/**
* Return a variable value of a given name and check it for a given dataType
*
* @param string $varType : the variable type to get between var, request, session
* @param string $name : the variable name to get
* @param string $dataType : the type of value to check
* @param mixed $varValue : the var value (optionnal to avoid global problems if vars are declared in previous PHP codes)
* @return mixed : the variable value
* @access public
* @static
*/
static function getVarContent($varType, $name, $dataType, $varValue = '')
{
if (!$name || !$dataType) {
return false;
}
switch ($varType) {
case 'request':
if ($dataType == 'string') {
$dataType = 'safestring';
//Force safestring to avoid XSS
}
$varContent = isset($_REQUEST[$name]) ? $_REQUEST[$name] : null;
break;
case 'session':
$varContent = isset($_SESSION[$name]) ? $_SESSION[$name] : null;
break;
case 'var':
global ${$name};
$varContent = isset(${$name}) && ${$name} !== null ? ${$name} : $varValue;
break;
case 'constant':
$varContent = defined($name) ? constant($name) : null;
break;
case 'server':
$varContent = isset($_SERVER[$name]) ? $_SERVER[$name] : null;
break;
default:
CMS_grandFather::raiseError('Unknown var type to get : ' . $varType);
return false;
break;
}
//pr('Vartype : '.$varType.' - Name : '.$name.' - Datatype : '.$dataType.' - Content : '.$varContent);
switch ($dataType) {
case 'int':
return (int) $varContent;
break;
case 'date':
case 'datetime':
case 'localisedDate':
if ($varContent) {
global $cms_language;
$date = new CMS_date();
$date->setDebug(false);
$date->setFormat($cms_language->getDateFormat());
$date->setLocalizedDate($varContent);
if ($date->hasError()) {
return '';
}
switch ($dataType) {
case 'date':
return $date->getDBValue(true);
break;
case 'datetime':
return $date->getDBValue(false);
break;
case 'localisedDate':
return $date->getLocalizedDate();
break;
}
} else {
return '';
}
break;
case 'string':
case 'unsafestring':
return (string) $varContent;
break;
case 'safestring':
//safestring return string without any XSS vector
return SensitiveIO::sanitizeHTMLString((string) $varContent);
break;
case 'array':
if (is_array($varContent)) {
return $varContent;
} else {
return array();
//false
}
break;
case 'bool':
case 'boolean':
if ($varContent === 'true') {
return true;
} elseif ($varContent === 'false') {
return false;
} else {
return (bool) $varContent;
}
break;
case 'email':
if (sensitiveIO::IsValidEmail($varContent)) {
return $varContent;
}
break;
default:
CMS_grandFather::raiseError('Unknown data type to get : ' . $dataType);
return '';
break;
}
return '';
}
