function __construct() { self::$data['get'] = magic_quotes($_GET); //get请求过来的数据 self::$data['post'] = magic_quotes($_POST); //post请求过来的数据 self::$data['method'] = $_SERVER['REQUEST_MOTHOD']; //请求的方法 self::$data['debug'] = PI_DEBUG; unset($_POST, $_GET); }
/** * Creates a new request with values from PHP's super globals. * * @return Request A new request * * @api */ public static function createFromGlobals() { $request = new static($_GET, $_POST, array(), $_COOKIE, $_FILES, $_SERVER); if (0 === strpos($request->server->get('CONTENT_TYPE'), 'application/x-www-form-urlencoded') && in_array(strtoupper($request->server->get('REQUEST_METHOD', 'GET')), array('PUT', 'DELETE', 'PATCH'))) { parse_str($request->getContent(), $data); if (magic_quotes()) { $data = array_strip_slashes($data); } $request->request = new ParameterBag($data); } return $request; }
| */ $input = array(); switch (Request::method()) { case 'GET': $input = $_GET; break; case 'POST': $input = $_POST; break; default: if (Request::spoofed()) { $input = $_POST; } else { parse_str(file_get_contents('php://input'), $input); if (magic_quotes()) { $input = array_strip_slashes($input); } } } /* |-------------------------------------------------------------------------- | Remove The Spoofer Input |-------------------------------------------------------------------------- | | The spoofed request method is removed from the input so it is not in | the Input::all() or Input::get() results. Leaving it in the array | could cause unexpected results since the developer won't be | expecting it to be present. | */
function do_checklist_create($name, $template, $roles_users) { $id = $this->create_checklist($name); $template_details = $this->get_template_details($template); foreach ($template_details as $template_row) { $category = magic_quotes($template_row['category']); $description = magic_quotes($template_row['description']); $owner = $roles_users[$template_row['owner']]; $this->save_checklist_row(null, $id, $category, $description, $owner); } $this->redirect('checklist_edit'); }
public static function init() { //Sanitize inputs //.Remove magic quotes if (magic_quotes()) { $magics = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); foreach ($magics as &$magic) { $magic = array_strip_slashes($magic); } } //.Unset globals foreach (array($_GET, $_POST) as $global) { if (is_array($global)) { foreach ($global as $k => $v) { global ${$k}; ${$k} = NULL; } } } //.Clean post input array_map(function ($v) { return Request::clearValue($v); }, $_POST); //Remove /public/index.html from path_info.. foreach (array("PATH_INFO", "ORIG_PATH_INFO", "PATH_TRANSLATED", "PHP_SELF") as $k) { if (isset($_SERVER[$k])) { $_SERVER[$k] = str_replace("/public/index.html", "/", $_SERVER[$k]); } } static::$server = $_SERVER; static::$get = $_GET; static::$post = $_POST; $_GET = null; $_POST = null; $_SERVER = null; $_REQUEST = null; //Detect environment $list = (require J_PATH . "config" . DS . "environments" . EXT); $env = ""; $envWithWildcard = array_first($list); $hosts = array(array_get(static::$server, "HTTP_HOST", "localhost"), array_get(static::$server, "SERVER_NAME", "localhost"), array_get(static::$server, "SERVER_ADDR", "localhost"), gethostname()); foreach ($hosts as $host) { foreach ($list as $k => $v) { foreach ((array) $v as $hostname) { if ($hostname != "" && $hostname == $host) { $env = $k; break; } else { if ($hostname == "*") { $envWithWildcard = $k; } } } if (!empty($env)) { break; } } if (!empty($env)) { break; } } if (empty($env)) { $env = $envWithWildcard; } static::$env = $env; //Detect method $method = strtoupper(array_get(static::$server, "REQUEST_METHOD", "GET")); if ($method == "POST" && static::hasReq("_method")) { $methodReq = static::req("_method", "POST"); if (array_search($methodReq, static::$availableMethods) !== false) { $method = $methodReq; } } static::$method = $method; }