Feature #5718 » RequestBuilder.php

Alexandre Martinez, 2009-12-11 14:21

 
1
<?php
2
/**
3
 * Class overriding extbase's RequestBuilder
4
 * to take into account $_FILES global array as request arguments
5
 * @author Alexandre Martinez  <alexandre.martinez76@gmail.com>
6
 *
7
 * @scope prototype
8
 */
9
class ux_Tx_Extbase_MVC_Web_RequestBuilder extends Tx_Extbase_MVC_Web_RequestBuilder
10
{
11
	/**
12
	 * Builds a web request object from the raw HTTP information and the configuration
13
	 * Alex Martinez: also adds files to params
14
	 * Files cannot be added to $_POST array because of stripslashed arrays
15
	 * May be a security problem...
16
	 * @TODO try adding slashes to array before adding to $_POST array
17
	 * @return Tx_Extbase_MVC_Web_Request The web request as an object
18
	 */
19
	public function build() {
20
		$parameters = t3lib_div::_GPmerged('tx_' . strtolower($this->extensionName) . '_' . strtolower($this->pluginName));
21
		// Edit AM
22
    $parameters = array_merge($parameters,$this->fetchFileParameters('tx_' . strtolower($this->extensionName) . '_' . strtolower($this->pluginName)));
23
    
24
		if (is_string($parameters['controller']) && array_key_exists($parameters['controller'], $this->allowedControllerActions)) {
25
			$controllerName = filter_var($parameters['controller'], FILTER_SANITIZE_STRING);
26
			$allowedActions = $this->allowedControllerActions[$controllerName];
27
			if (is_string($parameters['action']) && is_array($allowedActions) && in_array($parameters['action'], $allowedActions)) {
28
				$actionName = filter_var($parameters['action'], FILTER_SANITIZE_STRING);
29
			} else {
30
				$actionName = $this->defaultActionName;
31
			}
32
		} else {
33
			$controllerName = $this->defaultControllerName;
34
			$actionName = $this->defaultActionName;
35
		}
36

    
37
		$request = t3lib_div::makeInstance('Tx_Extbase_MVC_Web_Request');
38
		$request->setPluginName($this->pluginName);
39
		$request->setControllerExtensionName($this->extensionName);
40
		$request->setControllerName($controllerName);
41
		$request->setControllerActionName($actionName);
42
		$request->setRequestURI(t3lib_div::getIndpEnv('TYPO3_REQUEST_URL'));
43
		$request->setBaseURI(t3lib_div::getIndpEnv('TYPO3_SITE_URL'));
44
		$request->setMethod((isset($_SERVER['REQUEST_METHOD'])) ? $_SERVER['REQUEST_METHOD'] : NULL);
45

    
46
		if (is_string($parameters['format']) && (strlen($parameters['format']))) {
47
			$request->setFormat(filter_var($parameters['format'], FILTER_SANITIZE_STRING));
48
		}
49

    
50
		foreach ($parameters as $argumentName => $argumentValue) {
51
			$request->setArgument($argumentName, $argumentValue);
52
		}
53

    
54
		return $request;
55
	}
56

    
57
	/**
58
	 * Reorders file data
59
	 * @param string $key
60
	 * @return array
61
	 */
62
	protected function fetchFileParameters($key)
63
	{
64
		$results=array();
65
		$files=$_FILES[$key];
66
		if (is_array($files)) {
67
			foreach($files as $propertyName=>$propertyValue){
68
				foreach ($propertyValue as $paramName=>$paramValue) {
69
					$results[$paramName][$propertyName]=$paramValue;
70
				}
71
			}			
72
		}
73
		return $results;
74
	}
75

    
76
}
(1-1/4)