PHP Classes

Minor issues with requestUtils...

Recommend this page to a friend!

      requestUtils  >  All threads  >  Minor issues with requestUtils...  >  (Un) Subscribe thread alerts  
Subject:Minor issues with requestUtils...
Summary:requestUtils generates notice messages unnecessarily...
Messages:1
Author:Richard Munroe
Date:2006-06-11 13:51:07
 

  1. Minor issues with requestUtils...   Reply   Report abuse  
Picture of Richard Munroe Richard Munroe - 2006-06-11 13:51:07
As shipped there are a couple of minor issues with request utils. I've included my changed version below. First, the short tag is expanded to the long version for better portability. Second, code is added to avoid generate notice log entries when the requested item doesn't exist in the particular super global:

<?php

/*
* Dick Munroe (munroe@csworks.com) 11-Jun-2006
* To get rid of Notice errors, check for the existance of the key in the
* specified array before copying it. Change the short tag for better
* portability.
*/

define("ALLOW_HTML_TAGS_IN_POST_GET_REQUESTS",false);

class requestUtils
{

/**
* @return data gotten from request object
* @param elementName : form Element Name
* @param requestType : REQUEST, COOKIE, POST OR GET
* @desc getRequestObjects : this function gets elements from forms, check if magic quotes are on and add slashes if necessary
* @version 1.0.1
* @license GNU GPL License
* @author Nilesh Dosooye <opensource@weboot.com>
* @copyright Copyright &copy; 2004, Nilesh Dosooye
*/
function getRequestObject($elementName,$requestType="")
{

if (strtolower($requestType)=="get")
{
$data = (array_key_exists($elementName, $_GET) ? $_GET[$elementName] : NULL) ;
}
else if (strtolower($requestType)=="post")
{
$data = (array_key_exists($elementName, $_POST) ? $_POST[$elementName] : NULL) ;
}
else if (strtolower($requestType)=="cookie")
{
$data = (array_key_exists($elementName, $_COOKIE) ? $_COOKIE[$elementName] : NULL) ;
}
else
{
$data = (array_key_exists($elementName, $_REQUEST) ? $_REQUEST[$elementName] : NULL) ;
}


// If results is array.. as in check boxes etc.. return the array as is
if (is_array($data) || ($data === NULL))
{

return $data;
}
else
{

// DO SANITY CHECK HERE
// Allow HTML from user input or not (flag set in application Constants)
// do whatever else sanity checking here to prevent XSS and similar user injections
if (ALLOW_HTML_TAGS_IN_POST_GET_REQUESTS)
{
// Remove all HTML Tags from user input
// including SCRIPT, APPLET, EMBED etc..
$data = strip_tags($data);
}

// if magic quotes == on, return data as is
if (get_magic_quotes_gpc()==1)
{
return $data;
}
// if magic quotes == off, then return data with slashes
else
{

return addslashes($data);
}
}

}

}
?>