/** * Handle a a set of routes: if a match is found, execute the relating handling function * @param array $routes Collection of route patterns and their handling functions * @param boolean $quitAfterRun Does the handle function need to quit after one route was matched? * @return int The number of routes handled */ private function handle($routes, $quitAfterRun = false) { // Counter to keep track of the number of routes we've handled $numHandled = 0; // The current page URL $uri = $this->getCurrentUri(); // Loop all routes foreach ($routes as $route) { // we have a match! if (preg_match_all('#^' . $route['pattern'] . '$#', $uri, $matches, PREG_OFFSET_CAPTURE)) { // Rework matches to only contain the matches, not the orig string $matches = array_slice($matches, 1); // Extract the matched URL parameters (and only the parameters) $params = array_map(function ($match, $index) use($matches) { // We have a following parameter: take the substring from the current param position until the next one's position (thank you PREG_OFFSET_CAPTURE) if (isset($matches[$index + 1]) && isset($matches[$index + 1][0]) && is_array($matches[$index + 1][0])) { return trim(substr($match[0][0], 0, $matches[$index + 1][0][1] - $match[0][1]), '/'); } else { return isset($match[0][0]) ? trim($match[0][0], '/') : null; } }, $matches, array_keys($matches)); // mysql real escape incomming parameters // SDI Modification $params = \Rhonda\Mysql::real_escape($params); // call the handling middleware function with the URL parameters // SDI Modification if (isset($route['mw'])) { if (!is_array($route['mw'])) { throw new \Exception("Middleware must be an array", 1); } foreach ($route['mw'] as $middleware) { call_user_func_array($middleware, $params); } } // call the handling function with the URL parameters call_user_func_array($route['fn'], $params); // yay! $numHandled++; // If we need to quit, then quit if ($quitAfterRun) { break; } } } // Return the number of routes handled return $numHandled; }
private function deep_escape($dirty) { return \Rhonda\Mysql::real_escape($dirty); }
"host": "192.168.99.100" , "database": "core_elguapo" , "port": "3306" , "user": "******" , "password": "******" } } }'); \Rhonda\Config::load_object('DB', $object); echo \Rhonda\Mysql::real_escape("that's all folks"); $object = new \stdClass(); $object->obj = "it's fo sho"; $object->obj2 = "escape's this one too"; $array = array("ray" => "it's escaping arrays", "ray2" => "escape's this one too"); echo "<pre>" . print_r(\Rhonda\Mysql::real_escape($object), true) . "</pre>"; echo "<pre>" . print_r(\Rhonda\Mysql::real_escape($array), true) . "</pre>"; echo "</br>Convert 'TRUE' to string: " . \Rhonda\Mysql::bool_to_string('TRUE'); echo "</br>Convert 'FALSE' to string: " . \Rhonda\Mysql::bool_to_string('FALSE'); echo "</br>Convert 'true' to string: " . \Rhonda\Mysql::bool_to_string('true'); echo "</br>Convert 'false' to string: " . \Rhonda\Mysql::bool_to_string('false'); echo "</br>Convert '0' to string: " . \Rhonda\Mysql::bool_to_string('0'); echo "</br>Convert '1' to string: " . \Rhonda\Mysql::bool_to_string('1'); echo "</br>Convert 'asdfghq' to string: " . \Rhonda\Mysql::bool_to_string('asdfhg'); echo "</br>Convert '' to string: " . \Rhonda\Mysql::bool_to_string(''); echo "</br>Convert '01' to string: " . \Rhonda\Mysql::bool_to_string('01'); echo "</br>Convert '10' to string: " . \Rhonda\Mysql::bool_to_string('10'); echo "</br>Convert NULL to string: " . \Rhonda\Mysql::bool_to_string(NULL); echo "</br>Convert -1 to string: " . \Rhonda\Mysql::bool_to_string(-1); echo "</br>Convert 0 to string: " . \Rhonda\Mysql::bool_to_string(0); echo "</br>Convert 1 to string: " . \Rhonda\Mysql::bool_to_string(1); echo "</br>Convert 2 to string: " . \Rhonda\Mysql::bool_to_string(2);