/** * Gets the full collection of arguments from the request * * @param array $route The route description for this request * @return array */ protected function getRequestArgs($route) { // This loads the path variables in, so that on the /Accounts/abcd, $module is set to Accounts, and $id is set to abcd $pathVars = $this->request->getPathVars($route); $getVars = $this->request->getQueryVars(); if (!empty($getVars)) { // This has some get arguments, let's parse those in if (!empty($route['jsonParams'])) { foreach ($route['jsonParams'] as $fieldName) { if (isset($getVars[$fieldName]) && !empty($getVars[$fieldName]) && is_string($getVars[$fieldName]) && isset($getVars[$fieldName][0]) && ($getVars[$fieldName][0] == '{' || $getVars[$fieldName][0] == '[')) { // This may be JSON data $jsonData = @json_decode($getVars[$fieldName], true, 32); if (json_last_error() !== 0) { // Bad JSON data, throw an exception instead of trying to process it throw new SugarApiExceptionInvalidParameter(); } // Need to dig through this array and make sure all of the elements in here are safe $getVars[$fieldName] = $jsonData; } } } } $postVars = array(); if (isset($route['rawPostContents']) && $route['rawPostContents']) { // This route wants the raw post contents // We just ignore it here, the function itself has to know how to deal with the raw post contents // this will mostly be used for binary file uploads. } else { if (!empty($_POST)) { // They have normal post arguments $postVars = $_POST; } else { $postContents = $this->request->getPostContents(); if (!empty($postContents)) { // This looks like the post contents are JSON // Note: If we want to support rest based XML, we will need to change this $postVars = @json_decode($postContents, true, 32); if (json_last_error() !== 0) { // Bad JSON data, throw an exception instead of trying to process it throw new SugarApiExceptionInvalidParameter(); } } } } // I know this looks a little weird, overriding post vars with get vars, but // in the case of REST, get vars are fairly uncommon and pretty explicit, where // the posted document is probably the output of a generated form. return array_merge($postVars, $getVars, $pathVars); }