private function handleResponseAuth() { $FHANDLER = new CoreRequestHandler(array_merge($_GET, $_POST)); // Don't try to auth if one of the vars is missing if (!$FHANDLER->issetAndNotEmpty('_username') || !$FHANDLER->issetAndNotEmpty('_password')) { return null; } if (!$FHANDLER->match('_username', MATCH_USER_NAME) || $FHANDLER->isLongerThan('_username', AUTH_MAX_USERNAME_LENGTH)) { throw new FieldInputError('_username', l('Invalid username.')); } if (!$FHANDLER->issetAndNotEmpty('_password') || $FHANDLER->isLongerThan('_password', AUTH_MAX_PASSWORD_LENGTH)) { throw new FieldInputError('_password', l('Invalid password.')); } $a = array('user' => $FHANDLER->get('_username'), 'password' => $FHANDLER->get('_password')); // It is possible to only request onetime access to prevent getting added // and authentication cookie if (isset($_REQUEST['_onetime'])) { $a['onetime'] = true; } // Remove authentication infos. Hide it from the following code if (isset($_REQUEST['_username'])) { unset($_REQUEST['_username']); } if (isset($_REQUEST['_password'])) { unset($_REQUEST['_password']); } if (isset($_POST['_username'])) { unset($_POST['_username']); } if (isset($_POST['_password'])) { unset($_POST['_password']); } if (isset($_GET['_username'])) { unset($_GET['_username']); } if (isset($_GET['_password'])) { unset($_GET['_password']); } return $a; }
protected function handleResponseModifyObject() { $bValid = true; // Validate the response // Need to listen to POST and GET $aResponse = array_merge($_GET, $_POST); // FIXME: Maybe change all to POST $FHANDLER = new CoreRequestHandler($aResponse); // Check for needed params if ($bValid && !$FHANDLER->isSetAndNotEmpty('map')) { $bValid = false; } if ($bValid && !$FHANDLER->isSetAndNotEmpty('id')) { $bValid = false; } // All fields: Regex check if ($bValid && !$FHANDLER->match('map', MATCH_MAP_NAME)) { $bValid = false; } if ($bValid && $FHANDLER->isSetAndNotEmpty('id') && !$FHANDLER->match('id', MATCH_OBJECTID)) { $bValid = false; } if ($bValid) { $this->verifyMapExists($FHANDLER->get('map')); } // FIXME: Recode to FHANDLER $aOpts = $aResponse; // Remove the parameters which are not options of the object unset($aOpts['act']); unset($aOpts['mod']); unset($aOpts['map']); unset($aOpts['ref']); unset($aOpts['id']); unset($aOpts['lang']); // Also remove all "helper fields" which begin with a _ foreach ($aOpts as $key => $val) { if (strpos($key, '_') === 0) { unset($aOpts[$key]); } } // Store response data if ($bValid === true) { // Return the data return array('map' => $FHANDLER->get('map'), 'id' => $FHANDLER->get('id'), 'refresh' => $FHANDLER->get('ref'), 'opts' => $aOpts); } else { return false; } }