Client.php 1.44 KB
Newer Older
Carsten  Rose's avatar
Carsten Rose committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<?php
/**
 * Created by PhpStorm.
 * User: crose
 * Date: 7/9/17
 * Time: 3:14 PM
 */

namespace qfq;

use qfq;

require_once(__DIR__ . '/../../qfq/helper/Sanitize.php');

class Client {

    public static function getParam() {

        // copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
Carsten  Rose's avatar
Carsten Rose committed
20
        $get = array();
Carsten  Rose's avatar
Carsten Rose committed
21
22
23
24
        $post = array();
        $cookie = array();
        $server = array();

25
26
27
28
        // Dirty workaround to clean poisoned T3 cache
        Sanitize::digitCheckAndCleanGet(CLIENT_PAGE_TYPE);
        Sanitize::digitCheckAndCleanGet(CLIENT_PAGE_LANGUAGE);

Carsten  Rose's avatar
Carsten Rose committed
29
        if (isset($_GET)) {
30
            $get = Sanitize::urlDecodeArr($_GET);
Carsten  Rose's avatar
Carsten Rose committed
31
        }
Carsten  Rose's avatar
Carsten Rose committed
32
33
34

        if (isset($_POST)) {
            $post = $_POST;
35
//            Logger::logMessage(var_export($post, true) . PHP_EOL . PHP_EOL,'post.txt');
Carsten  Rose's avatar
Carsten Rose committed
36
37
38
39
40
41
42
43
44
45
46
        }

        if (isset($_COOKIE[SESSION_NAME])) {
            $cookie[CLIENT_COOKIE_QFQ] = $_COOKIE[SESSION_NAME];
        }

        // It's important to merge the SERVER array last: those entries shall overwrite client values.
        if (isset($_SERVER)) {
            $server = Sanitize::htmlentitiesArr($_SERVER); // $_SERVER values might be compromised.
        }

47
48
49
50
51
        // Necessary for phpUnit Tests
        if (!isset($server[CLIENT_REMOTE_ADDRESS])) {
            $server[CLIENT_REMOTE_ADDRESS] = '0.0.0.0';
        }

Carsten  Rose's avatar
Carsten Rose committed
52
53
54
55
56
        $arr = array_merge($get, $post, $cookie, $server);

        return Sanitize::normalize($arr);
    }
}