/**
* Returns value of parameter stored in POST,GET.
* For security reasons performed oxconfig::checkSpecialChars().
* use $blRaw very carefully if you want to get unescaped
* parameter.
*
* @param string $sName Name of parameter
* @param bool $blRaw Get unescaped parameter
*
* @return mixed
*/
public static function getParameter($sName, $blRaw = false)
{
if (defined('OXID_PHP_UNIT')) {
if (isset(modConfig::$unitMOD) && is_object(modConfig::$unitMOD)) {
try {
$sValue = modConfig::getParameter($sName, $blRaw);
// TODO: remove this after special chars concept implementation
$blIsAdmin = modConfig::getInstance()->isAdmin();
if ($sValue !== null && !$blIsAdmin && (!$blRaw || is_array($blRaw))) {
self::checkSpecialChars($sValue, $blRaw);
}
return $sValue;
} catch (Exception $e) {
// if exception is thrown, use default
}
}
}
$sValue = null;
if (isset($_POST[$sName])) {
$sValue = $_POST[$sName];
} elseif (isset($_GET[$sName])) {
$sValue = $_GET[$sName];
}
// TODO: remove this after special chars concept implementation
$blIsAdmin = oxConfig::getInstance()->isAdmin() && oxSession::getVar("blIsAdmin");
if ($sValue !== null && !$blIsAdmin && (!$blRaw || is_array($blRaw))) {
self::checkSpecialChars($sValue, $blRaw);
}
return $sValue;
}
