Index: trunk/core/kernel/utility/http_query.php =================================================================== diff -u -r939 -r1339 --- trunk/core/kernel/utility/http_query.php (.../http_query.php) (revision 939) +++ trunk/core/kernel/utility/http_query.php (.../http_query.php) (revision 1339) @@ -57,6 +57,8 @@ */ var $Files; + var $specialsToRemove = Array(); + /** * Loads info from $_POST, $_GET and * related arrays into common place @@ -70,10 +72,34 @@ parent::Params(); $this->Order = $order; $this->AddAllVars(); - $this->processQueryString(); - ini_set("magic_quotes_gpc", 0); + + $this->specialsToRemove = $this->Get('remove_specials'); + if($this->specialsToRemove) + { + $this->_Params = $this->removeSpecials($this->_Params); + } + ini_set('magic_quotes_gpc', 0); } + function removeSpecials($array) + { + $ret = Array(); + $removed = false; + foreach($this->specialsToRemove as $prefix_special => $flag) + { + if($flag) + { + $removed = true; + list($prefix,$special) = explode('.',$prefix_special); + foreach ($array as $key => $val) { + $new_key = preg_match("/^".$prefix."[._]{1}".$special."(.*)/", $key, $regs) ? $prefix.$regs[1] : $key; + $ret[$new_key] = is_array($val) ? $this->removeSpecials($val) : $val; + } + } + } + return $removed ? $ret : $array; + } + /** * All all requested vars to * common storage place @@ -88,10 +114,12 @@ switch ($current) { case 'G': $this->Get =$this->AddVars($_GET); + $this->processQueryString(); break; case 'P': - $my_post = $this->post_convert($_POST); // needed ? + //$my_post = $this->post_convert($_POST); // needed ? $this->Post = $this->AddVars($_POST); + $this->convertPostEvents(); break; case 'C': $this->Cookie = $this->AddVars($_COOKIE); @@ -103,11 +131,106 @@ $this->Server = $this->AddVars($_SERVER); break; case 'F'; - $this->Files = $this->AddVars($_FILES); + $this->convertFiles(); + $this->Files = $this->MergeVars($_FILES, false); //do not strip slashes! break; } } } + + function convertFiles() + { + if (!$_FILES) + { + return false; + } + + $file_keys = Array('error','name','size','tmp_name','type'); + + foreach($_FILES as $file_name => $file_info) + { + if( is_array($file_info['error']) ) + { + $tmp[$file_name] = $this->getArrayLevel( $file_info['error'], $file_name ); + } + else + { + $normal_files[$file_name] = $file_info; + } + } + + $files = $_FILES; + $_FILES = Array(); + + foreach($tmp as $prefix => $prefix_files) + { + $anchor =& $_FILES; + foreach($prefix_files['keys'] as $key) + { + $anchor =& $anchor[$key]; + } + foreach($prefix_files['value'] as $field_name) + { + unset($inner_anchor); + unset($copy); + $work_copy = $prefix_files['keys']; + foreach($file_keys as $file_key) + { + $inner_anchor =& $files[$prefix][$file_key]; + if (isset($copy)) + { + $work_copy = $copy; + } + else + { + $copy = $work_copy; + } + array_shift($work_copy); + foreach($work_copy as $prefix_file_key) + { + $inner_anchor =& $inner_anchor[$prefix_file_key]; + } + $anchor[$field_name][$file_key] = $inner_anchor[$field_name]; + } + } + } + + // keys: img_temp, 0, values: LocalPath, ThumbPath + } + + function getArrayLevel(&$level, $prefix='') + { + $ret['keys'] = $prefix ? Array($prefix) : Array(); + $ret['value'] = Array(); + + foreach($level as $level_key => $level_value) + { + if( is_array($level_value) ) + { + $ret['keys'][] = $level_key; + $tmp = $this->getArrayLevel($level_value); + + $ret['keys'] = array_merge($ret['keys'], $tmp['keys']); + $ret['value'] = array_merge($ret['value'], $tmp['value']); + } + else + { + $ret['value'][] = $level_key; + } + } + + return $ret; + } + + function convertPostEvents() + { + $events = $this->Get('events'); + if (is_array($events)) { + foreach ($events as $prefix_special => $event) { + $this->Set($prefix_special.'_event', $event); + } + } + } /** * Process QueryString only, create @@ -120,39 +243,84 @@ function processQueryString() { // env=SID:TEMPLATE:m-1-1-1-1:l0-0-0:n-0-0-0:bb-0-0-1-1-1-0 - + $env_var =& $this->Get(ENV_VAR_NAME); if($env_var) { + $env_var = str_replace('\:','_&+$$+&_',$env_var); // replace escaped "=" with spec-chars :) + $parts=explode(':',$env_var); - // Save Session ID - $sid=array_shift($parts); - if($sid) $this->Set('sid',$sid); + if (defined('INPORTAL_ENV')) { + $sub_parts = array_shift($parts); + + list($sid, $t) = explode('-', $sub_parts, 2); + + + // Save Session ID + if($sid) $this->Set('sid',$sid); + + // Save Template Name + $t=$this->getTemplateName( $t ); + if(!$t) $t='index'; + $this->Set('t',$t); + } + else { + // Save Session ID + $sid=array_shift($parts); + if($sid) $this->Set('sid',$sid); + + // Save Template Name + $t=$this->getTemplateName( array_shift($parts) ); + if(!$t) $t='index'; + $this->Set('t',$t); + } - // Save Template Name - $t=$this->getTemplateName( array_shift($parts) ); - if(!$t) $t='index'; - $this->Set('t',$t); - if($parts) { $query_maps=Array(); $event_manger =& $this->Application->recallObject('EventManager'); + $passed = Array(); + foreach($parts as $mixed_part) { - $mixed_part=explode('-',$mixed_part); + //In-portal old style env conversion - adds '-' between prefix and first var + $mixed_part = str_replace('_&+$$+&_',':',$mixed_part); + $mixed_part = preg_replace("/^([a-zA-Z]+)([0-9]+)-(.*)/", "$1-$2-$3", $mixed_part); + + $escaped_part = str_replace('\-', '_&+$$+&_', $mixed_part); + $escaped_part = explode('-', $escaped_part); + + $mixed_part = array(); + foreach ($escaped_part as $escaped_val) { + $mixed_part[] = str_replace('_&+$$+&_', '-', $escaped_val); + } + $prefix_special=array_shift($mixed_part); // l.pick, l list($prefix)=explode('.',$prefix_special); - + $query_maps[$prefix_special]=$this->Application->getUnitOption($prefix,'QueryString'); - foreach($query_maps[$prefix_special] as $index => $var_name) + + // if config is not defined for prefix in QueryString, then don't process it + if( $query_maps[$prefix_special] ) { - // l_id, l_page, l_bla-bla-bla - $this->Set($prefix_special.'_'.$var_name,$mixed_part[$index-1]); + array_push($passed, $prefix); + foreach($query_maps[$prefix_special] as $index => $var_name) + { + // l_id, l_page, l_bla-bla-bla + $val = $mixed_part[$index-1]; + if ($val == '') $val = false; + $this->Set($prefix_special.'_'.$var_name, $val); + } } + else + { + unset($query_maps[$prefix_special]); + } + } + $this->Set('passed', implode(',', $passed)); $event_manger->setQueryMaps($query_maps); } } @@ -173,8 +341,15 @@ */ function getTemplateName($querystring_template) { - $t_from_post=$this->Get('t'); - $t=$t_from_post?$t_from_post:$querystring_template; + $t_from_post = $this->Get('t'); + $t= $t_from_post ? $t_from_post : $querystring_template; + + if ( is_numeric($t) ) { + $t = $this->Application->DB->GetOne('SELECT CONCAT(FilePath, \'/\', FileName) FROM '.TABLE_PREFIX.'ThemeFiles + WHERE FileId = '.$t); + } + $t = preg_replace("/\.tpl$/", '', $t); + return $t; } @@ -200,40 +375,34 @@ */ function AddVars($array) { - foreach ($array as $key => $val) { - if (get_magic_quotes_gpc()) - { - - if ( is_array($val) ) - { - foreach ($val as $key_array => $val_array) - { - if( is_array($val_array) ) - { - $array[$key][$key_array] = $this->AddVars($val_array); - } - else - { - $array[$key][$key_array] = stripslashes($val_array); - } - - } - $this->Set($key, $array[$key]); - } - else { - $array[$key] = stripslashes($val); - $this->Set($key, $array[$key]); - } - - - } - else { - $this->Set($key, $val); - } + $array = $this->StripSlashes($array); + foreach($array as $key => $value) + { + $this->Set($key,$value); } return $array; } + function MergeVars($array, $strip_slashes=true) + { + if ($strip_slashes) $array = $this->StripSlashes($array); + foreach($array as $key => $value) + { + $this->_Params = array_merge_recursive2($this->_Params, Array($key=>$value)); + } + return $array; + } + + function StripSlashes($array) + { + if( !get_magic_quotes_gpc() ) return $array; + foreach($array as $key=>$value) + { + $array[$key]=is_array($value)?$this->StripSlashes($value):stripslashes($value); + } + return $array; + } + /** * Returns the hash of http params * matching the mask with values