X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Frequest-functions.php;h=d90c41bb91d8849cb9b9ed763bbe86d356d0860a;hp=439e51bf61177ed41865c5382f0c7366b57f3f4a;hb=61621983cc6d7195fcc7eab29b5f6080ff283b34;hpb=2379934be6a196a54f4155bb8e24c49b20736969

diff --git a/inc/request-functions.php b/inc/request-functions.php
index 439e51bf61..d90c41bb91 100644
--- a/inc/request-functions.php
+++ b/inc/request-functions.php
@@ -10,14 +10,9 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Spezialle Funktionen fuer die Anfragebehandlung  *
  * -------------------------------------------------------------------- *
- * $Revision::                                                        $ *
- * $Date::                                                            $ *
- * $Tag:: 0.2.1-FINAL                                                 $ *
- * $Author::                                                          $ *
- * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
- * Copyright (c) 2009 - 2011 by Mailer Developer Team                   *
- * For more information visit: http://www.mxchange.org                  *
+ * Copyright (c) 2009 - 2016 by Mailer Developer Team                   *
+ * For more information visit: http://mxchange.org                      *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
  * it under the terms of the GNU General Public License as published by *
@@ -57,7 +52,7 @@ function getRequestElement ($element) {
 		$value = $GLOBALS['cache_request']['get'][$element];
 	} elseif (isGetRequestElementSet($element)) {
 		// Then get it directly
-		$value = SQL_ESCAPE($GLOBALS['raw_request']['get'][$element]);
+		$value = sqlEscapeString($GLOBALS['raw_request']['get'][$element]);
 
 		// Store it in cache
 		$GLOBALS['cache_request']['get'][$element] = $value;
@@ -78,6 +73,7 @@ function isGetRequestElementSet ($element, $subElement = '') {
 
 // Removes an element from $_GET
 function unsetGetRequestElement ($element) {
+	unset($GLOBALS['cache_request']['get'][$element]);
 	unset($GLOBALS['raw_request']['get'][$element]);
 }
 
@@ -89,7 +85,7 @@ function getRequestArray () {
 // Counts entries in $_GET or returns false if not an array
 function countRequestGet () {
 	// By default this is not an array
-	$count = false;
+	$count = FALSE;
 
 	// Get the array
 	$GET = getRequestArray();
@@ -106,8 +102,8 @@ function countRequestGet () {
 // Setter for element in $_GET
 function setGetRequestElement ($element, $value) {
 	// Escape both
-	$element = SQL_ESCAPE($element);
-	$value   = SQL_ESCAPE($value);
+	$element = sqlEscapeString($element);
+	$value   = sqlEscapeString($value);
 
 	// Set in $_GET
 	$GLOBALS['raw_request']['get'][$element] = $value;
@@ -117,7 +113,8 @@ function setGetRequestElement ($element, $value) {
 }
 
 // Wrapper for elements in $_POST
-function postRequestElement ($element, $subElement=null) {
+function postRequestElement ($element, $subElement = NULL) {
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element[' . gettype($element) . ']=' . $element . ',subElement[' . gettype($subElement) . ']=' . $subElement . ' - ENTERED!');
 	// By default no element is there
 	$value = NULL;
 
@@ -125,6 +122,7 @@ function postRequestElement ($element, $subElement=null) {
 	if (isset($GLOBALS['cache_request']['post'][$element][$subElement])) {
 		// Then use it
 		$value = $GLOBALS['cache_request']['post'][$element][$subElement];
+		//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element[' . gettype($element) . ']=' . $element . ',subElement[' . gettype($subElement) . ']=' . $subElement . ',value[' . gettype($value) . ']=' . $value . ' - CACHE!');
 	} elseif (isPostRequestElementSet($element)) {
 		// Then use it
 		$value = $GLOBALS['raw_request']['post'][$element];
@@ -132,25 +130,40 @@ function postRequestElement ($element, $subElement=null) {
 		// Is $subElement set?
 		if ((!is_null($subElement)) && (isPostRequestElementSet($element, $subElement))) {
 			// Then use this
-			$value = SQL_ESCAPE($value[$subElement]);
-		} elseif (!is_array($value)) {
+			$value = sqlEscapeString($value[$subElement]);
+			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',subElement=' . $subElement . ' - SUB!');
+		} elseif ((!is_array($value)) && (function_exists('sqlEscapeString'))) {
 			// Escape it here
-			$value = SQL_ESCAPE($value);
+			$value = sqlEscapeString($value);
+			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ' - REGULAR!');
 		}
 
 		// Set it in cache
+		//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',subElement=' . $subElement . ',value=' . $value.' - ADDED!');
 		$GLOBALS['cache_request']['post'][$element][$subElement] = $value;
 	} // END - if
 
 	// Return value
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element[' . gettype($element) . ']=' . $element . ',subElement[' . gettype($subElement) . ']=' . $subElement . ',value[' . gettype($value) . ']=' . $value . ' - EXIT!');
 	return $value;
 }
 
 // Checks if an element in $_POST exists
-function isPostRequestElementSet ($element, $subElement=null) {
+function isPostRequestElementSet ($element, $subElement = NULL) {
+	/*
+	 * Always check that $element is a string and that $subElement is NULL or
+	 * a string as numerical indexes are not wanted in POST data (in this
+	 * project).
+	 */
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element[]=' . gettype($element) . ',subElement[]=' . gettype($subElement));
+	assert(is_string($element) && ((is_null($subElement)) || (is_string($subElement)) || (is_int($subElement)) || (is_double($subElement))));
+
+	// Is a sub element set?
 	if (is_null($subElement)) {
-		return ((isset($GLOBALS['raw_request']['post'][$element])) && (('' . $GLOBALS['raw_request']['post'][$element] . '') != ''));
+		// No, then only check $element
+		return ((isset($GLOBALS['raw_request']['post'][$element])) && ((is_array($GLOBALS['raw_request']['post'][$element])) || (('' . $GLOBALS['raw_request']['post'][$element] . '') != '')));
 	} else {
+		// Yes, then check both together
 		return ((isset($GLOBALS['raw_request']['post'][$element][$subElement])) && (('' . $GLOBALS['raw_request']['post'][$element][$subElement] . '') != ''));
 	}
 }
@@ -158,6 +171,7 @@ function isPostRequestElementSet ($element, $subElement=null) {
 // Removes an element from $_POST
 function unsetPostRequestElement ($element) {
 	unset($GLOBALS['raw_request']['post'][$element]);
+	unset($GLOBALS['cache_request']['post'][$element]);
 }
 
 // Getter for whole $_POST array
@@ -173,7 +187,7 @@ function setPostRequestArray ($postData) {
 // Counts entries in $_POST or returns false if not an array
 function countRequestPost () {
 	// By default this is not an array
-	$count = false;
+	$count = FALSE;
 
 	// Get the array
 	$postData = postRequestArray();
@@ -185,6 +199,7 @@ function countRequestPost () {
 	} // END - if
 
 	// Return value
+	return $count;
 }
 
 // Setter for element in $_POST
@@ -198,53 +213,69 @@ function setPostRequestElement ($element, $value) {
 		$eval .= implode("']['", $element);
 
 		// Finish eval() command
-		$eval .= sprintf("'] = \"%s\";", SQL_ESCAPE($value));
+		$eval .= sprintf("'] = \"%s\";", sqlEscapeString($value));
 
 		// And run it
 		eval($eval);
 	} elseif (is_array($value)) {
 		// Escape element
-		$element = SQL_ESCAPE($element);
+		$element = sqlEscapeString($element);
 
 		// Value is an array so set it directly
 		$GLOBALS['raw_request']['post'][$element] = $value;
 	} else {
+		// Debug message
+		//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',value=' . $value . ' - BEFORE!');
+
 		// Escape both
-		$element = SQL_ESCAPE($element);
-		$value   = SQL_ESCAPE($value);
+		$element = sqlEscapeString($element);
+		$value   = sqlEscapeString($value);
+
+		// Debug message
+		//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'element=' . $element . ',value=' . $value . ' - AFTER!');
 
 		// Set regular entry
 		$GLOBALS['raw_request']['post'][$element] = $value;
 	}
 
 	// Update cache
-	$GLOBALS['cache_request']['post'][$element][null] = $value;
+	$GLOBALS['cache_request']['post'][$element][NULL] = $value;
 }
 
-// Checks wether a form was sent. If so, the $_POST['ok'] element must be set
+// Checks whether a form was sent. If so, the $_POST['ok'] element must be set
 function isFormSent ($requestParameter = 'ok') {
 	// Simply wrap it!
 	return isPostRequestElementSet($requestParameter);
 }
 
-// Checks if 'content_type' is set
-function isContentTypeSet () {
-	return isset($GLOBALS['content_type']);
-}
+// Getter for request URI
+function getRequestUri () {
+	// Is it not set?
+	if (!isset($_SERVER['REQUEST_URI'])) {
+		// Return empty string
+		return '';
+	} // END - if
 
-// Setter for content type
-function setContentType ($contentType) {
-	$GLOBALS['content_type'] = (string) $contentType;
+	// Return it
+	return $_SERVER['REQUEST_URI'];
 }
 
-// Getter for content type
-function getContentType () {
-	return $GLOBALS['content_type'];
-}
+// Add all GET parameters to a string (without leading sign)
+function addAllGetRequestParameters () {
+	// Init variable
+	$return = '';
 
-// Getter for request URI
-function getRequestUri () {
-	return $_SERVER['REQUEST_URI'];
+	// Now add all parameters
+	foreach (getRequestArray() as $key => $value) {
+		// Add it secured
+		$return .= sqlEscapeString($key) . '=' . sqlEscapeString($value) . '&amp;';
+	} // END - foreach
+
+	// Remove trailing &amp;
+	$return = substr($return, 0, -5);
+
+	// Return it
+	return $return;
 }
 
 // [EOF]