openrat-cms

OpenRat Content Management System
git clone http://git.code.weiherhei.de/openrat-cms.git
Log | Files | Refs | README

commit 6fadcab27db6f635999b0ed7f904923544a6e080
parent ba34dca293dfb1f1a5df0a323a4a23fac3f0fb15
Author: Jan Dankert <develop@jandankert.de>
Date:   Fri, 26 Feb 2021 00:04:49 +0100

New: Request may contain JSON,XML in POST data. This is good for API clients.

Diffstat:
Mmodules/cms/Dispatcher.class.php | 5++---
Mmodules/cms/action/RequestParams.class.php | 60+++++++++++++++++++++++++++++++++++++++++++++---------------
Mmodules/cms/api/API.class.php | 13+++++++++----
Mmodules/cms/macros/macro/SearchIndex.class.php | 3+--
Mmodules/cms/ui/action/index/IndexManifestAction.class.php | 3+--
Mmodules/logger/Logger.class.php | 3+--
Mmodules/template_engine/components/html/component_link/LinkComponent.class.php | 5++---
Mmodules/util/JSON.class.php | 2+-
Mmodules/util/json/JSON.class.php | 4++--
9 files changed, 64 insertions(+), 34 deletions(-)

diff --git a/modules/cms/Dispatcher.class.php b/modules/cms/Dispatcher.class.php @@ -405,7 +405,7 @@ class Dispatcher $possibleDbIds = []; if ( $this->request->hasRequestVar('dbid') ) - $possibleDbIds[] = $this->request->getRequestVar('dbid',RequestParams::FILTER_ALPHANUM); + $possibleDbIds[] = $this->request->getRequestAlphanum('dbid' ); if ( Session::getDatabaseId() ) $possibleDbIds[] = Session::getDatabaseId(); @@ -574,7 +574,6 @@ class Dispatcher $date = explode(" ",$micro_date); $filename = $dir.'/'.$auditConfig->get('prefix','audit' ).'-'.date('c',$date[1]).'-'.$date[0].'.json'; - $json = new JSON(); $user = Session::getUser(); $data = array( @@ -592,7 +591,7 @@ class Dispatcher ); // Write the file. - if ( file_put_contents( $filename, $json->encode($data) ) === FALSE ) + if ( file_put_contents( $filename, JSON::encode($data) ) === FALSE ) Logger::warn('Could not write audit log to file: '.$filename); else Logger::debug('Audit logfile: '.$filename); diff --git a/modules/cms/action/RequestParams.class.php b/modules/cms/action/RequestParams.class.php @@ -3,7 +3,9 @@ namespace cms\action; use util\exception\ValidationException; +use util\json\JSON; use util\Text; +use util\XML; class RequestParams @@ -35,6 +37,8 @@ class RequestParams public $isAction; + private $parameter; + /** * @var bool */ @@ -45,17 +49,48 @@ class RequestParams */ public function __construct() { - $this->id = @$_REQUEST[self::PARAM_ID ]; - $this->action = @$_REQUEST[self::PARAM_ACTION ]; - $this->method = @$_REQUEST[self::PARAM_SUBACTION]; + $headers = array_change_key_case(getallheaders(), CASE_LOWER); // Is this a POST request? $this->isAction = @$_SERVER['REQUEST_METHOD'] == 'POST'; + + $contenttype = trim(explode( ';',@$headers['content-type'])[0]); + + if ( !$this->isAction ) + $this->parameter = &$_GET; + else + switch( $contenttype ) { + case 'application/x-www-form-urlencoded': // the most used form url encoding + case 'multipart/form-data': // Multipart-Formdata for File uploads + case '': + $this->parameter = &$_POST; // Using builtin POST data parsing + break; + + case 'text/json': + case 'application/json': + // parsing the JSON data + $this->parameter = JSON::decode(file_get_contents("php://input")); + break; + + case 'text/xml': + case 'application/xml': + $this->parameter = (array)simplexml_load_string(file_get_contents("php://input")); + break; + + default: + // Unknown content type + throw new \LogicException('HTTP-POST with unknown content type: ' . $contenttype); + } + + $this->id = $this->getRequestId(); + $this->action = $this->getRequestAlphanum(self::PARAM_ACTION ); + $this->method = $this->getRequestAlphanum(self::PARAM_SUBACTION); } public function getRequiredRequestVar( $varName, $transcode ) { + $value = $this->getRequestVar($varName,$transcode); if ( empty( $value ) ) @@ -85,22 +120,17 @@ class RequestParams */ public function getRequestVar($varName, $transcode = self::FILTER_TEXT) { - if($varName == self::PARAM_ID) - return $this->id; - - if($varName == self::PARAM_ACTION) - return $this->action; - - if($varName == self::PARAM_SUBACTION) - return $this->method; - - if (!isset($_REQUEST[$varName])) + if (!isset($this->parameter[$varName])) return ''; - return $this->cleanText( $_REQUEST[$varName], $transcode ); + return $this->cleanText( $this->parameter[$varName], $transcode ); } + public function getRequestAlphanum( $varName ) { + return $this->getRequestVar( $varName,self::FILTER_ALPHANUM ); + } + public function cleanText( $value, $transcode ) { switch ($transcode) { @@ -151,7 +181,7 @@ class RequestParams */ public function hasRequestVar($varName) { - return (isset($_REQUEST[$varName]) && (!empty($_REQUEST[$varName]) || $_REQUEST[$varName] == '0')); + return (isset($this->parameter[$varName]) && (!empty($this->parameter[$varName]) || $this->parameter[$varName] == '0')); } diff --git a/modules/cms/api/API.class.php b/modules/cms/api/API.class.php @@ -28,6 +28,7 @@ class API const OUTPUT_XML = 4; const OUTPUT_YAML = 5; const OUTPUT_HTML = 6; + const OUTPUT_PLAIN = 7; /** @@ -91,7 +92,12 @@ class API $output = print_r($data, true); break; - case self::OUTPUT_PHPSERIALIZE: + case self::OUTPUT_PLAIN: + header('Content-Type: text/plain; charset=UTF-8'); + $output = print_r($data, true); + break; + + case self::OUTPUT_PHPSERIALIZE: header('Content-Type: application/php-serialized; charset=UTF-8'); $output = serialize($data); break; @@ -111,8 +117,7 @@ class API else { // Fallback, falls json_encode() nicht existiert... - $json = new JSON(); - $output = $json->encode($data); + $output = JSON::encode($data); } break; @@ -194,7 +199,7 @@ class API if (in_array('text/html', $types)) return self::OUTPUT_HTML; // normally an ordinary browser. - return self::OUTPUT_YAML; // Fallback + return self::OUTPUT_PLAIN; // Fallback } /** diff --git a/modules/cms/macros/macro/SearchIndex.class.php b/modules/cms/macros/macro/SearchIndex.class.php @@ -78,8 +78,7 @@ class SearchIndex extends Macro } // Output search index as JSON - $json = new JSON(); - echo $json->encode( $searchIndex ); + echo JSON::encode( $searchIndex ); } diff --git a/modules/cms/ui/action/index/IndexManifestAction.class.php b/modules/cms/ui/action/index/IndexManifestAction.class.php @@ -62,8 +62,7 @@ class IndexManifestAction extends IndexAction implements Method { ); header("Content-Type: application/manifest+json"); - $json = new JSON(); - $this->setTemplateVar( 'manifest',$json->encode($value) ); + $this->setTemplateVar( 'manifest',JSON::encode($value) ); } diff --git a/modules/logger/Logger.class.php b/modules/logger/Logger.class.php @@ -181,8 +181,7 @@ class Logger break; case self::OUTPUT_JSON: - $json = new JSON(); - $text = $json->encode( $values ); + $text = JSON::encode( $values ); $text = str_replace("\n", "", $text); break; } diff --git a/modules/template_engine/components/html/component_link/LinkComponent.class.php b/modules/template_engine/components/html/component_link/LinkComponent.class.php @@ -117,14 +117,13 @@ class LinkComponent extends Component else $link->addAttribute('data-id',''); - $json = new JSON(); $arrayvalues = array(); foreach( $this->getExtraParamArray() as $varname => $varvalue ) { $link->addAttribute('data-extra-'.$varname,$varvalue); $arrayvalues[ $varname ] = $varvalue; } - $link->addAttribute('data-extra',str_replace('"',"'",str_replace(array("\t", "\r", "\n"),'',$json->encode($arrayvalues)))); + $link->addAttribute('data-extra',str_replace('"',"'",str_replace(array("\t", "\r", "\n"),'',JSON::encode($arrayvalues)))); switch ($this->type) { @@ -144,7 +143,7 @@ class LinkComponent extends Component $data['none'] = '0'; - $link->addAttribute('data-data',str_replace(array("\t", "\r", "\n"),'',$json->encode($data))); + $link->addAttribute('data-data',str_replace(array("\t", "\r", "\n"),'',JSON::encode($data))); break; case 'html': diff --git a/modules/util/JSON.class.php b/modules/util/JSON.class.php @@ -134,7 +134,7 @@ class JSON * bubble up with an error, so all return values * from encode() should be checked with isError() */ - function Services_JSON() + function __construct() { $this->use = SERVICES_JSON_LOOSE_TYPE; } diff --git a/modules/util/json/JSON.class.php b/modules/util/json/JSON.class.php @@ -10,11 +10,11 @@ require(__DIR__.'/../JSON.class.php'); */ class JSON { - public function encode($var) { + public static function encode($var) { $json = new \JSON(); return $json->encode($var); } - public function decode($var) { + public static function decode($var) { $json = new \JSON(); return $json->decode($var); }