aschwarz/Leitgedanken
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PDF rausgenommen

Browse Source
This commit is contained in:
aschwarz
2023-01-23 11:03:31 +01:00
parent 82d562a322
commit a6523903eb
28078 changed files with 4247552 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
msd2/phpBB3/phpbb/request/deactivated_super_global.php Normal file
View File

@ -0,0 +1,116 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\request;
/**
* Replacement for a superglobal (like $_GET or $_POST) which calls
* trigger_error on all operations but isset, overloads the [] operator with SPL.
*/
class deactivated_super_global implements \ArrayAccess, \Countable, \IteratorAggregate
{
/**
* @var string Holds the name of the superglobal this is replacing.
*/
private $name;
/**
* @var \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE Super global constant.
*/
private $super_global;
/**
* @var \phpbb\request\request_interface The request class instance holding the actual request data.
*/
private $request;
/**
* Constructor generates an error message fitting the super global to be used within the other functions.
*
* @param \phpbb\request\request_interface $request A request class instance holding the real super global data.
* @param string $name Name of the super global this is a replacement for - e.g. '_GET'.
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global The variable's super global constant.
*/
public function __construct(\phpbb\request\request_interface $request, $name, $super_global)
{
$this->request = $request;
$this->name = $name;
$this->super_global = $super_global;
}
/**
* Calls trigger_error with the file and line number the super global was used in.
*/
private function error()
{
$file = '';
$line = 0;
$message = 'Illegal use of $' . $this->name . '. You must use the request class to access input data. Found in %s on line %d. This error message was generated by deactivated_super_global.';
$backtrace = debug_backtrace();
if (isset($backtrace[1]))
{
$file = $backtrace[1]['file'];
$line = $backtrace[1]['line'];
}
trigger_error(sprintf($message, $file, $line), E_USER_ERROR);
}
/**
* Redirects isset to the correct request class call.
*
* @param string $offset The key of the super global being accessed.
*
* @return bool Whether the key on the super global exists.
*/
public function offsetExists($offset)
{
return $this->request->is_set($offset, $this->super_global);
}
/**#@+
* Part of the \ArrayAccess implementation, will always result in a FATAL error.
*/
public function offsetGet($offset)
{
$this->error();
}
public function offsetSet($offset, $value)
{
$this->error();
}
public function offsetUnset($offset)
{
$this->error();
}
/**#@-*/
/**
* Part of the \Countable implementation, will always result in a FATAL error
*/
public function count()
{
$this->error();
}
/**
* Part of the Traversable/IteratorAggregate implementation, will always result in a FATAL error
*/
public function getIterator()
{
$this->error();
}
}

454
msd2/phpBB3/phpbb/request/request.php Normal file
View File

@ -0,0 +1,454 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\request;
/**
* All application input is accessed through this class.
*
* It provides a method to disable access to input data through super globals.
* This should force MOD authors to read about data validation.
*/
class request implements \phpbb\request\request_interface
{
/**
* @var array The names of super global variables that this class should protect if super globals are disabled.
*/
protected $super_globals = array(
\phpbb\request\request_interface::POST => '_POST',
\phpbb\request\request_interface::GET => '_GET',
\phpbb\request\request_interface::REQUEST => '_REQUEST',
\phpbb\request\request_interface::COOKIE => '_COOKIE',
\phpbb\request\request_interface::SERVER => '_SERVER',
\phpbb\request\request_interface::FILES => '_FILES',
);
/**
* @var array Stores original contents of $_REQUEST array.
*/
protected $original_request = null;
/**
* @var
*/
protected $super_globals_disabled = false;
/**
* @var array An associative array that has the value of super global constants as keys and holds their data as values.
*/
protected $input;
/**
* @var \phpbb\request\type_cast_helper_interface An instance of a type cast helper providing convenience methods for type conversions.
*/
protected $type_cast_helper;
/**
* Initialises the request class, that means it stores all input data in {@link $input input}
* and then calls {@link \phpbb\request\deactivated_super_global \phpbb\request\deactivated_super_global}
*/
public function __construct(\phpbb\request\type_cast_helper_interface $type_cast_helper = null, $disable_super_globals = true)
{
if ($type_cast_helper)
{
$this->type_cast_helper = $type_cast_helper;
}
else
{
$this->type_cast_helper = new \phpbb\request\type_cast_helper();
}
foreach ($this->super_globals as $const => $super_global)
{
$this->input[$const] = isset($GLOBALS[$super_global]) ? $GLOBALS[$super_global] : array();
}
// simulate request_order = GP
$this->original_request = $this->input[\phpbb\request\request_interface::REQUEST];
$this->input[\phpbb\request\request_interface::REQUEST] = $this->input[\phpbb\request\request_interface::POST] + $this->input[\phpbb\request\request_interface::GET];
if ($disable_super_globals)
{
$this->disable_super_globals();
}
}
/**
* Getter for $super_globals_disabled
*
* @return bool Whether super globals are disabled or not.
*/
public function super_globals_disabled()
{
return $this->super_globals_disabled;
}
/**
* Disables access of super globals specified in $super_globals.
* This is achieved by overwriting the super globals with instances of {@link \phpbb\request\deactivated_super_global \phpbb\request\deactivated_super_global}
*/
public function disable_super_globals()
{
if (!$this->super_globals_disabled)
{
foreach ($this->super_globals as $const => $super_global)
{
unset($GLOBALS[$super_global]);
$GLOBALS[$super_global] = new \phpbb\request\deactivated_super_global($this, $super_global, $const);
}
$this->super_globals_disabled = true;
}
}
/**
* Enables access of super globals specified in $super_globals if they were disabled by {@link disable_super_globals disable_super_globals}.
* This is achieved by making the super globals point to the data stored within this class in {@link $input input}.
*/
public function enable_super_globals()
{
if ($this->super_globals_disabled)
{
foreach ($this->super_globals as $const => $super_global)
{
$GLOBALS[$super_global] = $this->input[$const];
}
$GLOBALS['_REQUEST'] = $this->original_request;
$this->super_globals_disabled = false;
}
}
/**
* This function allows overwriting or setting a value in one of the super global arrays.
*
* Changes which are performed on the super globals directly will not have any effect on the results of
* other methods this class provides. Using this function should be avoided if possible! It will
* consume twice the the amount of memory of the value
*
* @param string $var_name The name of the variable that shall be overwritten
* @param mixed $value The value which the variable shall contain.
* If this is null the variable will be unset.
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global shall be changed
*/
public function overwrite($var_name, $value, $super_global = \phpbb\request\request_interface::REQUEST)
{
if (!isset($this->super_globals[$super_global]))
{
return;
}
// setting to null means unsetting
if ($value === null)
{
unset($this->input[$super_global][$var_name]);
if (!$this->super_globals_disabled())
{
unset($GLOBALS[$this->super_globals[$super_global]][$var_name]);
}
}
else
{
$this->input[$super_global][$var_name] = $value;
if (!$this->super_globals_disabled())
{
$GLOBALS[$this->super_globals[$super_global]][$var_name] = $value;
}
}
}
/**
* Central type safe input handling function.
* All variables in GET or POST requests should be retrieved through this function to maximise security.
*
* @param string|array $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
* then specifying array("var", 1) as the name will return "a".
* @param mixed $default A default value that is returned if the variable was not set.
* This function will always return a value of the same type as the default.
* @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global should be used
*
* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
* the same as that of $default. If the variable is not set $default is returned.
*/
public function variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST)
{
return $this->_variable($var_name, $default, $multibyte, $super_global, true);
}
/**
* Get a variable, but without trimming strings.
* Same functionality as variable(), except does not run trim() on strings.
* This method should be used when handling passwords.
*
* @param string|array $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
* then specifying array("var", 1) as the name will return "a".
* @param mixed $default A default value that is returned if the variable was not set.
* This function will always return a value of the same type as the default.
* @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global should be used
*
* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
* the same as that of $default. If the variable is not set $default is returned.
*/
public function untrimmed_variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST)
{
return $this->_variable($var_name, $default, $multibyte, $super_global, false);
}
/**
* {@inheritdoc}
*/
public function raw_variable($var_name, $default, $super_global = \phpbb\request\request_interface::REQUEST)
{
$path = false;
// deep direct access to multi dimensional arrays
if (is_array($var_name))
{
$path = $var_name;
// make sure at least the variable name is specified
if (empty($path))
{
return (is_array($default)) ? array() : $default;
}
// the variable name is the first element on the path
$var_name = array_shift($path);
}
if (!isset($this->input[$super_global][$var_name]))
{
return (is_array($default)) ? array() : $default;
}
$var = $this->input[$super_global][$var_name];
if ($path)
{
// walk through the array structure and find the element we are looking for
foreach ($path as $key)
{
if (is_array($var) && isset($var[$key]))
{
$var = $var[$key];
}
else
{
return (is_array($default)) ? array() : $default;
}
}
}
return $var;
}
/**
* Shortcut method to retrieve SERVER variables.
*
* Also fall back to getenv(), some CGI setups may need it (probably not, but
* whatever).
*
* @param string|array $var_name See \phpbb\request\request_interface::variable
* @param mixed $Default See \phpbb\request\request_interface::variable
*
* @return mixed The server variable value.
*/
public function server($var_name, $default = '')
{
$multibyte = true;
if ($this->is_set($var_name, \phpbb\request\request_interface::SERVER))
{
return $this->variable($var_name, $default, $multibyte, \phpbb\request\request_interface::SERVER);
}
else
{
$var = getenv($var_name);
$this->type_cast_helper->recursive_set_var($var, $default, $multibyte);
return $var;
}
}
/**
* Shortcut method to retrieve the value of client HTTP headers.
*
* @param string|array $header_name The name of the header to retrieve.
* @param mixed $default See \phpbb\request\request_interface::variable
*
* @return mixed The header value.
*/
public function header($header_name, $default = '')
{
$var_name = 'HTTP_' . str_replace('-', '_', strtoupper($header_name));
return $this->server($var_name, $default);
}
/**
* Shortcut method to retrieve $_FILES variables
*
* @param string $form_name The name of the file input form element
*
* @return array The uploaded file's information or an empty array if the
* variable does not exist in _FILES.
*/
public function file($form_name)
{
return $this->variable($form_name, array('name' => 'none'), true, \phpbb\request\request_interface::FILES);
}
/**
* Checks whether a certain variable was sent via POST.
* To make sure that a request was sent using POST you should call this function
* on at least one variable.
*
* @param string $name The name of the form variable which should have a
* _p suffix to indicate the check in the code that creates the form too.
*
* @return bool True if the variable was set in a POST request, false otherwise.
*/
public function is_set_post($name)
{
return $this->is_set($name, \phpbb\request\request_interface::POST);
}
/**
* Checks whether a certain variable is set in one of the super global
* arrays.
*
* @param string $var Name of the variable
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies the super global which shall be checked
*
* @return bool True if the variable was sent as input
*/
public function is_set($var, $super_global = \phpbb\request\request_interface::REQUEST)
{
return isset($this->input[$super_global][$var]);
}
/**
* Checks whether the current request is an AJAX request (XMLHttpRequest)
*
* @return bool True if the current request is an ajax request
*/
public function is_ajax()
{
return $this->header('X-Requested-With') == 'XMLHttpRequest';
}
/**
* Checks if the current request is happening over HTTPS.
*
* @return bool True if the request is secure.
*/
public function is_secure()
{
$https = $this->server('HTTPS');
$https = $this->server('HTTP_X_FORWARDED_PROTO') === 'https' ? 'on' : $https;
return !empty($https) && $https !== 'off';
}
/**
* Returns all variable names for a given super global
*
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* The super global from which names shall be taken
*
* @return array All variable names that are set for the super global.
* Pay attention when using these, they are unsanitised!
*/
public function variable_names($super_global = \phpbb\request\request_interface::REQUEST)
{
if (!isset($this->input[$super_global]))
{
return array();
}
return array_keys($this->input[$super_global]);
}
/**
* Helper function used by variable() and untrimmed_variable().
*
* @param string|array $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
* then specifying array("var", 1) as the name will return "a".
* @param mixed $default A default value that is returned if the variable was not set.
* This function will always return a value of the same type as the default.
* @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global should be used
* @param bool $trim Indicates whether trim() should be applied to string values.
*
* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
* the same as that of $default. If the variable is not set $default is returned.
*/
protected function _variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST, $trim = true)
{
$var = $this->raw_variable($var_name, $default, $super_global);
// Return prematurely if raw variable is empty array or the same as
// the default. Using strict comparison to ensure that one can't
// prevent proper type checking on any input variable
if ($var === array() || $var === $default)
{
return $var;
}
$this->type_cast_helper->recursive_set_var($var, $default, $multibyte, $trim);
return $var;
}
/**
* {@inheritdoc}
*/
public function get_super_global($super_global = \phpbb\request\request_interface::REQUEST)
{
return $this->input[$super_global];
}
/**
* {@inheritdoc}
*/
public function escape($var, $multibyte)
{
if (is_array($var))
{
$result = array();
foreach ($var as $key => $value)
{
$this->type_cast_helper->set_var($key, $key, gettype($key), $multibyte);
$result[$key] = $this->escape($value, $multibyte);
}
$var = $result;
}
else
{
$this->type_cast_helper->set_var($var, $var, 'string', $multibyte);
}
return $var;
}
}

177
msd2/phpBB3/phpbb/request/request_interface.php Normal file
View File

@ -0,0 +1,177 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\request;
/**
* An interface through which all application input can be accessed.
*/
interface request_interface
{
/**#@+
* Constant identifying the super global with the same name.
*/
const POST = 0;
const GET = 1;
const REQUEST = 2;
const COOKIE = 3;
const SERVER = 4;
const FILES = 5;
/**#@-*/
/**
* This function allows overwriting or setting a value in one of the super global arrays.
*
* Changes which are performed on the super globals directly will not have any effect on the results of
* other methods this class provides. Using this function should be avoided if possible! It will
* consume twice the the amount of memory of the value
*
* @param string $var_name The name of the variable that shall be overwritten
* @param mixed $value The value which the variable shall contain.
* If this is null the variable will be unset.
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global shall be changed
*/
public function overwrite($var_name, $value, $super_global = \phpbb\request\request_interface::REQUEST);
/**
* Central type safe input handling function.
* All variables in GET or POST requests should be retrieved through this function to maximise security.
*
* @param string|array $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
* then specifying array("var", 1) as the name will return "a".
* @param mixed $default A default value that is returned if the variable was not set.
* This function will always return a value of the same type as the default.
* @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global should be used
*
* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
* the same as that of $default. If the variable is not set $default is returned.
*/
public function variable($var_name, $default, $multibyte = false, $super_global = \phpbb\request\request_interface::REQUEST);
/**
* Get a variable without trimming strings and without escaping.
* This method MUST NOT be used with queries.
* Same functionality as variable(), except does not run trim() on strings
* and does not escape input.
* This method should only be used when the raw input is needed without
* any escaping, i.e. for database password during the installation.
*
* @param string|array $var_name The form variable's name from which data shall be retrieved.
* If the value is an array this may be an array of indizes which will give
* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
* then specifying array("var", 1) as the name will return "a".
* @param mixed $default A default value that is returned if the variable was not set.
* This function will always return a value of the same type as the default.
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies which super global should be used
*
* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
* the same as that of $default. If the variable is not set $default is returned.
*/
public function raw_variable($var_name, $default, $super_global = \phpbb\request\request_interface::REQUEST);
/**
* Shortcut method to retrieve SERVER variables.
*
* @param string|array $var_name See \phpbb\request\request_interface::variable
* @param mixed $default See \phpbb\request\request_interface::variable
*
* @return mixed The server variable value.
*/
public function server($var_name, $default = '');
/**
* Shortcut method to retrieve the value of client HTTP headers.
*
* @param string|array $header_name The name of the header to retrieve.
* @param mixed $default See \phpbb\request\request_interface::variable
*
* @return mixed The header value.
*/
public function header($var_name, $default = '');
/**
* Checks whether a certain variable was sent via POST.
* To make sure that a request was sent using POST you should call this function
* on at least one variable.
*
* @param string $name The name of the form variable which should have a
* _p suffix to indicate the check in the code that creates the form too.
*
* @return bool True if the variable was set in a POST request, false otherwise.
*/
public function is_set_post($name);
/**
* Checks whether a certain variable is set in one of the super global
* arrays.
*
* @param string $var Name of the variable
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* Specifies the super global which shall be checked
*
* @return bool True if the variable was sent as input
*/
public function is_set($var, $super_global = \phpbb\request\request_interface::REQUEST);
/**
* Checks whether the current request is an AJAX request (XMLHttpRequest)
*
* @return bool True if the current request is an ajax request
*/
public function is_ajax();
/**
* Checks if the current request is happening over HTTPS.
*
* @return bool True if the request is secure.
*/
public function is_secure();
/**
* Returns all variable names for a given super global
*
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* The super global from which names shall be taken
*
* @return array All variable names that are set for the super global.
* Pay attention when using these, they are unsanitised!
*/
public function variable_names($super_global = \phpbb\request\request_interface::REQUEST);
/**
* Returns the original array of the requested super global
*
* @param \phpbb\request\request_interface::POST|GET|REQUEST|COOKIE $super_global
* The super global which will be returned
*
* @return array The original array of the requested super global.
*/
public function get_super_global($super_global = \phpbb\request\request_interface::REQUEST);
/**
* Escape a string variable.
*
* @param mixed $value The contents to fill with
* @param bool $multibyte Indicates whether string values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.
* @return string|array
*/
public function escape($value, $multibyte);
}

124
msd2/phpBB3/phpbb/request/type_cast_helper.php Normal file
View File

@ -0,0 +1,124 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\request;
/**
* A helper class that provides convenience methods for type casting.
*/
class type_cast_helper implements \phpbb\request\type_cast_helper_interface
{
/**
* Set variable $result to a particular type.
*
* @param mixed &$result The variable to fill
* @param mixed $var The contents to fill with
* @param mixed $type The variable type. Will be used with {@link settype()}
* @param bool $multibyte Indicates whether string values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.
* @param bool $trim Indicates whether trim() should be applied to string values.
* Default is true.
*/
public function set_var(&$result, $var, $type, $multibyte = false, $trim = true)
{
settype($var, $type);
$result = $var;
if ($type == 'string')
{
$result = str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result);
if ($trim)
{
$result = trim($result);
}
$result = htmlspecialchars($result, ENT_COMPAT, 'UTF-8');
if ($multibyte)
{
$result = utf8_normalize_nfc($result);
}
if (!empty($result))
{
// Make sure multibyte characters are wellformed
if ($multibyte)
{
if (!preg_match('/^./u', $result))
{
$result = '';
}
}
else
{
// no multibyte, allow only ASCII (0-127)
$result = preg_replace('/[\x80-\xFF]/', '?', $result);
}
}
}
}
/**
* Recursively sets a variable to a given type using {@link set_var set_var}
*
* @param string $var The value which shall be sanitised (passed by reference).
* @param mixed $default Specifies the type $var shall have.
* If it is an array and $var is not one, then an empty array is returned.
* Otherwise var is cast to the same type, and if $default is an array all
* keys and values are cast recursively using this function too.
* @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to
* be replaced with question marks.
* @param bool $trim Indicates whether trim() should be applied to string values.
* Default is true.
*/
public function recursive_set_var(&$var, $default, $multibyte, $trim = true)
{
if (is_array($var) !== is_array($default))
{
$var = (is_array($default)) ? array() : $default;
return;
}
if (!is_array($default))
{
$type = gettype($default);
$this->set_var($var, $var, $type, $multibyte, $trim);
}
else
{
// make sure there is at least one key/value pair to use get the
// types from
if (empty($default))
{
$var = array();
return;
}
list($default_key, $default_value) = each($default);
$key_type = gettype($default_key);
$_var = $var;
$var = array();
foreach ($_var as $k => $v)
{
$this->set_var($k, $k, $key_type, $multibyte);
$this->recursive_set_var($v, $default_value, $multibyte, $trim);
$var[$k] = $v;
}
}
}
}

45
msd2/phpBB3/phpbb/request/type_cast_helper_interface.php Normal file
View File

@ -0,0 +1,45 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\request;
/**
* An interface for type cast operations.
*/
interface type_cast_helper_interface
{
/**
* Set variable $result to a particular type.
*
* @param mixed &$result The variable to fill
* @param mixed $var The contents to fill with
* @param mixed $type The variable type. Will be used with {@link settype()}
* @param bool $multibyte Indicates whether string values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.
*/
public function set_var(&$result, $var, $type, $multibyte = false);
/**
* Recursively sets a variable to a given type using {@link set_var set_var}.
*
* @param string $var The value which shall be sanitised (passed by reference).
* @param mixed $default Specifies the type $var shall have.
* If it is an array and $var is not one, then an empty array is returned.
* Otherwise var is cast to the same type, and if $default is an array all
* keys and values are cast recursively using this function too.
* @param bool $multibyte Indicates whether string keys and values may contain UTF-8 characters.
* Default is false, causing all bytes outside the ASCII range (0-127) to
* be replaced with question marks.
*/
public function recursive_set_var(&$var, $default, $multibyte);
}