/** * Extract value of tags from * query string and turn into array * runs value of Request through urldecode because * unicode tags would be percent-encoded in the url * * @param string $unasweredSortSection flag indicated that request is for * unanswered tagged items not just tagged items. * If a string is passed it's a value of the COND_TAGGED in the URI_PARTS section in !config.ini * This would mean that * structure of the uri is in the form of {_UNANSWERED_}/{_COND_TAGGED_}/all+tags+here * * @return array of tags passed in query string */ protected function getTags($unasweredSortSection = null) { if (empty($this->aTags)) { $cname = $this->Router->getCalledControllerName(); if ($unasweredSortSection) { $cname .= '/' . $unasweredSortSection; } $cname = \preg_quote($cname, '/'); /** * And now a workaround * for the genocidal RewriteRule bug * that obliterates the urlencoded chars * during the rewrite * so instead we must work directly * with $_SERVER['REQUEST_URI'] * $_SERVER['REQUEST_URI'] is consistently * the same on Apache and on Lighttpd when * php is run as fastcgi * The rewrite on Lighttpd does not have * this genocidal bug, but for consistency * we still working with $_SERVER['REQUEST_URI'] * regardless of the server */ if (!empty($_SERVER) && !empty($_SERVER['REQUEST_URI'])) { /** * Must use regex because REQUEST_URI * may contain also a pageID after the last / * so must extract part from * between /tagged/ and next / * * $r is something like this: /tagged/tag%2B%2B/ */ $r = $_SERVER['REQUEST_URI']; $m = \preg_match('/\\/' . $cname . '\\/([^\\/]+)([\\/]{0,1})/i', $r, $matches); d('matches: ' . \json_encode($matches)); if ($matches && !empty($matches[1])) { $tags = $matches[1]; d('tags: ' . $tags); $this->tags = \urldecode($tags); } } else { /** * That's hopefully is OK * because Apache always has REQUEST_URI * and if it's not available here * then hopefully this is not an Apache server * and it's possible the rewrite worked without this bug */ d('no REQUEST_URI available'); $tags = $this->Request['tags']; $this->tags = \urldecode($tags); } $this->rawTags = $this->tags; /** * Important step to prevent * script or html injection in url GET string * Cannot use htmlspecialchars because we don't want to * also encode the & * */ $this->tags = \str_replace(array('<', '>'), array('<', '>'), $this->tags); $this->title = $this->tags; if (empty($this->tags)) { return array(); } /** * $this->tags are now urldecoded * If this does not work well them try * to use $tags instead */ $Utf8Tags = Utf8String::stringFactory($this->tags); /** * @todo the this->tags now have htmlspecialchars * which may not be what we want in this->aTags * We probably want this->aTags to be raw tags just like * they were submitted in request. * */ $this->aTags = TagsTokenizer::factory($Utf8Tags)->getArrayCopy(); d('aTags: ' . \json_encode($this->aTags)); } return $this->aTags; }
protected function main() { $this->aSubmitted = TagsTokenizer::factory($this->Request->getUTF8('tags'))->getArrayCopy(); d('$this->aSubmitted: ' . print_r($this->aSubmitted, 1)); $this->validateSubmitted()->getQuestion()->checkPermission()->checkForChanges()->removeOldTags()->updateQuestion()->addNewTags()->postEvent()->returnResult(); }