public function xss_in_merged_url_test() { Router::$current_uri = "foo/<xss>/bar"; Router::$complete_uri = "foo/<xss>/bar?foo=bar"; $_GET = array("foo" => "bar"); $this->assert_same("foo/<xss>/bar?foo=bar", url::merge(array())); $this->assert_same("foo/<xss>/bar?foo=bar&a=b", url::merge(array("a" => "b"))); }
public static function init() { // find URI $uri = self::uri(); // remove query string from URI if (($query = strpos($uri, '?')) !== FALSE) { // split URI on question mark list($uri, $query) = explode('?', $uri, 2); // parse the query string into $_GET if using CLI // warning: converts spaces and dots to underscores if (PHP_SAPI === 'cli') { parse_str($query, $_GET); } } // store requested URI on first run only if (self::$current_uri === NULL) { self::$current_uri = trim($uri, '/'); } // matches a defined route $matched = FALSE; // match URI against route foreach (self::$routes as $route => $callback) { // trim slashes $route = trim($route, '/'); $callback = trim($callback, '/'); if (preg_match('#^' . $route . '$#u', self::$current_uri)) { if (strpos($callback, '$') !== FALSE) { // use regex routing self::$routed_uri = preg_replace('#^' . $route . '$#u', $callback, self::$current_uri); } else { // standard routing self::$routed_uri = $callback; } // valid route has been found $matched = TRUE; break; } } // no route matches found, use actual uri if (!$matched) { self::$routed_uri = self::$current_uri; } // use default route if requesting / if (empty(self::$routed_uri)) { self::$routed_uri = self::$routes['_default']; } // decipher controller/method $segments = explode('/', self::$routed_uri); // controller is first segment self::$controller = $segments[0]; // use default method if none specified self::$method = isset($segments[1]) ? $segments[1] : self::$method; // remaining arguments self::$arguments = array_slice($segments, 2); // instatiate controller self::execute(); }
public static function find_uri() { parent::find_uri(); if (preg_match('~^[a-z]{2}(?=/|$)~i', Router::$current_uri, $matches) and isset($matches[0])) { $lang = strtolower($matches[0]); if (array_key_exists($lang, Kohana::config('locale.languages'))) { Router::$language = $lang; Router::$current_uri = substr(Router::$current_uri, 3); } } }
/** * Add the chroot path at the begining of the requested URI */ static function parse_url() { if (user_chroot::album()) { if (Router::$controller == 'albums' && Router::$current_uri == '') { // Root album requested Router::$controller = null; Router::$current_uri = trim(user_chroot::album()->relative_url() . '/' . Router::$current_uri, '/'); } else { if (is_null(Router::$controller) && Router::$current_uri != '') { // Non-root album requested Router::$current_uri = trim(user_chroot::album()->relative_url() . '/' . Router::$current_uri, '/'); } } } return parent::parse_url(); }
protected function setUp() { // Save config $this->kohana_config['core.url_suffix'] = Kohana_Config::instance()->get('core.url_suffix'); // Save Server API $this->kohana_server_api = Kohana::$server_api; // Save Router members $this->router_vars = array('complete_uri' => Router::$complete_uri, 'controller' => Router::$controller, 'current_uri' => Router::$current_uri, 'query_string' => Router::$query_string, 'rsegments' => Router::$rsegments, 'routed_uri' => Router::$routed_uri, 'segments' => Router::$segments, 'url_suffix' => Router::$url_suffix); // Reset Router members Router::$complete_uri = ''; Router::$controller = NULL; Router::$current_uri = ''; Router::$query_string = ''; Router::$rsegments = NULL; Router::$routed_uri = ''; Router::$segments = NULL; Router::$url_suffix = ''; }
/** * Instantiates the specified controller, optionally replacing $_GET and $_POST contents before calling the component constructor. * \note The original $_GET and $_POST array are restored as soon as the component is instantiated. * @param $controller The name of the controller class to be instantiated, lowercase, without the "Controller_" prefix. * @param $get The array that should replace $_GET. * @param $post The array that should replace $_POST. * @return A new Component object. */ public static function factory($controller, $get = null, $post = null) { // Backup router state $old_router = array(); $old_router['current_route'] = Router::$current_route; $old_router['current_uri'] = Router::$current_uri; $old_router['query_string'] = Router::$query_string; $old_router['complete_uri'] = Router::$complete_uri; $old_router['controller'] = Router::$controller; $old_router['method'] = Router::$method; $old_router['arguments'] = Router::$arguments; // The following three variables could be determined by running Router code and passing an url, but: // 1) The performance penalty would be high // 1) It's not a good idea for a controller to alter its behaviour depending on them, anyway //Router::$current_route = ''; //Router::$current_uri = ''; //Router::$complete_uri = ''; Router::$controller = $controller; // We don't know these yet Router::$method = ''; Router::$arguments = array(); // If get or post parameters are passed, alter $_GET, $_POST and Router::$query_string accordingly // NOTE: Should we alter $_SERVER['QUERY_STRING'] too? if ($get !== null) { $old_get = $_GET; $_GET = $get; Router::$query_string = '?' . http_build_query($get); } if ($post !== null) { $old_post = $_POST; $_POST = $post; } // If class is not defined already, load controller file $controller_class = 'Controller_' . ucfirst($controller); if (!class_exists($controller_class, false)) { $controller_file = str_replace('_', '/', strtolower($controller_class)); // If the component file doesn't exist, fire exception $filepath = Kohana::find_file('classes', $controller_file, true); // Include the Controller file require_once $filepath; } // Run system.pre_controller Event::run('dispatch.pre_controller'); // Initialize the controller $controller_instance = new $controller_class(); // Run system.post_controller_constructor Event::run('dispatch.post_controller_constructor'); // Revert $_GET and $_POST changes if ($get !== null) { $_GET = $old_get; } if ($post !== null) { $_POST = $old_post; } // Revert Router state Router::$current_route = $old_router['current_route']; Router::$current_uri = $old_router['current_uri']; Router::$query_string = $old_router['query_string']; Router::$complete_uri = $old_router['complete_uri']; Router::$controller = $old_router['controller']; Router::$method = $old_router['method']; Router::$arguments = $old_router['arguments']; return new Component($controller_instance, $controller, $old_router); }
/** * Attempts to determine the current URI using CLI, GET, PATH_INFO, ORIG_PATH_INFO, or PHP_SELF. * * @return void */ public static function find_uri() { if (PHP_SAPI === 'cli') { // Command line requires a bit of hacking if (isset($_SERVER['argv'][1])) { Router::$current_uri = $_SERVER['argv'][1]; // Remove GET string from segments if (($query = strpos(Router::$current_uri, '?')) !== FALSE) { list(Router::$current_uri, $query) = explode('?', Router::$current_uri, 2); // Parse the query string into $_GET parse_str($query, $_GET); // Convert $_GET to UTF-8 $_GET = utf8::clean($_GET); } } } elseif (isset($_GET['kohana_uri'])) { // Use the URI defined in the query string Router::$current_uri = $_GET['kohana_uri']; // Remove the URI from $_GET unset($_GET['kohana_uri']); // Remove the URI from $_SERVER['QUERY_STRING'] $_SERVER['QUERY_STRING'] = preg_replace('~\\bkohana_uri\\b[^&]*+&?~', '', $_SERVER['QUERY_STRING']); } elseif (isset($_SERVER['PATH_INFO']) and $_SERVER['PATH_INFO']) { Router::$current_uri = $_SERVER['PATH_INFO']; } elseif (isset($_SERVER['ORIG_PATH_INFO']) and $_SERVER['ORIG_PATH_INFO']) { Router::$current_uri = $_SERVER['ORIG_PATH_INFO']; } elseif (isset($_SERVER['PHP_SELF']) and $_SERVER['PHP_SELF']) { Router::$current_uri = $_SERVER['PHP_SELF']; } // The front controller directory and filename $fc = substr(realpath($_SERVER['SCRIPT_FILENAME']), strlen(DOCROOT)); if (($strpos_fc = strpos(Router::$current_uri, $fc)) !== FALSE) { // Remove the front controller from the current uri Router::$current_uri = substr(Router::$current_uri, $strpos_fc + strlen($fc)); } // Remove slashes from the start and end of the URI Router::$current_uri = trim(Router::$current_uri, '/'); if (Router::$current_uri !== '') { if ($suffix = Kohana::config('core.url_suffix') and strpos(Router::$current_uri, $suffix) !== FALSE) { // Remove the URL suffix Router::$current_uri = preg_replace('#' . preg_quote($suffix) . '$#u', '', Router::$current_uri); // Set the URL suffix Router::$url_suffix = $suffix; } // Reduce multiple slashes into single slashes Router::$current_uri = preg_replace('#//+#', '/', Router::$current_uri); } }
/** * Attempts to determine the current URI using CLI, GET, PATH_INFO, ORIG_PATH_INFO, or PHP_SELF. * * @return void */ public static function find_uri() { if (Kohana::$server_api === 'cli') { // Command line requires a bit of hacking if (isset($_SERVER['argv'][1])) { Router::$current_uri = $_SERVER['argv'][1]; // Remove GET string from segments if (strpos(Router::$current_uri, '?') !== FALSE) { list(Router::$current_uri, $query) = explode('?', Router::$current_uri, 2); // Parse the query string into $_GET parse_str($query, $_GET); // Convert $_GET to UTF-8 $_GET = Input::clean($_GET); } } } elseif (isset($_GET['kohana_uri'])) { // Use the URI defined in the query string Router::$current_uri = $_GET['kohana_uri']; // Remove the URI from $_GET unset($_GET['kohana_uri']); // Remove the URI from $_SERVER['QUERY_STRING'] $_SERVER['QUERY_STRING'] = preg_replace('~\\bkohana_uri\\b[^&]*+&?~', '', $_SERVER['QUERY_STRING']); } else { if (isset($_SERVER['PATH_INFO']) and $_SERVER['PATH_INFO']) { Router::$current_uri = $_SERVER['PATH_INFO']; } elseif (isset($_SERVER['ORIG_PATH_INFO']) and $_SERVER['ORIG_PATH_INFO']) { Router::$current_uri = $_SERVER['ORIG_PATH_INFO']; } elseif (isset($_SERVER['PHP_SELF']) and $_SERVER['PHP_SELF']) { // PATH_INFO is empty during requests to the front controller Router::$current_uri = $_SERVER['PHP_SELF']; } if (isset($_SERVER['SCRIPT_NAME']) and $_SERVER['SCRIPT_NAME']) { // Clean up PATH_INFO fallbacks // PATH_INFO may be formatted for ISAPI instead of CGI on IIS if (strncmp(Router::$current_uri, $_SERVER['SCRIPT_NAME'], strlen($_SERVER['SCRIPT_NAME'])) === 0) { // Remove the front controller from the current uri Router::$current_uri = (string) substr(Router::$current_uri, strlen($_SERVER['SCRIPT_NAME'])); } } } // Remove slashes from the start and end of the URI Router::$current_uri = trim(Router::$current_uri, '/'); if (Router::$current_uri !== '') { if ($suffix = Kohana::config('core.url_suffix') and strpos(Router::$current_uri, $suffix) !== FALSE) { // Remove the URL suffix Router::$current_uri = preg_replace('#' . preg_quote($suffix) . '$#u', '', Router::$current_uri); // Set the URL suffix Router::$url_suffix = $suffix; } // Reduce multiple slashes into single slashes Router::$current_uri = preg_replace('#//+#', '/', Router::$current_uri); } }
public static function new_route() { if (strpos(Router::$current_uri, 'admin') === 0) { return; } $cache_name = 'route_' . Router::$language . '_' . str_replace('/', '_', Router::$current_uri); if (($cache = Cache::instance()->get($cache_name)) === NULL) { $uri = explode('/', Router::$current_uri); $tree = ORM::factory('page')->find_all(); // stop of we dont have pages if (count($tree) == 0) { return; } // load first page if uri is empty if (empty(Router::$current_uri)) { $page = $tree->current(); // redirect the home page if ($page->type == 'redirect' and !empty($page->target)) { $redirect = ORM::factory('page', $page->target); if ($redirect->loaded) { url::redirect($redirect->uri()); } } Router::$current_id = (int) $page->id; Router::$current_uri = 'page/index/' . $page->id; return; } $pages = array(); foreach ($tree as $row) { if ($row->level == 0) { continue; } $pages[$row->level][] = array('id' => $row->id, 'uri' => $row->uri, 'type' => $row->type, 'target' => $row->target); } $id = NULL; $routed_uri = array(); $routed_arguments = array(); $load_module = FALSE; $found = FALSE; $uri_size = count($uri); $pages_size = count($pages); for ($level = 1; $level <= $uri_size; $level++) { if ($level > $pages_size) { $routed_arguments[] = $uri[$level - 1]; continue; } if ($load_module !== FALSE) { $routed_arguments[] = $uri[$level - 1]; } foreach ($pages[$level] as $page) { if ($page['uri'] == $uri[$level - 1] or $page['target'] == $uri[$level - 1]) { $found = TRUE; $id = $page['id']; $routed_uri[] = $page['uri']; // check, if we have to load a controller if (!empty($page['target'])) { $load_module = $page['target']; } continue 2; } } } Router::$current_id = (int) $id; Router::$current_arguments = implode('/', $routed_arguments); $cache = array('current_id' => Router::$current_id, 'current_arguments' => Router::$current_arguments, 'found' => $found, 'load_module' => $load_module, 'routed_uri' => $routed_uri); // set cache Cache::instance()->set($cache_name, $cache, array('route')); } else { Router::$current_id = $cache['current_id']; Router::$current_arguments = $cache['current_arguments']; $found = $cache['found']; $load_module = $cache['load_module']; $routed_uri = $cache['routed_uri']; } if ($found) { if ($load_module) { Kohana::config_set('routes.' . implode('/', $routed_uri) . '(/.*)?', $load_module . '/' . Router::$current_arguments); return; } Router::$current_uri = 'page/index/' . Router::$current_id; } }
/** * Attempts to determine the current URI using CLI, GET, PATH_INFO, ORIG_PATH_INFO, or PHP_SELF. * @return bool * @throws Exception_Exido */ public static function getUri() { // Debug log if (Exido::$log_debug) { Exido::$log->add('EXIDO_DEBUG_LOG', 'Determine current URI'); } Helper::load('input'); // Trying to detect the URI if (inputServer('PATH_INFO')) { self::$current_uri = inputServer('PATH_INFO'); } elseif (inputServer('ORIG_PATH_INFO')) { self::$current_uri = inputServer('ORIG_PATH_INFO'); } elseif (inputServer('REQUEST_URI')) { self::$current_uri = inputServer('REQUEST_URI'); } else { throw new Exception_Exido(__("Can't detect URI")); } // Remove slashes from the start and end of the URI self::$current_uri = trim(self::$current_uri, '/'); if (self::$current_uri !== '') { if ($suffix = Exido::config('global.core.url_suffix') and strpos(self::$current_uri, $suffix) !== false) { // Remove the URL suffix self::$current_uri = preg_replace('#' . preg_quote($suffix) . '$#u', '', self::$current_uri); // Set the URL suffix self::$url_suffix = $suffix; } // Find index file name if ($indexfile = Exido::config('global.core.index_file') and $indexpos = strpos(self::$current_uri, $indexfile) and $indexpos !== false) { // Remove the index file name self::$current_uri = substr(self::$current_uri, 0, $indexpos); } // Reduce multiple slashes into single slashes self::$current_uri = preg_replace('#//+#', '/', self::$current_uri); } return true; }
/** * Modify routing and direct /json to /json/share */ public static function routing() { if (Router::$current_uri == 'json/index' or Router::$current_uri == 'json/cluster' or Router::$current_uri == 'json') { Router::$current_uri = str_replace('json', 'json/share', Router::$current_uri); } }