public function testExpects() { //$ff = new FortissimoHarness(self::config); $cmd = new SimpleCommandTest('test'); $expectations = $cmd->expects(); $params = $expectations->params(); $this->assertEquals(4, count($params), 'Command has four arguments'); // Since params should be in order, we can shift them off the top: $testString = array_shift($params); $this->assertEquals('testString', $testString->getName()); $this->assertEquals('A test string', $testString->getDescription()); $testNumeric = array_shift($params); $this->assertEquals('testNumeric', $testNumeric->getName()); // Count filters: $filters = $testNumeric->getFilters(); $this->assertEquals(1, count($filters)); $this->assertEquals('float', $filters[0]['type']); $this->assertNull($filters[0]['options']); // Manually execute a filter: $this->assertEquals(7.5, filter_var(7.5, filter_id($filters[0]['type']), NULL)); // Test a failed filter: $this->assertFalse(filter_var('matt', filter_id($filters[0]['type']), NULL), 'String is not a float.'); // Test callbacks $testNumeric2 = array_shift($params); $filters = $testNumeric2->getFilters(); $this->assertEquals('callback', $filters[0]['type']); $this->assertTrue($filters[0]['options']['options'][0] instanceof SimpleValidatorTest, 'Option callback is a SimpleValidatorTest'); $this->assertEquals(7, filter_var(3.5, FILTER_CALLBACK, $filters[0]['options'])); }
/** * Lists all filters available with the filter extension. */ public function doListFilters() { $list = filter_list(); foreach ($list as $filter) { echo filter_id($filter), ": {$filter}<br />\n"; } }
private function parseInputFromData($useOverride) { $this->allElementsValid = true; foreach ($this->definition as $elementName => $inputElement) { $hasVariable = isset($this->inputData[$elementName]) || $useOverride == true && isset($_GET[$elementName]); if (!$hasVariable) { if ($inputElement->type === ezcInputFormDefinitionElement::REQUIRED) { throw new ezcInputFormVariableMissingException($elementName); } else { $this->properties[$elementName] = ezcInputForm::INVALID; $this->allElementsValid = false; continue; } } if ($useOverride == true && isset($_GET[$elementName])) { $flags = FILTER_NULL_ON_FAILURE | $inputElement->flags; $value = filter_var(isset($_GET[$elementName]) ? $_GET[$elementName] : null, filter_id($inputElement->filterName), array('options' => $inputElement->options, 'flags' => $flags)); } else { $flags = FILTER_NULL_ON_FAILURE | $inputElement->flags; $value = filter_var($this->inputData[$elementName], filter_id($inputElement->filterName), array('options' => $inputElement->options, 'flags' => $flags)); } if ($value !== null) { $this->properties[$elementName] = ezcInputForm::VALID; $this->propertyValues[$elementName] = $value; } else { $this->properties[$elementName] = ezcInputForm::INVALID; $this->allElementsValid = false; } } }
/** * Gets all possible filter types * * @return array */ static function getRegisteredFilters() { if (empty(self::$filtersTypes)) { foreach (filter_list() as $filter_name) { self::$filtersTypes[filter_id($filter_name)] = $filter_name; } } return self::$filtersTypes; }
/** * Generates a unique file name in given path * * @param string $str * @param string $path * * @return string */ function generator_file(string $str, string $path) : string { $parts = explode('.', $str); $ext = array_pop($parts); $str = filter_id(implode('-', $parts)); if (file_exists($path . '/' . $str . '.' . $ext)) { $str .= '-'; for ($i = 1; file_exists($path . '/' . $str . $i . '.' . $ext); $i++) { } $str .= $i; } return $str . '.' . $ext; }
/** * @param string $name * @param int $filter * @param array|null $options * @return mixed */ public function get($name, $filter = FILTER_DEFAULT, $options = null) { if (is_string($filter)) { $filter = filter_id($filter); } if ($this->data !== null) { if (array_key_exists($name, $this->data)) { $value = filter_var($this->data[$name], $filter, $options); } else { $value = $this->optionFlags($options) & FILTER_NULL_ON_FAILURE ? false : null; } } else { $value = filter_input($this->type, $name, $filter, $options); } return $value; }
public function __construct($reqArgs, Array $sieve) { $valueArr = array_merge($_GET, $_POST, $reqArgs); foreach ($valueArr as $k => $v) { if (isset($sieve[$k])) { $this->_gpVars[$k]['value'] = filter_var($valueArr[$k], filter_id($sieve[$k])); $this->_gpVars[$k]['sieved'] = true; } $this->_gpVars[$k]['value'] = $v; unset($sieve[$k]); } if (0 !== count(array_keys($sieve))) { throw new \Exception("Expected params were not given."); } }
/** * 使用filter_var方式验证 * @access protected * @param mixed $value 字段值 * @param mixed $rule 验证规则 * @return bool */ protected function filter($value, $rule) { if (is_string($rule) && strpos($rule, ',')) { list($rule, $param) = explode(',', $rule); } elseif (is_array($rule)) { $param = isset($rule[1]) ? $rule[1] : null; } else { $param = null; } return false !== filter_var($value, is_int($rule) ? $rule : filter_id($rule), $param); }
public function filterPHP($options) { if (!count($options)) { throw new \RuntimeException('Missing mandatory option: filter name'); } $name = $options[0]; return function (&$field) use($name) { if ($field !== '') { $filtered = filter_var($field, filter_id($name)); if ($filtered === FALSE) { return FALSE; } $field = $filtered; } return TRUE; }; }
/** * 递归过滤给定的值 * @param mixed $value 键值 * @param mixed $key 键名 * @param array $filters 过滤方法+默认值 * @return mixed */ private static function filter(&$value, $key, $filters) { // 分离出默认值 $default = array_pop($filters); foreach ($filters as $filter) { if (is_callable($filter)) { // 调用函数过滤 $value = call_user_func($filter, $value); } else { $begin = substr($filter, 0, 1); if (in_array($begin, ['/', '#', '~']) && $begin == ($end = substr($filter, -1))) { // 正则过滤 if (!preg_match($filter, $value)) { // 匹配不成功返回默认值 $value = $default; break; } } else { // filter函数不存在时, 则使用filter_var进行过滤 // filter为非整形值时, 调用filter_id取得过滤id $value = filter_var($value, is_int($filter) ? $filter : filter_id($filter)); if (false === $value) { // 不通过过滤器则返回默认值 $value = $default; break; } } } } self::filterExp($value); }
/** * 获取系统变量 支持过滤和默认值 * @access public * * @param $name * @param $input * @param $filter * @param $default * * @return mixed * @internal param string $method 输入数据类型 * @internal param array $args 参数 [key,filter,default] */ private static function getData($name, $input, $filter, $default) { if (strpos($name, '/')) { // 指定修饰符 list($name, $type) = explode('/', $name, 2); } else { // 默认强制转换为字符串 $type = 's'; } $filters = isset($filter) ? $filter : self::$filter; if ('' == $name) { // 获取全部变量 $data = $input; if ($filters) { if (is_string($filters)) { $filters = explode(',', $filters); } foreach ($filters as $filter) { $data = self::filter($filter, $data); // 参数过滤 } } } elseif (isset($input[$name])) { // 取值操作 $data = $input[$name]; if ($filters) { if (is_string($filters)) { if (0 === strpos($filters, '/')) { if (1 !== preg_match($filters, (string) $data)) { // 支持正则验证 return $default; } } else { $filters = explode(',', $filters); } } elseif (is_int($filters)) { $filters = [$filters]; } if (is_array($filters)) { foreach ($filters as $filter) { if (function_exists($filter)) { $data = is_array($data) ? self::filter($filter, $data) : $filter($data); // 参数过滤 } else { $data = filter_var($data, is_int($filter) ? $filter : filter_id($filter)); if (false === $data) { return $default; } } } } } if (!empty($type)) { switch (strtolower($type)) { case 'a': // 数组 $data = (array) $data; break; case 'd': // 数字 $data = (int) $data; break; case 'f': // 浮点 $data = (double) $data; break; case 'b': // 布尔 $data = (bool) $data; break; case 's': // 字符串 // 字符串 default: $data = (string) $data; } } } else { // 变量默认值 $data = $default; } is_array($data) && array_walk_recursive($data, 'self::filterExp'); return $data; }
/** * @param mixed $value * @param array $spec * @return boolean */ protected function applyFilter($value, $spec) { $result = true; $filter = $spec['filter']; // if (is_callable($filter)) { $result = $filter($value, $this->filterOptions($spec)); } elseif (is_numeric($filter)) { $result = filter_var($value, $filter, $this->filterOptions($spec)); } elseif (is_string($filter)) { $id = filter_id($filter); if ($id === false) { $result = false; $spec['message'] = "Unknown filter '{$filter}'"; } else { $result = filter_var($value, $id, $this->filterOptions($spec)); } } else { $result = false; } return $result; }
/** * 获取输入参数 支持过滤和默认值 * 使用方法: * <code> * I('id',0); 获取id参数 自动判断get或者post * I('post.name','','htmlspecialchars'); 获取$_POST['name'] * I('get.'); 获取$_GET * </code> * @param string $name 变量的名称 支持指定类型 * @param mixed $default 不存在的时候默认值 * @param mixed $filter 参数过滤方法 * @param mixed $datas 要获取的额外数据源 * @return mixed */ function I($name, $default = '', $filter = null, $datas = null) { if (strpos($name, '.')) { // 指定参数来源 list($method, $name) = explode('.', $name, 2); } else { // 默认为自动判断 $method = 'param'; } switch (strtolower($method)) { case 'get': $input =& $_GET; break; case 'post': $input =& $_POST; break; case 'put': parse_str(file_get_contents('php://input'), $input); break; case 'param': switch ($_SERVER['REQUEST_METHOD']) { case 'POST': $input = $_POST; break; case 'PUT': parse_str(file_get_contents('php://input'), $input); break; default: $input = $_GET; } break; case 'path': $input = array(); if (!empty($_SERVER['PATH_INFO'])) { $depr = C('URL_PATHINFO_DEPR'); $input = explode($depr, trim($_SERVER['PATH_INFO'], $depr)); } break; case 'request': $input =& $_REQUEST; break; case 'session': $input =& $_SESSION; break; case 'cookie': $input =& $_COOKIE; break; case 'server': $input =& $_SERVER; break; case 'globals': $input =& $GLOBALS; break; case 'data': $input =& $datas; break; default: return NULL; } if ('' == $name) { // 获取全部变量 $data = $input; array_walk_recursive($data, 'filter_exp'); $filters = isset($filter) ? $filter : C('DEFAULT_FILTER'); if ($filters) { if (is_string($filters)) { $filters = explode(',', $filters); } foreach ($filters as $filter) { $data = array_map_recursive($filter, $data); // 参数过滤 } } } elseif (isset($input[$name])) { // 取值操作 $data = $input[$name]; is_array($data) && array_walk_recursive($data, 'filter_exp'); $filters = isset($filter) ? $filter : C('DEFAULT_FILTER'); if ($filters) { if (is_string($filters)) { $filters = explode(',', $filters); } elseif (is_int($filters)) { $filters = array($filters); } foreach ($filters as $filter) { if (function_exists($filter)) { $data = is_array($data) ? array_map_recursive($filter, $data) : $filter($data); // 参数过滤 } else { $data = filter_var($data, is_int($filter) ? $filter : filter_id($filter)); if (false === $data) { return isset($default) ? $default : NULL; } } } } } else { // 变量默认值 $data = isset($default) ? $default : NULL; } return $data; }
/** * Filters a value according to filter, filter_id and options * * @param mixed $value * @param mixed $filter * @param int $filterId * @param mixed $options * @return mixed */ protected function filterValue($value, $filter, $filterId, $options) { if (!$filter && !$filterId) { return $value; } if (null === $filterId && is_string($filter)) { $filterId = is_string($filter) ? filter_id($filter) : null; } if ($filterId) { if (null === $options) { $value = filter_var($value, $filterId); } else { $value = filter_var($value, $filterId, array('options' => $options)); } } elseif (is_callable($filter)) { $value = call_user_func($filter, $value); } return $value; }
public function id(string $filterName) : int { return filter_id($filterName); }
/** * 验证数据 支持 in between equal length regex expire ip_allow ip_deny * @access public * @param string $value 验证数据 * @param mixed $rule 验证表达式 * @param string $type 验证方式 默认为正则验证 * @return boolean */ public function check($value, $rule, $type = 'regex') { $type = strtolower(trim($type)); switch ($type) { case 'in': // 验证是否在某个指定范围之内 逗号分隔字符串或者数组 // 验证是否在某个指定范围之内 逗号分隔字符串或者数组 case 'notin': $range = is_array($rule) ? $rule : explode(',', $rule); return 'in' == $type ? in_array($value, $range) : !in_array($value, $range); case 'between': // 验证是否在某个范围 // 验证是否在某个范围 case 'notbetween': // 验证是否不在某个范围 if (is_array($rule)) { $min = $rule[0]; $max = $rule[1]; } else { list($min, $max) = explode(',', $rule); } return 'between' == $type ? $value >= $min && $value <= $max : $value < $min || $value > $max; case 'equal': // 验证是否等于某个值 // 验证是否等于某个值 case 'notequal': // 验证是否等于某个值 return 'equal' == $type ? $value == $rule : $value != $rule; case 'length': // 验证长度 $length = mb_strlen($value, 'utf-8'); // 当前数据长度 if (strpos($rule, ',')) { // 长度区间 list($min, $max) = explode(',', $rule); return $length >= $min && $length <= $max; } else { // 指定长度 return $length == $rule; } case 'expire': list($start, $end) = explode(',', $rule); if (!is_numeric($start)) { $start = strtotime($start); } if (!is_numeric($end)) { $end = strtotime($end); } return NOW_TIME >= $start && NOW_TIME <= $end; case 'ip_allow': // IP 操作许可验证 return in_array($_SERVER['REMOTE_ADDR'], explode(',', $rule)); case 'ip_deny': // IP 操作禁止验证 return !in_array($_SERVER['REMOTE_ADDR'], explode(',', $rule)); case 'filter': // 使用filter_var验证 $result = filter_var($value, is_int($rule) ? $rule : filter_id($rule)); return false === $result ? false : true; case 'regex': default: // 默认使用正则验证 可以使用验证类中定义的验证名称 // 检查附加规则 return $this->regex($value, $rule); } }
<?php var_dump(filter_id("stripped")); var_dump(filter_id("string")); var_dump(filter_id("url")); var_dump(filter_id("int")); var_dump(filter_id("none")); var_dump(filter_id(array())); var_dump(filter_id(-1)); var_dump(filter_id(0, 0, 0)); echo "Done\n";
/** * 获取输入参数 支持过滤和默认值 * 使用方法: * <code> * I('id',0); 获取id参数 自动判断get或者post * I('post.name','','htmlspecialchars'); 获取$_POST['name'] * I('get.'); 获取$_GET * </code> * @param string $name 变量的名称 支持指定类型 * @param mixed $default 不存在的时候默认值 * @param mixed $filter 参数过滤方法 * @return mixed */ function I($name = null, $default = '', $filter = null) { $touch =& get_instance(); if (strpos($name, '.')) { // 指定参数来源 list($method, $name) = explode('.', $name, 2); } else { // 默认为自动判断 $method = 'param'; } $path_info = $touch->uri->ruri_to_assoc(); $_GET = array_merge($_GET, $path_info); switch (strtolower($method)) { case 'get': $input =& $_GET; break; case 'post': $input =& $_POST; break; case 'put': parse_str(file_get_contents('php://input'), $input); break; case 'param': switch ($_SERVER['REQUEST_METHOD']) { case 'POST': $input = $_POST; break; case 'PUT': parse_str(file_get_contents('php://input'), $input); break; default: $input = $_GET; } break; case 'request': $input =& $_REQUEST; break; case 'session': $input =& $_SESSION; break; case 'cookie': $input =& $_COOKIE; break; case 'server': $input =& $_SERVER; break; case 'globals': $input =& $GLOBALS; break; default: return NULL; } if (empty($name)) { // 获取全部变量 $data = $input; $filters = isset($filter) ? $filter : 'htmlspecialchars'; if ($filters) { $filters = explode(',', $filters); foreach ($filters as $filter) { $data = array_map($filter, $data); // 参数过滤 } } } elseif (isset($input[$name])) { // 取值操作 $data = $input[$name]; $filters = isset($filter) ? $filter : 'htmlspecialchars'; if ($filters) { $filters = explode(',', $filters); foreach ($filters as $filter) { if (function_exists($filter)) { $data = is_array($data) ? array_map_recursive($filter, $data) : $filter($data); // 参数过滤 } else { $data = filter_var($data, is_int($filter) ? $filter : filter_id($filter)); if (false === $data) { return isset($default) ? $default : NULL; } } } } } else { // 变量默认值 $data = isset($default) ? $default : NULL; } is_array($data) && array_walk_recursive($data, 'touch_filter'); return $data; }
/** * 使用filter_var方式验证 * @access public * @param mixed $value 字段值 * @param mixed $rule 验证规则 * @param array $params 参数 * @return bool */ public static function filter($value, $rule, $params = []) { return false !== filter_var($value, is_int($rule) ? $rule : filter_id($rule), $params); }
public function id($filterName = '') { if (!is_string($filterName)) { return Error::set('Error', 'stringParameter', '1.(filterName)'); } return filter_id($filterName); }
/** * 递归过滤给定的值 * @param mixed $value 键值 * @param mixed $key 键名 * @param array $filters 过滤方法+默认值 * @return mixed */ private function filterValue(&$value, $key, $filters) { $default = array_pop($filters); foreach ($filters as $filter) { if (is_callable($filter)) { // 调用函数或者方法过滤 $value = call_user_func($filter, $value); } elseif (is_scalar($value)) { if (strpos($filter, '/')) { // 正则过滤 if (!preg_match($filter, $value)) { // 匹配不成功返回默认值 $value = $default; break; } } elseif (!empty($filter)) { // filter函数不存在时, 则使用filter_var进行过滤 // filter为非整形值时, 调用filter_id取得过滤id $value = filter_var($value, is_int($filter) ? $filter : filter_id($filter)); if (false === $value) { $value = $default; break; } } } } return $this->filterExp($value); }
/** * 验证字段规则 * @access public * @param mixed $value 字段值 * @param mixed $val 验证规则 * @param array $data 数据 * @return string|true */ protected function checkValidate($value, $val, &$data) { $rule = $val[0]; $msg = $val[1]; $type = isset($val[2]) ? $val[2] : 'regex'; $options = isset($val[3]) ? $val[3] : []; if ($rule instanceof \Closure) { $type = 'callback'; } switch ($type) { case 'callback': array_unshift($options, $value); $result = call_user_func_array($rule, $options); break; case 'behavior': // 行为验证 $result = Hook::exec($rule, '', $data); break; case 'filter': // 使用filter_var验证 $result = filter_var($value, is_int($rule) ? $rule : filter_id($rule), $options); break; case 'confirm': $result = $value == $data[$rule]; break; case 'in': case 'notin': $range = is_array($rule) ? $rule : explode(',', $rule); $result = 'in' == $type ? in_array($value, $range) : !in_array($value, $range); break; case 'between': // 验证是否在某个范围 // 验证是否在某个范围 case 'notbetween': // 验证是否不在某个范围 if (is_string($rule)) { $rule = explode(',', $rule); } list($min, $max) = $rule; $result = 'between' == $type ? $value >= $min && $value <= $max : $value < $min || $value > $max; break; case 'regex': default: if (isset($this->rule[$rule])) { $rule = $this->rule[$rule]; } $result = 1 === preg_match('/^' . $rule . '$/', (string) $value); break; } // 验证失败返回错误信息 return is_array($result) || true === $result ? $result : $msg; }
function I($name, $default = '', $filter = null) { if (strpos($name, '.')) { list($method, $name) = explode('.', $name, 2); } else { $method = 'param'; } switch (strtolower($method)) { case 'get': $input =& $_GET; break; case 'post': $input =& $_POST; break; case 'put': parse_str(file_get_contents('php://input'), $input); break; case 'param': switch ($_SERVER['REQUEST_METHOD']) { case 'POST': $input = $_POST; break; case 'PUT': parse_str(file_get_contents('php://input'), $input); break; default: $input = $_GET; } if (C('VAR_URL_PARAMS') && isset($_GET[C('VAR_URL_PARAMS')])) { $input = array_merge($input, $_GET[C('VAR_URL_PARAMS')]); } break; case 'request': $input =& $_REQUEST; break; case 'session': $input =& $_SESSION; break; case 'cookie': $input =& $_COOKIE; break; case 'server': $input =& $_SERVER; break; case 'globals': $input =& $GLOBALS; break; default: return NULL; } if (C('VAR_FILTERS')) { $_filters = explode(',', C('VAR_FILTERS')); foreach ($_filters as $_filter) { array_walk_recursive($input, $_filter); } } if (empty($name)) { $data = $input; $filters = isset($filter) ? $filter : C('DEFAULT_FILTER'); if ($filters) { $filters = explode(',', $filters); foreach ($filters as $filter) { $data = array_map($filter, $data); } } } elseif (isset($input[$name])) { $data = $input[$name]; $filters = isset($filter) ? $filter : C('DEFAULT_FILTER'); if ($filters) { $filters = explode(',', $filters); foreach ($filters as $filter) { if (function_exists($filter)) { $data = is_array($data) ? array_map($filter, $data) : $filter($data); } else { $data = filter_var($data, is_int($filter) ? $filter : filter_id($filter)); if (false === $data) { return isset($default) ? $default : NULL; } } } } } else { $data = isset($default) ? $default : NULL; } return $data; }
/** * 获取系统变量 支持过滤和默认值 * @param $name * @param $input * @param $filter * @param $default * @return mixed */ public static function getData($name, $input, $filter = '', $default = null) { // 解析name list($name, $type) = static::parseName($name); // 解析过滤器 $filters = static::parseFilters($filter); // 解析值 if ('' === $name) { // 过滤所有输入 $data = $input; // 对数组应用过滤器 foreach ($filters as $filter) { $data = self::filter($filter, $data); } // 递归过滤表达式 array_walk_recursive($data, 'self::filterExp'); // 返回结果 return $data; } elseif (isset($input[$name])) { // 过滤name指定的输入 $data = $input[$name]; } else { // 无输入数据, 下面直接返回默认值 return $default; } // 强制类型转换 $data = static::typeCast($data, $type); // 正则过滤 $regex = static::regexFilter($data, $filter); if (false === $regex) { // 过滤器是正则表达式, 但数据无匹配 // 返回默认值 $data = $default; } elseif (!is_null($regex)) { // 数据合法,对结果进行强类型转换 $data = static::typeCast($regex, $type); } else { // 假如值为数组 if (is_array($data)) { // 递归过滤表达式 array_walk_recursive($data, 'self::filterExp'); } foreach ($filters as $filter) { if (is_callable($filter)) { $data = is_array($data) ? self::filter($filter, $data) : call_user_func($filter, $data); // 参数过滤 } else { // filter函数不存在时, 则使用filter_var进行过滤 // filter为非整形值时, 调用filter_id取得过滤id $data = filter_var($data, is_int($filter) ? $filter : filter_id($filter)); if (false === $data) { // 不通过过滤器则返回默认值 return $default; } } } } return $data; }
/** * 过滤数组参数 * @param array $value * @param mixed $filter * @return mixed */ private static function filterArr($value, $filter = null) { $filters = isset($filter) ? $filter : self::$FILTER; if ($filters) { if (is_array($filters)) { return filter_var_array($value, $filter); } if (is_string($filters)) { if (strpos($filters, ',')) { $filters = explode(',', $filters); } else { $filters = [$filters]; } } elseif (is_int($filters)) { $filters = [$filters]; } if (is_array($filters)) { foreach ($filters as $filter) { if (function_exists($filter)) { $value = is_array($value) ? array_map_recursive($filter, $value) : $filter($value); // 参数过滤 } else { if (is_int($filter)) { $filter = isset(self::$_defaultFilters[$filter]) ? $filter : null; } else { $filter = filter_id($filter) ?: null; } $value = filter_var($value, $filter); } } } } return $value; }
/** * Request::__construct() * * @param mixed $config * @param mixed $ip * @return */ public function __construct($config, $ip) { if (isset($config['allowed_html_tags']) and is_array($config['allowed_html_tags'])) { $this->disabletags = array_diff($this->disabletags, $config['allowed_html_tags']); } if (isset($config['allow_request_mods']) and !empty($config['allow_request_mods'])) { if (!is_array($config['allow_request_mods'])) { $config['allow_request_mods'] = array($config['allow_request_mods']); } $this->allow_request_mods = array_intersect($this->allow_request_mods, $config['allow_request_mods']); } if (isset($config['request_default_mode']) and !empty($config['request_default_mode']) and in_array($config['request_default_mode'], $this->allow_request_mods)) { $this->request_default_mode = $config['request_default_mode']; } if (isset($config['cookie_secure']) and !empty($config['cookie_secure'])) { $this->secure = true; } if (isset($config['cookie_httponly']) and !empty($config['cookie_httponly'])) { $this->httponly = true; } if (isset($config['cookie_prefix']) and !empty($config['cookie_prefix'])) { $this->cookie_prefix = preg_replace('/[^a-zA-Z0-9\\_]+/', '', $config['cookie_prefix']); } if (isset($config['session_prefix']) and !empty($config['session_prefix'])) { $this->session_prefix = preg_replace('/[^a-zA-Z0-9\\_]+/', '', $config['session_prefix']); } if (isset($config['sitekey']) and !empty($config['sitekey'])) { $this->cookie_key = $config['sitekey']; } if (!empty($config['str_referer_blocker'])) { $this->str_referer_blocker = true; } $this->engine_allowed = (array) $config['engine_allowed']; if (empty($ip)) { $ip = $_SERVER['REMOTE_ADDR']; } if (preg_match('#^(?:(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])\\.){3}(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])$#', $ip)) { $ip2long = ip2long($ip); } else { if (substr_count($ip, '::')) { $ip = str_replace('::', str_repeat(':0000', 8 - substr_count($ip, ':')) . ':', $ip); } $ip = explode(':', $ip); $r_ip = ''; foreach ($ip as $v) { $r_ip .= str_pad(base_convert($v, 16, 2), 16, 0, STR_PAD_LEFT); } $ip2long = base_convert($r_ip, 2, 10); } if ($ip2long == -1 || $ip2long === false) { trigger_error(Request::INCORRECT_IP, 256); } $this->ip_addr = $ip2long; $this->cookie_key = md5($this->cookie_key); if (ini_get('register_globals') == '1' || strtolower(ini_get('register_globals')) == 'on') { $this->is_register_globals = true; } if (function_exists('get_magic_quotes_gpc')) { if (get_magic_quotes_gpc()) { $this->is_magic_quotes_gpc = true; } } if (extension_loaded('filter') && filter_id(ini_get('filter.default')) !== FILTER_UNSAFE_RAW) { $this->is_filter = true; } $this->Initialize($config['my_domains']); $this->get_cookie_save_path(); $this->sessionStart(); $_REQUEST = array_merge($_POST, array_diff_key($_GET, $_POST)); }
/** * Parses the input according to the definition array. * * @throws ezcInputFormInvalidDefinitionException when one of the required * input variables is missing or when the input source was invalid. */ private function parseInput() { $this->allElementsValid = true; if (!in_array($this->inputSource, array(INPUT_GET, INPUT_POST, INPUT_COOKIE))) { throw new ezcInputFormWrongInputSourceException($this->inputSource); } foreach ($this->definition as $elementName => $inputElement) { $hasVariable = filter_has_var($this->inputSource, $elementName); if (!$hasVariable) { if ($inputElement->type === ezcInputFormDefinitionElement::REQUIRED) { throw new ezcInputFormVariableMissingException($elementName); } else { $this->properties[$elementName] = ezcInputForm::INVALID; $this->allElementsValid = false; continue; } } $flags = FILTER_NULL_ON_FAILURE | $inputElement->flags; $value = filter_input($this->inputSource, $elementName, filter_id($inputElement->filterName), array('options' => $inputElement->options, 'flags' => $flags)); if ($value !== null) { $this->properties[$elementName] = ezcInputForm::VALID; $this->propertyValues[$elementName] = $value; } else { $this->properties[$elementName] = ezcInputForm::INVALID; $this->allElementsValid = false; } } }
$_POST[$key] = input_get(INPUT_POST, $key, FILTER_UNSAFE_RAW); } foreach ($_GET as $key => $value) { $_GET[$key] = input_get(INPUT_GET, $key, FILTER_UNSAFE_RAW); } foreach ($_COOKIE as $key => $value) { $_COOKIE[$key] = input_get(INPUT_COOKIE, $key, FILTER_UNSAFE_RAW); } // NOT YET IMPLEMENTED IN PHP: /* foreach ($_SESSION as $key => $value) { $_SESSION[$key] = input_get(INPUT_SESSION, $key, FILTER_UNSAFE_RAW); } */ } if (extension_loaded('filter') && function_exists('filter_id') && function_exists('filter_input') && filter_id(ini_get('filter.default')) !== FILTER_UNSAFE_RAW) { foreach ($_POST as $key => $value) { $_POST[$key] = filter_input(INPUT_POST, $key, FILTER_UNSAFE_RAW); } foreach ($_GET as $key => $value) { $_GET[$key] = filter_input(INPUT_GET, $key, FILTER_UNSAFE_RAW); } foreach ($_COOKIE as $key => $value) { $_COOKIE[$key] = filter_input(INPUT_COOKIE, $key, FILTER_UNSAFE_RAW); } // NOT YET IMPLEMENTED IN PHP: /* foreach ($_SESSION as $key => $value) { $_SESSION[$key] = filter_input(INPUT_SESSION, $key, FILTER_UNSAFE_RAW); } */
/** * 获取输入参数 支持过滤和默认值 * 使用方法: * <code> * I('id',0); 获取id参数 自动判断get或者post * I('post.name','','htmlspecialchars'); 获取$_POST['name'] * I('get.'); 获取$_GET * </code> * @param string $name 变量的名称 支持指定类型 * @param mixed $default 不存在的时候默认值 * @param mixed $filter 参数过滤方法 * @param mixed $datas 要获取的额外数据源 * @return mixed */ function I($name, $default = '', $filter = null, $datas = null) { if (strpos($name, '/')) { // 指定修饰符 list($name, $type) = explode('/', $name, 2); } elseif (C('VAR_AUTO_STRING')) { // 默认强制转换为字符串 $type = 's'; } if (strpos($name, '.')) { // 指定参数来源 list($method, $name) = explode('.', $name, 2); } else { // 默认为自动判断 $method = 'param'; } switch (strtolower($method)) { case 'get': $input =& $_GET; break; case 'post': $input =& $_POST; break; case 'put': parse_str(file_get_contents('php://input'), $input); break; case 'param': switch ($_SERVER['REQUEST_METHOD']) { case 'POST': $input = $_POST; break; case 'PUT': parse_str(file_get_contents('php://input'), $input); break; default: $input = $_GET; } break; case 'path': $input = array(); if (!empty($_SERVER['PATH_INFO'])) { $depr = C('URL_PATHINFO_DEPR'); $input = explode($depr, trim($_SERVER['PATH_INFO'], $depr)); } break; case 'request': $input =& $_REQUEST; break; case 'session': $input =& $_SESSION; break; case 'cookie': $input =& $_COOKIE; break; case 'server': $input =& $_SERVER; break; case 'globals': $input =& $GLOBALS; break; case 'data': $input =& $datas; break; default: return NULL; } if ('' == $name) { // 获取全部变量 $data = $input; $filters = isset($filter) ? $filter : C('DEFAULT_FILTER'); if ($filters) { if (is_string($filters)) { $filters = explode(',', $filters); } foreach ($filters as $filter) { $data = array_map_recursive($filter, $data); // 参数过滤 } } } elseif (isset($input[$name])) { // 取值操作 $data = $input[$name]; $filters = isset($filter) ? $filter : C('DEFAULT_FILTER'); if ($filters) { if (is_string($filters)) { $filters = explode(',', $filters); } elseif (is_int($filters)) { $filters = array($filters); } foreach ($filters as $filter) { if (function_exists($filter)) { $data = is_array($data) ? array_map_recursive($filter, $data) : $filter($data); // 参数过滤 } elseif (0 === strpos($filter, '/')) { // 支持正则验证 if (1 !== preg_match($filter, (string) $data)) { return isset($default) ? $default : NULL; } } else { $data = filter_var($data, is_int($filter) ? $filter : filter_id($filter)); if (false === $data) { return isset($default) ? $default : NULL; } } } } if (!empty($type)) { switch (strtolower($type)) { case 'a': // 数组 $data = (array) $data; break; case 'd': // 数字 $data = (int) $data; break; case 'f': // 浮点 $data = (double) $data; break; case 'b': // 布尔 $data = (bool) $data; break; case 's': // 字符串 // 字符串 default: $data = (string) $data; } } } else { // 变量默认值 $data = isset($default) ? $default : NULL; } is_array($data) && array_walk_recursive($data, 'think_filter'); return $data; }
/** * 过滤器 * @method filter * @param [string] &$input [输入参数] * @param [mixed] &$index [description] * @param [mixed] &$export [description] * @param [mixed] $filter [过滤条件] * @return [bool] [description] * @author NewFuture */ private static function filter(&$input, &$index, &$export, $filter) { if (isset($input[$index])) { $export = $input[$index]; switch (gettype($filter)) { case 'NULL': case NULL: //无需过滤 return true; case 'int': //整型常量 //整型常量 case 'integer': /*系统过滤函数*/ return $export = filter_var($export, $filter); case 'object': /*匿名回调函数*/ $r = $filter($export); return $r ? $export = $r : false; case 'string': //字符串 if (strlen($filter) < 1) { return $export; } elseif ($filter[0] == '/') { /*正则表达式验证*/ return preg_match($filter, $export); } elseif (function_exists($filter)) { /*已经定义的函数*/ $r = $filter($export); //返回值不是true型的进行赋值(过滤),否则进行验证 return $r ? is_bool($r) or $export = $r : ($export = $r); } elseif (method_exists('Parse\\Filter', $filter)) { /*过滤器过滤*/ return (bool) ($export = call_user_func_array(array('Parse\\Filter', $filter), [$export])); } elseif (method_exists('Validate', $filter)) { /*Validate方法验证*/ return call_user_func_array(array('Validate', $filter), [$export]); } elseif ($filterid = filter_id($filter)) { /*系统过滤函数*/ return $export = filter_var($export, $filterid); } elseif ($regex = (string) Config::get('regex.' . $filter)) { /*尝试配置正则*/ return preg_match($regex, $export); } //继续往下走 //继续往下走 default: if (Config::get('isdebug')) { throw new Exception('未知过滤方法' . $filter); } return false; } } else { /*不存在*/ return null; } }