public function extractValue($value, $filter = NULL, $isSql = false) { $return = ""; /*- * ist es eine funktion? Erkennt man am OBJ->FUNCT::ARG */ if (preg_match("/^\w+->.+$/", $value) == 1) { /* verwandle es zurück in den Style OBJ::FUNCT::ARG */ $tmpVal = preg_replace("/^(\w+)->(.+)$/", "$1::$2", $value); $arrParts = preg_split("/::/", $tmpVal); switch(strtoupper($arrParts[0])) { case "FORM" : $return = $this->functFromCForm($arrParts); break; case "MODEL" : $return = $this->functFromCModel($arrParts); break; case "USER" : $return = $this->functFromCUser($arrParts); break; case "AUTH" : $return = $this->functFromCAuthentification($arrParts); break; case "PAGE" : $return = $this->functFromCPage($arrParts); break; default : throw new CError(ERROR_PARAM_INVALID, array($arrParts[0], $value)); } } /*- * es ist ein wert. Erkennung: OBJ::ARG1::ARGX */ else { $arrParts = preg_split("/::/", $value); switch ($arrParts[0]) { case "GET" : $return = $this->extrFromCGlob($arrParts); break; case "POST" : $return = $this->extrFromCGlob($arrParts); break; case "TMP" : $return = $this->extrFromCGlob($arrParts); break; case "SESSION" : $return = $this->extrFromCSession($arrParts); break; case "USER" : $return = $this->extrFromCUser($arrParts); break; case "MODEL" : $return = $this->extrFromCModel($arrParts); break; case "FORM" : $return = $this->extrFromCForm($arrParts); break; case "STATIC" : $return = $arrParts[1]; break; case "EVENT" : $return = $this->extrFromCEvent($arrParts); break; case "ACCESS" : $return = $this->extrFromCAccess($arrParts); break; default : throw new CError(ERROR_PARAM_INVALID, array($arrParts[0], $value)); } } /*- * is the value are a SQL statment, make the string sql incet secure */ if (isSql == true) { CSecure::encodeSqlInject($return); } /* if a filter is defined, use it! */ if (isset($filter) == true) { CSecure::filterData($return, $filter); } return $return; }