PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / 5.2.0
Matomo Analytics – Powerful, Privacy-First Insights for WordPress v5.2.0
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / app / core / Request.php
matomo / app / core Last commit date
API 1 year ago Access 1 year ago Application 1 year ago Archive 1 year ago ArchiveProcessor 1 year ago Archiver 2 years ago AssetManager 1 year ago Auth 1 year ago Category 2 years ago Changes 1 year ago CliMulti 1 year ago Columns 1 year ago Concurrency 1 year ago Config 1 year ago Container 1 year ago CronArchive 1 year ago DataAccess 1 year ago DataFiles 2 years ago DataTable 1 year ago Db 1 year ago DeviceDetector 1 year ago Email 2 years ago Exception 1 year ago Http 1 year ago Intl 1 year ago Log 2 years ago Mail 1 year ago Measurable 1 year ago Menu 1 year ago Metrics 1 year ago Notification 1 year ago Period 1 year ago Plugin 1 year ago ProfessionalServices 1 year ago Report 1 year ago ReportRenderer 1 year ago Scheduler 1 year ago Segment 1 year ago Session 1 year ago Settings 1 year ago Tracker 1 year ago Translation 1 year ago Twig 1 year ago UpdateCheck 1 year ago Updater 1 year ago Updates 1 year ago Validators 1 year ago View 1 year ago ViewDataTable 1 year ago Visualization 1 year ago Widget 1 year ago .htaccess 2 years ago Access.php 1 year ago Archive.php 1 year ago ArchiveProcessor.php 1 year ago AssetManager.php 1 year ago Auth.php 2 years ago AuthResult.php 2 years ago BaseFactory.php 2 years ago Cache.php 2 years ago CacheId.php 1 year ago CliMulti.php 1 year ago Common.php 1 year ago Config.php 1 year ago Console.php 1 year ago Context.php 2 years ago Cookie.php 1 year ago CronArchive.php 1 year ago DI.php 1 year ago DataArray.php 1 year ago DataTable.php 1 year ago Date.php 1 year ago Db.php 1 year ago DbHelper.php 1 year ago Development.php 1 year ago ErrorHandler.php 1 year ago EventDispatcher.php 1 year ago ExceptionHandler.php 1 year ago FileIntegrity.php 1 year ago Filechecks.php 1 year ago Filesystem.php 1 year ago FrontController.php 1 year ago Http.php 1 year ago IP.php 1 year ago Log.php 2 years ago LogDeleter.php 1 year ago Mail.php 1 year ago Metrics.php 1 year ago NoAccessException.php 2 years ago Nonce.php 1 year ago Notification.php 1 year ago NumberFormatter.php 1 year ago Option.php 1 year ago Period.php 1 year ago Piwik.php 1 year ago Plugin.php 1 year ago Process.php 1 year ago Profiler.php 1 year ago ProxyHeaders.php 2 years ago ProxyHttp.php 1 year ago QuickForm2.php 1 year ago RankingQuery.php 1 year ago ReportRenderer.php 1 year ago Request.php 1 year ago Segment.php 1 year ago Sequence.php 2 years ago Session.php 1 year ago SettingsPiwik.php 1 year ago SettingsServer.php 1 year ago Singleton.php 2 years ago Site.php 1 year ago SiteContentDetector.php 1 year ago SupportedBrowser.php 2 years ago TCPDF.php 1 year ago Theme.php 1 year ago Timer.php 2 years ago Tracker.php 1 year ago Twig.php 1 year ago Unzip.php 1 year ago UpdateCheck.php 1 year ago Updater.php 1 year ago UpdaterErrorException.php 2 years ago Updates.php 1 year ago Url.php 1 year ago UrlHelper.php 1 year ago Version.php 1 year ago View.php 1 year ago bootstrap.php 1 year ago dispatch.php 2 years ago testMinimumPhpVersion.php 2 years ago
Request.php
286 lines
1 <?php
2
3 /**
4 * Matomo - free/libre analytics platform
5 *
6 * @link https://matomo.org
7 * @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
8 */
9 namespace Piwik;
10
11 use InvalidArgumentException;
12 /**
13 * Provides (type safe) access methods for request parameters.
14 *
15 * Ensure to handle parameters received with this class with care.
16 * Especially parameters received as string, array or json might contain malicious content. Those should never be used
17 * raw in templates or other output.
18 *
19 * Note: For security reasons this class will automatically remove null byte sequences from string values.
20 *
21 * @api
22 */
23 class Request
24 {
25 /**
26 * @var array
27 */
28 protected $requestParameters;
29 private static $exceptionMsg = "The parameter '%s' isn't set in the Request and a default value wasn't provided.";
30 public function __construct(array $requestParameters)
31 {
32 $this->requestParameters = $requestParameters;
33 }
34 /**
35 * Creates a request object using GET and POST parameters of the current request
36 *
37 * @return static
38 */
39 public static function fromRequest() : self
40 {
41 return new self($_GET + $_POST);
42 }
43 /**
44 * Creates a request object using only GET parameters of the current request
45 *
46 * @return static
47 */
48 public static function fromGet() : self
49 {
50 return new self($_GET);
51 }
52 /**
53 * Creates a request object using only POST parameters of the current request
54 *
55 * @return static
56 */
57 public static function fromPost() : self
58 {
59 return new self($_POST);
60 }
61 /**
62 * Creates a request object using the parameters that can be extracted from the provided query string
63 *
64 * @return static
65 */
66 public static function fromQueryString(string $queryString) : self
67 {
68 $requestParameters = [];
69 parse_str($queryString, $requestParameters);
70 // If a querystring is provided urlencode'd parse_str will not be able to parse it correctly.
71 // A querystring like `method%3dVisitsSummary.get%26idSite%3d1` would result in
72 // an array like `['method=VisitsSummary.get&idSite=1' => '']`
73 // In this case we try to parse the urldecode'd string to get proper results
74 // Note: We can't always perform a urldecode, as this might otherwise destroy urlencoded values containing a &
75 if (1 === count($requestParameters) && '' === end($requestParameters)) {
76 $requestParameters = [];
77 parse_str(urldecode($queryString), $requestParameters);
78 }
79 return new self($requestParameters);
80 }
81 /**
82 * Returns the requested parameter from the request object.
83 * If the requested parameter can't be found and no default is provided an exception will be thrown
84 *
85 * Note: It's recommend to use one of type-safe methods instead, if a certain type is expected:
86 * @see getIntegerParameter
87 * @see getFloatParameter
88 * @see getStringParameter
89 * @see getArrayParameter
90 * @see getJSONParameter
91 *
92 * @param string $name
93 * @param mixed $default
94 * @return mixed
95 * @throws InvalidArgumentException
96 */
97 public function getParameter(string $name, $default = null)
98 {
99 if (!strlen($name)) {
100 throw new InvalidArgumentException('Invalid request parameter. Parameter name required.');
101 }
102 if (array_key_exists($name, $this->requestParameters) && $this->requestParameters[$name] !== null) {
103 return $this->filterNullBytes($this->requestParameters[$name]);
104 }
105 if (null !== $default) {
106 return $default;
107 }
108 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
109 }
110 /**
111 * Returns the requested parameter from the request object.
112 * If no default is provided and the requested parameter either can't be found or is not of type integer an
113 * exception will be thrown
114 *
115 * @param string $name
116 * @param int|null $default
117 * @return int
118 * @throws InvalidArgumentException
119 */
120 public function getIntegerParameter(string $name, ?int $default = null) : int
121 {
122 $parameter = $this->getParameter($name, $default);
123 if ((is_string($parameter) || is_numeric($parameter)) && (string) $parameter === (string) (int) $parameter) {
124 return (int) $parameter;
125 }
126 if (null !== $default) {
127 return $default;
128 }
129 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
130 }
131 /**
132 * Returns the requested parameter from the request object.
133 * If no default is provided and the requested parameter either can't be found or is not of type float an
134 * exception will be thrown
135 *
136 * @param string $name
137 * @param float|null $default
138 * @return float
139 * @throws InvalidArgumentException
140 */
141 public function getFloatParameter(string $name, ?float $default = null) : float
142 {
143 $parameter = $this->getParameter($name, $default);
144 if (is_float($parameter) || is_int($parameter)) {
145 return (float) $parameter;
146 }
147 // Regex for all supported float notations in PHP (see https://www.php.net/manual/en/language.types.float.php)
148 $floatRegex = "/^[-+]?((([0-9]+(_[0-9]+)*)|(([0-9]+(_[0-9]+)*)?\\.([0-9]+(_[0-9]+)*))|(([0-9]+(_[0-9]+)*)\\.([0-9]+(_[0-9]+)*)?))([eE][+-]?([0-9]+(_[0-9]+)*))?)\$/";
149 if (is_string($parameter) && preg_match($floatRegex, $parameter)) {
150 // underscores would break numbers if not removed before
151 return (float) str_replace('_', '', $parameter);
152 }
153 if (null !== $default) {
154 return $default;
155 }
156 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
157 }
158 /**
159 * Returns the requested parameter from the request object.
160 * If no default is provided and the requested parameter either can't be found or is not of type string an
161 * exception will be thrown
162 *
163 * @param string $name
164 * @param string|null $default
165 * @return string
166 * @throws InvalidArgumentException
167 */
168 public function getStringParameter(string $name, ?string $default = null) : string
169 {
170 $parameter = $this->getParameter($name, $default);
171 if (is_string($parameter) || is_numeric($parameter)) {
172 return $this->filterNullBytes((string) $parameter);
173 }
174 if (null !== $default) {
175 return $default;
176 }
177 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
178 }
179 /**
180 * Returns the requested parameter from the request object.
181 * If no default is provided and the requested parameter either can't be found or can't be converted to boolean
182 * exception will be thrown
183 *
184 * Values accepted as bool-ish:
185 * true: true, 'true', '1', 1
186 * false: false, 'false', '0', 0
187 *
188 * @param string $name
189 * @param bool|null $default
190 * @return bool
191 * @throws InvalidArgumentException
192 */
193 public function getBoolParameter(string $name, ?bool $default = null) : bool
194 {
195 $parameter = $this->getParameter($name, $default);
196 if ($parameter === \false || $parameter === \true) {
197 return $parameter;
198 }
199 if (\is_string($parameter) && \strtolower($parameter) === 'false' || $parameter === '0' || $parameter === 0) {
200 return \false;
201 }
202 if (\is_string($parameter) && \strtolower($parameter) === 'true' || $parameter === '1' || $parameter === 1) {
203 return \true;
204 }
205 if (null !== $default) {
206 return $default;
207 }
208 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
209 }
210 /**
211 * Returns the requested parameter from the request object.
212 * If no default is provided and the requested parameter either can't be found or is not of type array an
213 * exception will be thrown
214 *
215 * @param string $name
216 * @param array|null $default
217 * @return array
218 * @throws InvalidArgumentException
219 */
220 public function getArrayParameter(string $name, ?array $default = null) : array
221 {
222 $parameter = $this->getParameter($name, $default);
223 if (is_array($parameter)) {
224 return $this->filterNullBytes($parameter);
225 }
226 if (null !== $default) {
227 return $default;
228 }
229 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
230 }
231 /**
232 * Returns the requested parameter from the request object.
233 * If no default is provided and the requested parameter either can't be found or can't be json_decode'd an
234 * exception will be thrown
235 *
236 * @param string $name
237 * @param mixed $default
238 * @return mixed
239 * @throws InvalidArgumentException
240 */
241 public function getJsonParameter(string $name, $default = null)
242 {
243 try {
244 // Note we can't simply pass the default to getParameter here, in case the default would be string
245 // we would otherwise try to parse it as json below, which might result in unexpected behavior
246 $parameter = $this->getParameter($name);
247 } catch (InvalidArgumentException $e) {
248 $parameter = null;
249 if ($default !== null) {
250 return $default;
251 }
252 }
253 if (is_string($parameter)) {
254 $decodedValue = \json_decode($parameter, \true);
255 if ($decodedValue !== null && $decodedValue !== '') {
256 return $this->filterNullBytes($decodedValue);
257 }
258 }
259 if (null !== $default) {
260 return $default;
261 }
262 throw new InvalidArgumentException(sprintf(self::$exceptionMsg, $name));
263 }
264 private function filterNullBytes($value)
265 {
266 if (is_array($value)) {
267 $result = [];
268 foreach ($value as $key => $arrayValue) {
269 $result[$key] = $this->filterNullBytes($arrayValue);
270 }
271 return $result;
272 } else {
273 return is_string($value) ? \Piwik\Common::sanitizeNullBytes($value) : $value;
274 }
275 }
276 /**
277 * Returns an array containing all parameters of the request object
278 *
279 * @return array
280 */
281 public function getParameters() : array
282 {
283 return $this->requestParameters;
284 }
285 }
286