Store.php 9.75 KB
Newer Older
1
2
3
4
5
6
7
8
<?php
/**
 * Created by PhpStorm.
 * User: crose
 * Date: 1/1/16
 * Time: 6:51 PM
 */

9
namespace qfq\store;
10
11

use qfq\exceptions\CodeException;
12
use qfq;
13

14
15
require_once(__DIR__ . '/../../qfq/helper/KeyValueStringParser.php');
require_once(__DIR__ . '/../../qfq/helper/Sanatize.php');
16
require_once(__DIR__ . '/../../qfq/Constants.php');
17
require_once(__DIR__ . '/../../qfq/store/Sip.php');
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32


/*
 * Stores:
 * - SIP
 * - webVar
 * - record
 * - form
 * - formElement
 */

class Store {

    private static $instance = null;

33
34
    private static $sip = null;

35
36
37
    private static $raw = array();
    private static $cache = array();
    private static $defaultSanatizeClass = array();
38
39

    /**
40
     * @param string $bodytext
41
     */
42
43
44
    private function __construct($bodytext = '') {

        self::$defaultSanatizeClass = [
45
46
47
48
49
50
            TYPO3_DEBUG_LOAD => SANATIZE_ALLOW_DIGIT,
            TYPO3_DEBUG_SAVE => SANATIZE_ALLOW_DIGIT,
            TYPO3_FORM => SANATIZE_ALLOW_ALNUMX,
            TYPO3_FE_USER => SANATIZE_ALLOW_ALNUMX,
            TYPO3_FE_USER_UID => SANATIZE_ALLOW_DIGIT,
            TYPO3_FE_USER_GROUP => SANATIZE_ALLOW_ALNUMX,
51
52
53
54
55
56
57
58
59
60
61
62

            CLIENT_SIP => SANATIZE_ALLOW_ALNUMX,
            CLIENT_GET_SIP => SANATIZE_ALLOW_DIGIT,
            CLIENT_POST_SIP => SANATIZE_ALLOW_DIGIT,
            CLIENT_RECORD_ID => SANATIZE_ALLOW_DIGIT,
            CLIENT_KEY_SEM_ID => SANATIZE_ALLOW_DIGIT,
            CLIENT_KEY_SEM_ID_USER => SANATIZE_ALLOW_DIGIT,
            CLIENT_PAGE_ID => SANATIZE_ALLOW_DIGIT,
            CLIENT_PAGE_TYPE => SANATIZE_ALLOW_DIGIT,
            CLIENT_PAGE_LANGUAGE => SANATIZE_ALLOW_DIGIT,
            CLIENT_FORM => SANATIZE_ALLOW_ALNUMX,

63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
            // Part of $_SERVER. Missing vars must be requested individual with the needed sanatize class.
            CLIENT_SCRIPT_URL => SANATIZE_ALLOW_ALNUMX,
            CLIENT_SCRIPT_URI => SANATIZE_ALLOW_ALNUMX,
            CLIENT_HTTP_HOST => SANATIZE_ALLOW_ALNUMX,
            CLIENT_HTTP_USER_AGENT => SANATIZE_ALLOW_ALNUMX,
            CLIENT_SERVER_NAME => SANATIZE_ALLOW_ALNUMX,
            CLIENT_SERVER_ADDRESS => SANATIZE_ALLOW_ALNUMX,
            CLIENT_SERVER_PORT => SANATIZE_ALLOW_DIGIT,
            CLIENT_REMOTE_ADDRESS => SANATIZE_ALLOW_ALNUMX,
            CLIENT_REQUEST_SCHEME => SANATIZE_ALLOW_ALNUMX,
            CLIENT_SCRIPT_FILENAME => SANATIZE_ALLOW_ALNUMX,
            CLIENT_QUERY_STRING => SANATIZE_ALLOW_ALL,
            CLIENT_REQUEST_URI => SANATIZE_ALLOW_ALL,
            CLIENT_SCRIPT_NAME => SANATIZE_ALLOW_ALNUMX,
            CLIENT_PHP_SELF => SANATIZE_ALLOW_ALNUMX,

79
80
81
82
83
84
85
            SYSTEM_DBUSER => SANATIZE_ALLOW_ALNUMX,
            SYSTEM_DBSERVER => SANATIZE_ALLOW_ALNUMX,
            SYSTEM_DBPW => SANATIZE_ALLOW_ALL,
            SYSTEM_DB => SANATIZE_ALLOW_ALNUMX,
            SYSTEM_TESTDB => SANATIZE_ALLOW_ALNUMX,
            SYSTEM_SESSIONNAME => SANATIZE_ALLOW_ALNUMX,
            SYSTEM_DBH => SANATIZE_ALLOW_ALL,
86
87
88
89

//            SYSTEM_FORM_DEF => SANATIZE_ALL,
//            SYSTEM_FORM_ELEMENT_DEF => SANATIZE_ALL,
//            SYSTEM_FORM_ELEMENT_FIELD => SANATIZE_ALL,
90
91
92
93
94
95
96
97
98
            SYSTEM_SQL_RAW => SANATIZE_ALLOW_ALL,
            SYSTEM_SQL_FINAL => SANATIZE_ALLOW_ALL,
            SYSTEM_SQL_COUNT => SANATIZE_ALLOW_DIGIT,
            SYSTEM_SQL_PARAM_ARRAY => SANATIZE_ALLOW_ALL,

            SIP_SIP => SANATIZE_ALLOW_ALNUMX,
            SIP_RECORD_ID => SANATIZE_ALLOW_DIGIT,
            SIP_FORM => SANATIZE_ALLOW_ALNUMX,
            SIP_URLPARAM => SANATIZE_ALLOW_ALL
99

100
101
102
        ];

        self::fillSystemStore();
103
        self::fillStoreTypo3($bodytext);
104
        self::fillStoreClient();
105
106
        self::fillStoreSip();

107
    }
108

109
110
111
112
113
    /**
     * @throws CodeException
     * @throws qfq\exceptions\UserException
     */
    private function fillSystemStore() {
114
115
        try {
            $config = parse_ini_file(QFQ_INI, false);
116
        } catch (\Exception $e) {
117
118
            throw new qfq\exceptions\UserException ("Error read file " . QFQ_INI . ": " . $e->getMessage(), ERROR_READ_FILE);
        }
119
        self::setVarArray($config, STORE_SYSTEM);
120
121
    }

122
123
124
125
126
    /**
     * @param array $dataArray
     * @param $store
     * @throws CodeException
     */
127
128
    public function setVarArray(array $dataArray, $store) {

129
130
131
        if (isset(self::$raw[$store]) && count(self::$raw[$store]) > 0) {
            throw new CodeException("Raw values already been copied to store '$store'. Do this only one time.", ERROR_VALUE_ALREADY_CODPIED);
        }
132

133
134
        self::$raw[$store] = $dataArray;
    }
135

136
137
138
139
    /**
     * @param $bodytext
     * @throws CodeException
     */
140
141
    private function fillStoreTypo3($bodytext) {

142
        $parser = new \qfq\helper\KeyValueStringParser("=", "\n");
143
144
145
146
147
148
149
150
151
152
        $arr = $parser->parse($bodytext);

        if (isset($GLOBALS["TSFE"]->fe_user->user["username"]))
            $arr[TYPO3_FE_USER] = $GLOBALS["TSFE"]->fe_user->user["username"];

        if (isset($GLOBALS["TSFE"]->fe_user->user["uid"]))
            $arr[TYPO3_FE_USER_UID] = $GLOBALS["TSFE"]->fe_user->user["uid"];

        if (isset($GLOBALS["TSFE"]->fe_user->user["usergroup"]))
            $arr[TYPO3_FE_USER_GROUP] = $GLOBALS["TSFE"]->fe_user->user["usergroup"];
153

154
        self::setVarArray($arr, STORE_TYPO3);
155
    }
156

157
158
159
160
    /**
     * @throws CodeException
     */
    private function fillStoreClient() {
161
162
        // copy GET and POST and SERVER Parameter. Priority: SERVER, POST, GET
        $arr = array_merge($_GET, $_POST, $_SERVER);
163
164
165

        # SIP: if POST exist, this means 'form save'. To distinguish load and save, store both.
        if (isset($_GET[CLIENT_SIP]))
166
            $arr[CLIENT_GET_SIP] = $_GET[CLIENT_SIP];
167

168
        if (isset($_POST[CLIENT_SIP]))
169
            $arr[CLIENT_POST_SIP] = $_POST[CLIENT_SIP];
170

171
172
        self::setVarArray($arr, STORE_CLIENT);
    }
173
174
175
176
177

    /*
     *
     */
    private function fillStoreSip() {
Carsten  Rose's avatar
Carsten Rose committed
178

179
180
        $sessionName = self::getVar(SYSTEM_SESSIONNAME, STORE_SYSTEM);
        self::$sip = new \qfq\store\Sip($sessionName);
181

182
183
184
185
186
187
188
        $s = self::getVar(CLIENT_SIP, STORE_CLIENT);
        if ($s !== false) {
            // if session is given, copy values to store
            $param = self::$sip->getVarsFromSip($s);

            $parser = new \qfq\helper\KeyValueStringParser("=", "&");
            self::setVarArray($parser->parse($param), STORE_SIP);
189
190
191
        }
    }

192
    /**
193
     * Cycles through all stores in $useStore.
194
     * First match will return the found value.
195
     * During cycling: fill cache with requestet value and sanatize raw value.
196
     *
197
     * @param string $key
198
     * @param string $useStores f.e.: 'FSRD'
199
200
201
     * @param string $sanatizeClass
     * @return string a) if found: value, b) false
     */
202
    public static function getVar($key, $useStores = USE_STORE_DEFAULT, $sanatizeClass = '') {
203
204

        // no store specifed?
205
206
        if ($useStores === "" || $useStores === null) {
            $useStores = USE_STORE_DEFAULT;
207
208
209
210
211
212
213
        }

        while ($useStores !== false) {

            $store = substr($useStores, 0, 1); // next store
            $useStores = substr($useStores, 1); // shift left remaining stores

Carsten  Rose's avatar
Carsten Rose committed
214
215
            $cacheVal = isset(self::$cache[$store][$key]) ? self::$cache[$store][$key] : null;
            $rawVal = isset(self::$raw[$store][$key]) ? self::$raw[$store][$key] : null;
216
217

            // Already cached?
Carsten  Rose's avatar
Carsten Rose committed
218
219
            if (isset($cacheVal) && $cacheVal !== false)
                return $cacheVal;
220
221

            // No value in store: try next store
Carsten  Rose's avatar
Carsten Rose committed
222
            if ($cacheVal === false) {
223
                continue;
224
225
            }

226
            // No value in raw? set cache to 'nothing found' and try next store
Carsten  Rose's avatar
Carsten Rose committed
227
            if (!isset($rawVal)) {
228
229
230
231
232
                self::$cache[$store][$key] = false;
                continue;
            }

            // get final sanatizeClass
233
            if ($sanatizeClass === '' || $sanatizeClass === null) {
234
235
236
237
                $sanatizeClass = isset(self::$defaultSanatizeClass[$key]) ? self::$defaultSanatizeClass[$key] : SANATIZE_DEFAULT;
            }

            // sanatize
Carsten  Rose's avatar
Carsten Rose committed
238
            self::$cache[$store][$key] = \qfq\Sanatize::sanatize($rawVal, $sanatizeClass);
239
            return self::$cache[$store][$key];
240
241
242

        }
        return false;
243
    }
244

245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
    /**
     * @param string $bodytext
     * @param bool|false $phpunit
     * @return null|\qfq\store\Store
     */
    public static function getInstance($bodytext = '', $phpunit = false) {

        if ($phpunit) {
            if (self::$instance === null) {
//                unset(self::$instance);
                self::$instance = null;
            }
        }

        // Design Pattern: Singleton
        if (self::$instance === null) {
            self::$instance = new self($bodytext);
        }

        return self::$instance;
265
    }
266

267
268
269
270
    /**
     * @param $formName
     * @throws CodeException
     */
271
272
    public static function createSipAfterFormLoad($formName) {
        $recordId = self::getVar(CLIENT_RECORD_ID, STORE_TYPO3 . STORE_CLIENT);
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
        if ($recordId === false) {
            $recordId = 0;
        }

        $tmpParam = [SIP_RECORD_ID => $recordId, SIP_FORM => $formName];

        // Store in SIP Store (cause it's empty until now).
        self::setVarArray($tmpParam, STORE_SIP);

        // Construct fake urlparam
        $tmpUrlparam = \qfq\helper\OnArray::toString($tmpParam);

        // Create a fake SIP which has never been passed by URL - further processing might expect this to exist.
        $sip = self::getSip()->urlparamToSip($tmpUrlparam, RETURN_SIP);
        self::setVar(CLIENT_SIP, $sip, STORE_CLIENT);
    }

    /**
     * @return null
     */
    public static function getSip() {
        return self::$sip;
    }
296
297
298
299
300
301
302
303
304
305
306
307
308
309

    /**
     * @param $key
     * @param $value
     * @param $store
     * @throws CodeException
     */
    public static function setVar($key, $value, $store) {

        self::$raw[$store][$key] = $value;
        // Invalidate cache to force new sanatize
        self::$cache[$store][$key] = null;

    }
310
311
312
313
314
}