/** * Parse FORM encoded data */ private function _parseForm() { if (!empty($this->boundary)) { $chunks = @preg_split('/[\\-]+' . $this->boundary . '(\\-\\-)?/', $this->input, -1, PREG_SPLIT_NO_EMPTY); $request = array(); $files = array(); $nd = 0; $nf = 0; if (is_array($chunks)) { foreach ($chunks as $index => $chunk) { $chunk = ltrim($chunk, "-\r\n\t\\s "); $lines = explode("\r\n", $chunk); $levels = ''; $name = ''; $file = ''; $type = ''; $value = ''; $path = ''; $copy = false; // skip empty chunks if (empty($chunk) || empty($lines)) { continue; } // extract name/filename if (strpos($lines[0], 'Content-Disposition') !== false) { $line = $this->_line(array_shift($lines)); $name = Utils::getValue(@$line['name'], '', true); $file = Utils::getValue(@$line['filename'], '', true); } // extract content-type if (strpos($lines[0], 'Content-Type') !== false) { $line = $this->_line(array_shift($lines)); $type = Utils::getValue(@$line['content'], '', true); } // rebuild value $value = trim(implode("\r\n", $lines)); // FILES data if (!empty($type)) { // check if file extension is in skip list if (in_array(Sanitize::toExtension($file), $this->skip)) { continue; } // move file data to temporary file on server if (!empty($value)) { $path = str_replace('\\', '/', sys_get_temp_dir() . '/php' . substr(sha1(rand()), 0, 6)); $copy = file_put_contents($path, $value); } // extract multi-level array structure from the property name if (preg_match('/(\\[.*?\\])$/', $name, $tmp)) { $name = str_replace($tmp[1], '', $name); $levels = preg_replace('/\\[\\]/', '[' . $nf . ']', $tmp[1]); } // build final array keys to be parsed $files[$name . '[name]' . $levels] = $file; $files[$name . '[type]' . $levels] = $type; $files[$name . '[tmp_name]' . $levels] = $path; $files[$name . '[error]' . $levels] = !empty($copy) ? 0 : UPLOAD_ERR_NO_FILE; $files[$name . '[size]' . $levels] = !empty($copy) ? filesize($path) : 0; $nf++; } else { $name = preg_replace('/\\[\\]/', '[' . $nd . ']', $name); $request[$name] = $value; $nd++; } } // finalize arrays $_REQUEST = array_merge($_GET, $this->_data($request)); $_FILES = $this->_data($files); return true; } } return false; }