mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-24 11:08:45 +02:00
N°7034 - Symfony 6.4 - Not passing FILTER_REQUIRE_ARRAY or FILTER_FOR… (#581)
* change RequestManipulatorHelper read param function signature (add filter flag) * add FILTER_REQUIRE_ARRAY flag when expecting an array with read param function * add test for the read param function
This commit is contained in:
bdalsass
@@ -795,7 +795,7 @@ class ObjectController extends BrickController
|
||||
|
||||
// Updating host object
|
||||
$oFormManager->OnUpdate(array(
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW),
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY),
|
||||
));
|
||||
$oHostObject = $oFormManager->GetObject();
|
||||
}
|
||||
@@ -807,7 +807,7 @@ class ObjectController extends BrickController
|
||||
$sQuery = $this->oRequestManipulatorHelper->ReadParam('sSearchValue', '');
|
||||
$sFormPath = $this->oRequestManipulatorHelper->ReadParam('sFormPath', '');
|
||||
$sFieldId = $this->oRequestManipulatorHelper->ReadParam('sFieldId', '');
|
||||
$aObjectIdsToIgnore = $this->oRequestManipulatorHelper->ReadParam('aObjectIdsToIgnore', null, FILTER_UNSAFE_RAW);
|
||||
$aObjectIdsToIgnore = $this->oRequestManipulatorHelper->ReadParam('aObjectIdsToIgnore', null, FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
|
||||
// Building search query
|
||||
// - Retrieving target object class from attcode
|
||||
@@ -1274,8 +1274,8 @@ class ObjectController extends BrickController
|
||||
|
||||
// Retrieving parameters
|
||||
$sObjectClass = $this->oRequestManipulatorHelper->ReadParam('sObjectClass', '');
|
||||
$aObjectIds = $this->oRequestManipulatorHelper->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectAttCodes = $this->oRequestManipulatorHelper->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectIds = $this->oRequestManipulatorHelper->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
$aObjectAttCodes = $this->oRequestManipulatorHelper->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
if (empty($sObjectClass) || empty($aObjectIds) || empty($aObjectAttCodes)) {
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : sObjectClass, aObjectIds and aObjectAttCodes expected, "'.$sObjectClass.'", "'.implode('/',
|
||||
$aObjectIds).'" given.');
|
||||
@@ -1332,10 +1332,10 @@ class ObjectController extends BrickController
|
||||
// Retrieving parameters
|
||||
$sObjectClass = $this->oRequestManipulatorHelper->ReadParam('sObjectClass', '');
|
||||
$sLinkClass = $this->oRequestManipulatorHelper->ReadParam('sLinkClass', '');
|
||||
$aObjectIds = $this->oRequestManipulatorHelper->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectAttCodes = $this->oRequestManipulatorHelper->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$aLinkAttCodes = $this->oRequestManipulatorHelper->ReadParam('aLinkAttCodes', array(), FILTER_UNSAFE_RAW);
|
||||
$sDateTimePickerWidgetParent = $this->oRequestManipulatorHelper->ReadParam('sDateTimePickerWidgetParent', array(), FILTER_UNSAFE_RAW);
|
||||
$aObjectIds = $this->oRequestManipulatorHelper->ReadParam('aObjectIds', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
$aObjectAttCodes = $this->oRequestManipulatorHelper->ReadParam('aObjectAttCodes', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
$aLinkAttCodes = $this->oRequestManipulatorHelper->ReadParam('aLinkAttCodes', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
$sDateTimePickerWidgetParent = $this->oRequestManipulatorHelper->ReadParam('sDateTimePickerWidgetParent', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
|
||||
if (empty($sObjectClass) || empty($aObjectIds) || empty($aObjectAttCodes)) {
|
||||
IssueLog::Info(__METHOD__.' at line '.__LINE__.' : sObjectClass, aObjectIds and aObjectAttCodes expected, "'.$sObjectClass.'", "'.implode('/',
|
||||
|
||||
@@ -115,7 +115,7 @@ class UserProfileBrickController extends BrickController
|
||||
// If this is ajax call, we are just submitting preferences or password forms
|
||||
if ($oRequest->isXmlHttpRequest())
|
||||
{
|
||||
$aCurrentValues = $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW);
|
||||
$aCurrentValues = $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
$sFormType = $aCurrentValues['form_type'];
|
||||
if ($sFormType === PreferencesFormManager::FORM_TYPE)
|
||||
{
|
||||
@@ -214,7 +214,7 @@ class UserProfileBrickController extends BrickController
|
||||
$oFormManager = $sFormManagerClass::FromJSON($sFormManagerData);
|
||||
// Applying modification to object
|
||||
$aFormData['validation'] = $oFormManager->OnSubmit(array(
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW),
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY),
|
||||
));
|
||||
// Reloading page only if preferences were changed
|
||||
if (($aFormData['validation']['valid'] === true) && !empty($aFormData['validation']['messages']['success']))
|
||||
@@ -294,7 +294,7 @@ class UserProfileBrickController extends BrickController
|
||||
$oFormManager = $sFormManagerClass::FromJSON($sFormManagerData);
|
||||
// Applying modification to object
|
||||
$aFormData['validation'] = $oFormManager->OnSubmit(array(
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW),
|
||||
'currentValues' => $this->oRequestManipulatorHelper->ReadParam('current_values', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY),
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,7 +53,7 @@ class BrickControllerHelper
|
||||
public function ExtractSortParams()
|
||||
{
|
||||
// Getting sort params
|
||||
$aSortParams = $this->oRequestManipulator->ReadParam('aSortParams', array());
|
||||
$aSortParams = $this->oRequestManipulator->ReadParam('aSortParams', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY);
|
||||
|
||||
// Converting sort direction to proper format for DBObjectSet as it only accept real booleans
|
||||
foreach ($aSortParams as $sAttributeAlias => $sDirection)
|
||||
|
||||
@@ -222,7 +222,7 @@ class ObjectFormHandlerHelper
|
||||
$aPrefillFormParam = array(
|
||||
'user' => UserRights::GetUser(),
|
||||
'origin' => 'portal',
|
||||
'stimulus' => $this->oRequestManipulator->ReadParam('apply_stimulus', null)['code'],
|
||||
'stimulus' => $this->oRequestManipulator->ReadParam('apply_stimulus', null, FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY)['code'],
|
||||
);
|
||||
$oObject->PrefillForm('state_change', $aPrefillFormParam);
|
||||
}
|
||||
@@ -315,10 +315,10 @@ class ObjectFormHandlerHelper
|
||||
// Applying modification to object
|
||||
$aFormData['validation'] = $oFormManager->OnSubmit(
|
||||
array(
|
||||
'currentValues' => $this->oRequestManipulator->ReadParam('current_values', array(), FILTER_UNSAFE_RAW),
|
||||
'attachmentIds' => $this->oRequestManipulator->ReadParam('attachment_ids', array(), FILTER_UNSAFE_RAW),
|
||||
'currentValues' => $this->oRequestManipulator->ReadParam('current_values', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY),
|
||||
'attachmentIds' => $this->oRequestManipulator->ReadParam('attachment_ids', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY),
|
||||
'formProperties' => $aFormProperties,
|
||||
'applyStimulus' => $this->oRequestManipulator->ReadParam('apply_stimulus', null),
|
||||
'applyStimulus' => $this->oRequestManipulator->ReadParam('apply_stimulus', null, FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY),
|
||||
)
|
||||
);
|
||||
if ($aFormData['validation']['valid'] === true)
|
||||
@@ -337,7 +337,7 @@ class ObjectFormHandlerHelper
|
||||
break;
|
||||
|
||||
case 'update':
|
||||
$oFormManager->OnUpdate(array('currentValues' => $this->oRequestManipulator->ReadParam('current_values', array(), FILTER_UNSAFE_RAW), 'formProperties' => $aFormProperties));
|
||||
$oFormManager->OnUpdate(array('currentValues' => $this->oRequestManipulator->ReadParam('current_values', array(), FILTER_UNSAFE_RAW, FILTER_REQUIRE_ARRAY), 'formProperties' => $aFormProperties));
|
||||
break;
|
||||
|
||||
case 'cancel':
|
||||
@@ -399,7 +399,7 @@ class ObjectFormHandlerHelper
|
||||
ApplicationContext::MakeObjectUrl($sObjectClass, $sObjectId)
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
return $aFormData;
|
||||
}
|
||||
|
||||
|
||||
@@ -90,26 +90,27 @@ class RequestManipulatorHelper
|
||||
* @param string $sKey
|
||||
* @param mixed $default
|
||||
* @param int $iFilter Default is FILTER_SANITIZE_SPECIAL_CHARS
|
||||
* @param int $aFilterOptions @since 3.2.0 - N°6934 - Symfony 6.4 - upgrade Symfony bundles to 6.4
|
||||
*
|
||||
* @return mixed|null
|
||||
*
|
||||
* @since 2.5.1
|
||||
*/
|
||||
public function ReadParam($sKey, $default = null, $iFilter = FILTER_SANITIZE_SPECIAL_CHARS)
|
||||
public function ReadParam($sKey, $default = null, $iFilter = FILTER_SANITIZE_SPECIAL_CHARS, $aFilterOptions = [])
|
||||
{
|
||||
if ($this->GetCurrentRequest()->query->has($sKey))
|
||||
{
|
||||
return $this->GetCurrentRequest()->query->filter($sKey, $default, $iFilter);
|
||||
return $this->GetCurrentRequest()->query->filter($sKey, $default, $iFilter, $aFilterOptions);
|
||||
}
|
||||
|
||||
if ($this->GetCurrentRequest()->attributes->has($sKey))
|
||||
{
|
||||
return $this->GetCurrentRequest()->attributes->filter($sKey, $default, $iFilter);
|
||||
return $this->GetCurrentRequest()->attributes->filter($sKey, $default, $iFilter, $aFilterOptions);
|
||||
}
|
||||
|
||||
if ($this->GetCurrentRequest()->request->has($sKey))
|
||||
{
|
||||
return $this->GetCurrentRequest()->request->filter($sKey, $default, $iFilter);
|
||||
return $this->GetCurrentRequest()->request->filter($sKey, $default, $iFilter, $aFilterOptions);
|
||||
}
|
||||
|
||||
return $default;
|
||||
|
||||
Reference in New Issue
Block a user