<?php
/**
- * A concrete HTTP request class to make HTTP requests more abstract
+ * A concrete and secured HTTP request class to make HTTP requests more abstract
*
* @author Roland Haeder <webmaster@ship-simu.org>
* @version 0.0.0
- * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
* @license GNU GPL 3.0 or any newer version
* @link http://www.ship-simu.org
*
// Call parent constructor
parent::__construct(__CLASS__);
- // Set part description
- $this->setObjectDescription("HTTP request");
-
- // Create unique ID number
- $this->generateUniqueId();
-
// Clean up a little
$this->removeNumberFormaters();
$this->removeSystemArray();
* @return void
*/
public function prepareRequestData () {
- // Copy the $_REQUEST array
- $this->requestData = $_REQUEST;
+ // Copy GET then POST data
+ $this->requestData = array_merge($_GET, $_POST);
}
/**
*/
public function isRequestElementSet ($element) {
// Is this element found?
- if (!isset($this->requestData[$element])) {
- // Then return false
- return false;
- } // END - if
+ $isSet = isset($this->requestData[$element]);
- // All clear
- return true;
+ // Return result
+ return $isSet;
}
/**
- * Getter for request element or 'null' if the element was not found
+ * Getter for request element or 'null' if element was not found
*
* @param $element Name of the request element we want to check
* @return $value Value of the found request element or 'null' if the
// Initialize value
$value = null;
+ // Is the element set?
if ($this->isRequestElementSet($element)) {
- $value = $this->requestData[$element];
+ // Get the bare value
+ $value = $this->requestData[$element];
+
+ // Secure it against attacks
+ $value = htmlentities(strip_tags($value), ENT_QUOTES);
} // END - if
// Return the element's value
}
/**
- * Getter for a header element or 'null' if the header was not found
+ * Getter for a header element or 'null' if header was not found
*
* @param $headerName Name of the header
* @return $headerValue Value of the header or 'null' if not found