Http\HttpRequestFactory.php

  1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (http://nette.org)
  5:  *
  6:  * Copyright (c) 2004, 2011 David Grudl (http://davidgrudl.com)
  7:  *
  8:  * For the full copyright and license information, please view
  9:  * the file license.txt that was distributed with this source code.
 10:  */
 11: 
 12: namespace Nette\Web;
 13: 
 14: use Nette,
 15:     Nette\String;
 16: 
 17: 
 18: 
 19: /**
 20:  * Current HTTP request factory.
 21:  *
 22:  * @author     David Grudl
 23:  */
 24: class HttpRequestFactory extends Nette\Object
 25: {
 26:     /** @internal */
 27:     const NONCHARS = '#[^\x09\x0A\x0D\x20-\x7E\xA0-\x{10FFFF}]#u';
 28: 
 29:     /** @var array */
 30:     public $uriFilters = array(
 31:         'path' => array('#/{2,}#' => '/'), // '%20' => ''
 32:         'uri' => array(), // '#[.,)]$#' => ''
 33:     );
 34: 
 35:     /** @var string */
 36:     private $encoding;
 37: 
 38: 
 39: 
 40:     /**
 41:      * @param  string
 42:      * @return HttpRequestFactory  provides a fluent interface
 43:      */
 44:     public function setEncoding($encoding)
 45:     {
 46:         $this->encoding = $encoding;
 47:         return $this;
 48:     }
 49: 
 50: 
 51: 
 52:     /**
 53:      * Creates current HttpRequest object.
 54:      * @return HttpRequest
 55:      */
 56:     public function createHttpRequest()
 57:     {
 58:         // DETECTS URI, base path and script path of the request.
 59:         $uri = new UriScript;
 60:         $uri->scheme = isset($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'off') ? 'https' : 'http';
 61:         $uri->user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
 62:         $uri->password = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
 63: 
 64:         // host & port
 65:         if (isset($_SERVER['HTTP_HOST'])) {
 66:             $pair = explode(':', $_SERVER['HTTP_HOST']);
 67: 
 68:         } elseif (isset($_SERVER['SERVER_NAME'])) {
 69:             $pair = explode(':', $_SERVER['SERVER_NAME']);
 70: 
 71:         } else {
 72:             $pair = array('');
 73:         }
 74: 
 75:         $uri->host = preg_match('#^[-._a-z0-9]+$#', $pair[0]) ? $pair[0] : '';
 76: 
 77:         if (isset($pair[1])) {
 78:             $uri->port = (int) $pair[1];
 79: 
 80:         } elseif (isset($_SERVER['SERVER_PORT'])) {
 81:             $uri->port = (int) $_SERVER['SERVER_PORT'];
 82:         }
 83: 
 84:         // path & query
 85:         if (isset($_SERVER['REQUEST_URI'])) { // Apache, IIS 6.0
 86:             $requestUri = $_SERVER['REQUEST_URI'];
 87: 
 88:         } elseif (isset($_SERVER['ORIG_PATH_INFO'])) { // IIS 5.0 (PHP as CGI ?)
 89:             $requestUri = $_SERVER['ORIG_PATH_INFO'];
 90:             if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') {
 91:                 $requestUri .= '?' . $_SERVER['QUERY_STRING'];
 92:             }
 93:         } else {
 94:             $requestUri = '';
 95:         }
 96: 
 97:         $requestUri = String::replace($requestUri, $this->uriFilters['uri']);
 98:         $tmp = explode('?', $requestUri, 2);
 99:         $uri->path = String::replace($tmp[0], $this->uriFilters['path']);
100:         $uri->query = isset($tmp[1]) ? $tmp[1] : '';
101: 
102:         // normalized uri
103:         $uri->canonicalize();
104:         $uri->path = String::fixEncoding($uri->path);
105: 
106:         // detect script path
107:         if (isset($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME']) && strncmp($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])) === 0) {
108:             $script = '/' . ltrim(strtr(substr($_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])), '\\', '/'), '/');
109:         } elseif (isset($_SERVER['SCRIPT_NAME'])) {
110:             $script = $_SERVER['SCRIPT_NAME'];
111:         } else {
112:             $script = '/';
113:         }
114: 
115:         if (strncasecmp($uri->path . '/', $script . '/', strlen($script) + 1) === 0) { // whole script in URL
116:             $uri->scriptPath = substr($uri->path, 0, strlen($script));
117: 
118:         } elseif (strncasecmp($uri->path, $script, strrpos($script, '/') + 1) === 0) { // directory part of script in URL
119:             $uri->scriptPath = substr($uri->path, 0, strrpos($script, '/') + 1);
120: 
121:         } else {
122:             $uri->scriptPath = '/';
123:         }
124: 
125: 
126:         // GET, POST, COOKIE
127:         $useFilter = (!in_array(ini_get('filter.default'), array('', 'unsafe_raw')) || ini_get('filter.default_flags'));
128: 
129:         parse_str($uri->query, $query);
130:         if (!$query) {
131:             $query = $useFilter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
132:         }
133:         $post = $useFilter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
134:         $cookies = $useFilter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
135: 
136:         $gpc = (bool) get_magic_quotes_gpc();
137:         $old = error_reporting(error_reporting() ^ E_NOTICE);
138: 
139:         // remove fucking quotes and check (and optionally convert) encoding
140:         if ($gpc || $this->encoding) {
141:             $utf = strcasecmp($this->encoding, 'UTF-8') === 0;
142:             $list = array(& $query, & $post, & $cookies);
143:             while (list($key, $val) = each($list)) {
144:                 foreach ($val as $k => $v) {
145:                     unset($list[$key][$k]);
146: 
147:                     if ($gpc) {
148:                         $k = stripslashes($k);
149:                     }
150: 
151:                     if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
152:                         // invalid key -> ignore
153: 
154:                     } elseif (is_array($v)) {
155:                         $list[$key][$k] = $v;
156:                         $list[] = & $list[$key][$k];
157: 
158:                     } else {
159:                         if ($gpc && !$useFilter) {
160:                             $v = stripSlashes($v);
161:                         }
162:                         if ($this->encoding) {
163:                             if ($utf) {
164:                                 $v = String::fixEncoding($v);
165: 
166:                             } else {
167:                                 if (!String::checkEncoding($v)) {
168:                                     $v = iconv($this->encoding, 'UTF-8//IGNORE', $v);
169:                                 }
170:                                 $v = html_entity_decode($v, ENT_QUOTES, 'UTF-8');
171:                             }
172:                             $v = preg_replace(self::NONCHARS, '', $v);
173:                         }
174:                         $list[$key][$k] = $v;
175:                     }
176:                 }
177:             }
178:             unset($list, $key, $val, $k, $v);
179:         }
180: 
181: 
182:         // FILES and create HttpUploadedFile objects
183:         $files = array();
184:         $list = array();
185:         if (!empty($_FILES)) {
186:             foreach ($_FILES as $k => $v) {
187:                 if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) continue;
188:                 $v['@'] = & $files[$k];
189:                 $list[] = $v;
190:             }
191:         }
192: 
193:         while (list(, $v) = each($list)) {
194:             if (!isset($v['name'])) {
195:                 continue;
196: 
197:             } elseif (!is_array($v['name'])) {
198:                 if ($gpc) {
199:                     $v['name'] = stripSlashes($v['name']);
200:                 }
201:                 if ($this->encoding) {
202:                     $v['name'] = preg_replace(self::NONCHARS, '', String::fixEncoding($v['name']));
203:                 }
204:                 $v['@'] = new HttpUploadedFile($v);
205:                 continue;
206:             }
207: 
208:             foreach ($v['name'] as $k => $foo) {
209:                 if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) continue;
210:                 $list[] = array(
211:                     'name' => $v['name'][$k],
212:                     'type' => $v['type'][$k],
213:                     'size' => $v['size'][$k],
214:                     'tmp_name' => $v['tmp_name'][$k],
215:                     'error' => $v['error'][$k],
216:                     '@' => & $v['@'][$k],
217:                 );
218:             }
219:         }
220: 
221:         error_reporting($old);
222: 
223: 
224:         // HEADERS
225:         if (function_exists('apache_request_headers')) {
226:             $headers = array_change_key_case(apache_request_headers(), CASE_LOWER);
227:         } else {
228:             $headers = array();
229:             foreach ($_SERVER as $k => $v) {
230:                 if (strncmp($k, 'HTTP_', 5) == 0) {
231:                     $k = substr($k, 5);
232:                 } elseif (strncmp($k, 'CONTENT_', 8)) {
233:                     continue;
234:                 }
235:                 $headers[ strtr(strtolower($k), '_', '-') ] = $v;
236:             }
237:         }
238: 
239:         return new HttpRequest($uri, $query, $post, $files, $cookies, $headers,
240:             isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL,
241:             isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL,
242:             isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : NULL
243:         );
244:     }
245: 
246: }
247:
Namespaces

Classes

Interfaces
