusedPrivateField) |
|
9
|
|
|
*/ |
|
10
|
|
|
class ar_http extends arBase { |
|
11
|
|
|
|
|
12
|
|
|
private static $_GET, $_POST, $_REQUEST, $_SERVER, $_COOKIE; //needed to make __get() work |
|
|
|
|
|
|
13
|
|
|
public static $tainting = true; |
|
14
|
|
|
|
|
15
|
|
|
public function __get($var) { |
|
16
|
|
|
switch ($var) { |
|
17
|
|
|
case '_GET' : |
|
|
|
|
|
|
18
|
|
|
return $this->getvar( null, 'GET'); |
|
19
|
|
|
break; |
|
20
|
|
|
case '_POST' : |
|
|
|
|
|
|
21
|
|
|
return $this->getvar( null, 'POST'); |
|
22
|
|
|
break; |
|
23
|
|
|
case '_REQUEST' : |
|
|
|
|
|
|
24
|
|
|
return $this->getvar(); |
|
25
|
|
|
break; |
|
26
|
|
|
case '_SERVER' : |
|
|
|
|
|
|
27
|
|
|
return $this->getvar( null, 'SERVER'); |
|
28
|
|
|
break; |
|
29
|
|
|
case '_COOKIE' : |
|
|
|
|
|
|
30
|
|
|
return $this->getvar( null, 'COOKIE'); |
|
31
|
|
|
break; |
|
32
|
|
|
case 'tainting' : |
|
|
|
|
|
|
33
|
|
|
return self::$tainting; |
|
34
|
|
|
break; |
|
35
|
|
|
} |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
public function __set( $var, $value ) { |
|
39
|
|
|
if ($var=='tainting') { |
|
40
|
|
|
self::$tainting = (bool) $value; |
|
41
|
|
|
} |
|
42
|
|
|
} |
|
43
|
|
|
|
|
44
|
24 |
|
public static function getvar( $name = null, $method = null) { |
|
|
|
|
|
|
45
|
|
|
/* |
|
46
|
|
|
The full list of field-name characters that PHP converts to _ (underscore) is the following (not just dot): |
|
47
|
|
|
|
|
48
|
|
|
chr(32) ( ) (space) |
|
49
|
|
|
chr(46) (.) (dot) |
|
50
|
|
|
chr(91) ([) (open square bracket) |
|
51
|
|
|
chr(128) - chr(159) (various) |
|
52
|
|
|
PHP irreversibly modifies field names containing these characters in an attempt to maintain compatibility with the deprecated register_globals feature. |
|
53
|
|
|
*/ |
|
54
|
24 |
|
$name = preg_replace("/[ \.\[\x80-\x9f]/", "_", $name); |
|
55
|
|
|
|
|
56
|
|
|
switch($method) { |
|
57
|
24 |
|
case 'GET' : |
|
|
|
|
|
|
58
|
|
|
$result = isset($name) ? $_GET[$name] : $_GET; |
|
59
|
|
|
break; |
|
60
|
24 |
|
case 'POST' : |
|
|
|
|
|
|
61
|
|
|
$result = isset($name) ? $_POST[$name] : $_POST; |
|
62
|
|
|
break; |
|
63
|
24 |
|
case 'COOKIE' : |
|
|
|
|
|
|
64
|
|
|
$result = isset($name) ? $_COOKIE[$name] : $_COOKIE; |
|
65
|
|
|
break; |
|
66
|
24 |
|
case 'SERVER' : |
|
|
|
|
|
|
67
|
|
|
$result = isset($name) ? $_SERVER[$name] : $_SERVER; |
|
68
|
|
|
break; |
|
69
|
24 |
|
default : |
|
|
|
|
|
|
70
|
24 |
|
$result = !isset($name) ? $_REQUEST : |
|
71
|
24 |
|
( isset($_POST[$name]) ? $_POST[$name] : $_GET[$name] ); |
|
72
|
24 |
|
break; |
|
73
|
24 |
|
} |
|
74
|
24 |
|
if (self::$tainting) { |
|
75
|
24 |
|
ar::taint( $result ); |
|
76
|
24 |
|
} |
|
77
|
24 |
|
return $result; |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
public static function request( $method = null, $url = null, $postdata = null, $options = array() ) { |
|
81
|
|
|
$client = new ar_httpClientStream(); //$method, $url, $postdata, $port); |
|
|
|
|
|
|
82
|
|
|
return $client->send( $method, $url, $postdata, $options ); |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
public static function client( $options = array() ) { |
|
86
|
|
|
return new ar_httpClientStream( $options ); |
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
public static function configure( $option, $value ) { |
|
90
|
|
|
switch ( $option ) { |
|
91
|
|
|
case 'tainting' : |
|
|
|
|
|
|
92
|
|
|
self::$tainting = $value; |
|
93
|
|
|
break; |
|
94
|
|
|
} |
|
95
|
|
|
} |
|
96
|
|
|
|
|
97
|
|
|
public static function header( $header ) { |
|
98
|
|
|
return ar_http_headers::header( $header ); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
public static function get( $url, $request = null, $options = array() ) { |
|
102
|
|
|
return self::request( 'GET', $url, $request, $options); |
|
103
|
|
|
} |
|
104
|
|
|
|
|
105
|
|
|
public static function post( $url, $request = null, $options = array() ) { |
|
106
|
|
|
return self::request( 'POST', $url, $request, $options); |
|
107
|
|
|
} |
|
108
|
|
|
|
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
interface ar_httpClient { |
|
|
|
|
|
|
112
|
|
|
|
|
113
|
|
|
public function get( $url, $request = null, $options = array() ); |
|
114
|
|
|
|
|
115
|
|
|
public function post( $url, $request = null, $options = array() ); |
|
116
|
|
|
|
|
117
|
|
|
public function put( $url, $request = null, $options = array() ); |
|
118
|
|
|
|
|
119
|
|
|
public function delete( $url, $request = null, $options = array() ); |
|
120
|
|
|
|
|
121
|
|
|
public function send( $type, $url, $request = null, $options = array() ); |
|
122
|
|
|
|
|
123
|
|
|
public function headers( $headers ); |
|
124
|
|
|
|
|
125
|
|
|
} |
|
126
|
|
|
|
|
127
|
|
|
class ar_httpClientStream extends arBase implements ar_httpClient { |
|
|
|
|
|
|
128
|
|
|
|
|
129
|
|
|
private $options = array(); |
|
130
|
|
|
|
|
131
|
|
|
public $responseHeaders = null; |
|
132
|
|
|
|
|
133
|
|
|
/* FIXME: function not used, is it still relevant? |
|
|
|
|
|
|
134
|
|
|
private function parseRequestURL( $url ) { |
|
135
|
|
|
$request = explode( '?', (string) $url ); |
|
136
|
|
|
if ( isset($request[1]) ) { |
|
137
|
|
|
return $request[1]; |
|
138
|
|
|
} else { |
|
139
|
|
|
return null; |
|
140
|
|
|
} |
|
141
|
|
|
} |
|
142
|
|
|
*/ |
|
143
|
|
|
|
|
144
|
|
|
private function compileRequest( array $request ) { |
|
145
|
|
|
$result = ""; |
|
146
|
|
|
foreach ( $request as $key => $value ) { |
|
147
|
|
|
if ( !is_integer( $key ) ) { |
|
148
|
|
|
$result .= urlencode($key) . "=" . urlencode($value) . "&"; |
|
149
|
|
|
} |
|
150
|
|
|
} |
|
151
|
|
|
return substr( $result, 0, -1); |
|
152
|
|
|
} |
|
153
|
|
|
|
|
154
|
|
|
private function mergeOptions( ) { |
|
155
|
|
|
$args = func_get_args(); |
|
156
|
|
|
array_unshift( $args, $this->options ); |
|
157
|
|
|
return call_user_func_array( 'array_merge', $args ); |
|
158
|
|
|
} |
|
159
|
|
|
|
|
160
|
|
|
public function send( $type, $url, $request = null, $options = array() ) { |
|
161
|
|
|
if ( is_array( $request ) ) { |
|
162
|
|
|
$request = $this->compileRequest( $request ); |
|
163
|
|
|
} |
|
164
|
|
|
$options = $this->mergeOptions( array( |
|
165
|
|
|
'method' => $type, |
|
166
|
|
|
'content' => $request |
|
167
|
|
|
), $options ); |
|
168
|
|
|
|
|
169
|
|
|
if ( $options['method'] == 'GET' && $options['content'] ) { |
|
170
|
|
|
if ( strpos( $url, '?' ) === false ) { |
|
171
|
|
|
$url = $url . '?' . $options['content']; |
|
172
|
|
|
} else { |
|
173
|
|
|
$url = $url . '&' . $options['content']; |
|
174
|
|
|
} |
|
175
|
|
|
$options['content'] = ''; |
|
176
|
|
|
} |
|
177
|
|
|
$context = stream_context_create( array( 'http' => $options ) ); |
|
178
|
|
|
$result = @file_get_contents( (string) $url, false, $context ); |
|
179
|
|
|
|
|
180
|
|
|
$this->responseHeaders = $http_response_header; //magic php variable set by file_get_contents. |
|
181
|
|
|
if (is_array($this->responseHeaders) && isset($this->responseHeaders[0])) { |
|
182
|
|
|
$statusLine = explode(" ", $this->responseHeaders[0]); |
|
183
|
|
|
$this->statusCode = $statusLine[1]; |
|
|
|
|
|
|
184
|
|
|
} |
|
185
|
|
|
|
|
186
|
|
|
$this->requestHeaders = $options['header']; |
|
|
|
|
|
|
187
|
|
|
return $result; |
|
188
|
|
|
} |
|
189
|
|
|
|
|
190
|
|
|
public function __construct( $options = array() ) { |
|
191
|
|
|
$this->options = $options; |
|
192
|
|
|
} |
|
193
|
|
|
|
|
194
|
|
|
public function get( $url, $request = null, $options = array() ) { |
|
195
|
|
|
return $this->send( 'GET', $url, $request, $options ); |
|
196
|
|
|
} |
|
197
|
|
|
|
|
198
|
|
|
public function post( $url, $request = null, $options = array() ) { |
|
199
|
|
|
return $this->send( 'POST', $url, $request, $options ); |
|
200
|
|
|
} |
|
201
|
|
|
|
|
202
|
|
|
public function put( $url, $request = null, $options = array() ) { |
|
203
|
|
|
return $this->send( 'PUT', $url, $request, $options ); |
|
204
|
|
|
} |
|
205
|
|
|
|
|
206
|
|
|
public function delete( $url, $request = null, $options = array() ) { |
|
207
|
|
|
return $this->send( 'DELETE', $url, $request, $options ); |
|
208
|
|
|
} |
|
209
|
|
|
|
|
210
|
|
|
public function headers( $headers ) { |
|
211
|
|
|
if (is_array($headers)) { |
|
212
|
|
|
$headers = join("\r\n", $headers); |
|
213
|
|
|
} |
|
214
|
|
|
$this->options['header'] = $this->options['headers'].$headers; |
|
215
|
|
|
return $this; |
|
216
|
|
|
} |
|
217
|
|
|
} |
|
218
|
|
|
|
Ariadne-CMS /
ariadne
Loading history...
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.