Permalink
Browse files

implemented filter_id; eradicate evil tabs

  • Loading branch information...
1 parent bbef0c4 commit c8fe63bbe3fa6f5fe0bd5966055fd4b830f4b485 @ahamid ahamid committed Feb 6, 2011
@@ -54,28 +54,28 @@
/**
* ********** CONSTANTS **************
*/
- /* INPUT constants taken from http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/main/php_variables.h?revision=306939&view=markup
- * Should probably move to Quercus core.
- */
+ /* INPUT constants taken from http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/main/php_variables.h?revision=306939&view=markup
+ * Should probably move to Quercus core.
+ */
public static final int INPUT_POST = 0; // POST variables.
public static final int INPUT_GET = 1; // GET variables.
public static final int INPUT_COOKIE = 2; // COOKIE variables.
public static final int INPUT_ENV = 4; // ENV variables.
public static final int INPUT_SERVER = 5; // SERVER variables.
public static final int INPUT_SESSION = 6; // SESSION variables. (not implemented yet)
-
+
/* Filter module defines this itself (as PARSE_REQUEST) */
public static final int INPUT_REQUEST = 99; // REQUEST variables. (not implemented yet)
-
+
/* FILTER constants taken from http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/filter/filter_private.h?revision=307670&view=markup */
public static final int FILTER_FLAG_NONE = 0x0000; // No flags.
-
+
public static final int FILTER_REQUIRE_ARRAY = 0x1000000; // Require an array as input.
public static final int FILTER_REQUIRE_SCALAR = 0x2000000; // Flag used to require scalar as input
-
+
public static final int FILTER_FORCE_ARRAY = 0x4000000; // Always returns an array.
public static final int FILTER_NULL_ON_FAILURE = 0x8000000; // Use NULL instead of FALSE on failure.
-
+
public static final int FILTER_VALIDATE_ALL = 0x0100;
public static final int FILTER_VALIDATE_INT = 0x0101; // ID of "int" filter.
public static final int FILTER_VALIDATE_BOOLEAN = 0x0102; // ID of "boolean" filter.
@@ -85,11 +85,11 @@
public static final int FILTER_VALIDATE_EMAIL = 0x0112; // ID of "validate_email" filter.
public static final int FILTER_VALIDATE_IP = 0x0113; // ID of "validate_ip" filter.
public static final int FILTER_VALIDATE_LAST = FILTER_VALIDATE_IP;
-
+
public static final int FILTER_UNSAFE_RAW = 0x0204; // ID of "unsafe_raw" filter.
public static final int FILTER_DEFAULT = FILTER_UNSAFE_RAW; // ID of default ("string") filter.
-
- public static final int FILTER_SANITIZE_ALL = 0x0200;
+
+ public static final int FILTER_SANITIZE_ALL = 0x0200;
public static final int FILTER_SANITIZE_STRING = 0x0201; // ID of "string" filter.
public static final int FILTER_SANITIZE_STRIPPED = FILTER_SANITIZE_STRING; // ID of "stripped" filter.
public static final int FILTER_SANITIZE_ENCODED = 0x0202; // ID of "encoded" filter.
@@ -101,7 +101,7 @@
public static final int FILTER_SANITIZE_MAGIC_QUOTES = 0x0209; // ID of "magic_quotes" filter.
public static final int FILTER_SANITIZE_FULL_SPECIAL_CHARS = 0x020a;
public static final int FILTER_SANITIZE_LAST = FILTER_SANITIZE_FULL_SPECIAL_CHARS;
-
+
public static final int FILTER_CALLBACK = 0x400; // ID of "callback" filter.
public static final int FILTER_FLAG_ALLOW_OCTAL = 0x0001; // Allow octal notation (0[0-7]+) in "int" filter.
@@ -136,54 +136,79 @@
private static final CompiledConstStringValue _COOKIE = new CompiledConstStringValue("_COOKIE");
private static final CompiledConstStringValue _SESSION = new CompiledConstStringValue("_SESSION");
private static final CompiledConstStringValue _ENV = new CompiledConstStringValue("_ENV");
-
+
private static final HashMap<StringValue,Value> _constMap = new HashMap<StringValue,Value>();
static {
- // not sure whether these should be in core or filter module
- addConstant(_constMap, "INPUT_POST", INPUT_POST);
- addConstant(_constMap, "INPUT_GET", INPUT_GET);
- addConstant(_constMap, "INPUT_COOKIE", INPUT_COOKIE);
- addConstant(_constMap, "INPUT_ENV", INPUT_ENV);
- addConstant(_constMap, "INPUT_SERVER", INPUT_SERVER);
- addConstant(_constMap, "INPUT_SESSION", INPUT_SESSION);
- addConstant(_constMap, "INPUT_REQUEST", INPUT_REQUEST);
+ // not sure whether these should be in core or filter module
+ addConstant(_constMap, "INPUT_POST", INPUT_POST);
+ addConstant(_constMap, "INPUT_GET", INPUT_GET);
+ addConstant(_constMap, "INPUT_COOKIE", INPUT_COOKIE);
+ addConstant(_constMap, "INPUT_ENV", INPUT_ENV);
+ addConstant(_constMap, "INPUT_SERVER", INPUT_SERVER);
+ addConstant(_constMap, "INPUT_SESSION", INPUT_SESSION);
+ addConstant(_constMap, "INPUT_REQUEST", INPUT_REQUEST);
}
-
+
private static final HashMap<Integer, CompiledConstStringValue> _inputTypeMap = new HashMap<Integer, CompiledConstStringValue>();
static {
- _inputTypeMap.put(INPUT_POST, _POST);
- _inputTypeMap.put(INPUT_GET, _GET);
- _inputTypeMap.put(INPUT_COOKIE, _COOKIE);
- _inputTypeMap.put(INPUT_ENV, _ENV);
- _inputTypeMap.put(INPUT_SERVER, _SERVER);
- _inputTypeMap.put(INPUT_SESSION, _SESSION);
- _inputTypeMap.put(INPUT_REQUEST, _REQUEST);
+ _inputTypeMap.put(INPUT_POST, _POST);
+ _inputTypeMap.put(INPUT_GET, _GET);
+ _inputTypeMap.put(INPUT_COOKIE, _COOKIE);
+ _inputTypeMap.put(INPUT_ENV, _ENV);
+ _inputTypeMap.put(INPUT_SERVER, _SERVER);
+ _inputTypeMap.put(INPUT_SESSION, _SESSION);
+ _inputTypeMap.put(INPUT_REQUEST, _REQUEST);
+ }
+
+ static final HashMap<String, Integer> _filterList = new HashMap<String, Integer>();
+ static {
+ _filterList.put("int", FILTER_VALIDATE_INT);
+ _filterList.put("boolean", FILTER_VALIDATE_BOOLEAN);
+ _filterList.put("float", FILTER_VALIDATE_FLOAT);
+ _filterList.put("validate_regexp", FILTER_VALIDATE_REGEXP);
+ _filterList.put("validate_url", FILTER_VALIDATE_URL);
+ _filterList.put("validate_email", FILTER_VALIDATE_EMAIL);
+ _filterList.put("validate_ip", FILTER_VALIDATE_IP);
+
+ _filterList.put("string", FILTER_SANITIZE_STRING);
+ _filterList.put("stripped", FILTER_SANITIZE_STRING);
+ _filterList.put("encoded", FILTER_SANITIZE_ENCODED);
+ _filterList.put("special_chars", FILTER_SANITIZE_SPECIAL_CHARS);
+ _filterList.put("full_special_chars", FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+
+ _filterList.put("unsafe_raw", FILTER_UNSAFE_RAW);
+ _filterList.put("email", FILTER_SANITIZE_EMAIL);
+ _filterList.put("url", FILTER_SANITIZE_URL);
+ _filterList.put("number_int", FILTER_SANITIZE_NUMBER_INT);
+ _filterList.put("number_float", FILTER_SANITIZE_NUMBER_FLOAT);
+ _filterList.put("magic_quotes", FILTER_SANITIZE_MAGIC_QUOTES);
+ _filterList.put("callback", FILTER_CALLBACK);
}
-
+
public FilterModule() {
}
-
+
@Override
public Map<StringValue,Value> getConstMap()
{
- return _constMap;
+ return _constMap;
}
-
+
@Override
public String[] getLoadedExtensions() {
return new String[]{"filter"};
}
private static final boolean arrayHasValue(Value value, StringValue name) {
- if (! (value instanceof ArrayValue))
- return false;
+ if (! (value instanceof ArrayValue))
+ return false;
- ArrayValue array = (ArrayValue) value;
+ ArrayValue array = (ArrayValue) value;
- Value v = array.get(name);
- return !(v == null || v.isNull() || v.isEmpty());
+ Value v = array.get(name);
+ return !(v == null || v.isNull() || v.isEmpty());
}
-
+
/**
* filter_has_var — Checks if variable of specified type exists
* @param env The Quercus Environment
@@ -193,16 +218,16 @@ private static final boolean arrayHasValue(Value value, StringValue name) {
*/
public BooleanValue filter_has_var(Env env, LongValue type, StringValue variable_name)
{
- CompiledConstStringValue t = _inputTypeMap.get(type.toInt());
- if (t == null) {
- // TODO: throw something?
- return BooleanValue.FALSE;
- }
- EnvVar superglobal = env.getGlobalEnvVar(t, false, false);
- if (superglobal == null) {
- return BooleanValue.FALSE;
- }
- return BooleanValue.create(arrayHasValue(superglobal.get(), variable_name));
+ CompiledConstStringValue t = _inputTypeMap.get(type.toInt());
+ if (t != null) {
+ EnvVar superglobal = env.getGlobalEnvVar(t, false, false);
+ if (superglobal != null) {
+ return BooleanValue.create(arrayHasValue(superglobal.get(), variable_name));
+ }
+ } else {
+ // TODO: throw something?
+ }
+ return BooleanValue.FALSE;
}
@@ -214,7 +239,13 @@ public BooleanValue filter_has_var(Env env, LongValue type, StringValue variable
*/
public Value filter_id(Env env, StringValue filtername)
{
- throw new UnimplementedException("filter_id not yet implemented ");
+ if (filtername != null) {
+ Integer id = _filterList.get(filtername.toString());
+ if (id != null) {
+ return new LongValue(id);
+ }
+ }
+ return BooleanValue.FALSE;
}
/**
@@ -268,9 +299,9 @@ public Value filter_input_array(Env env, IntegerValue type, @Optional Value defi
* and <strong>NULL</strong> if the filter fails.
*/
public Value filter_input(Env env, IntegerValue type,
- StringValue variableName,
- @Optional IntegerValue filter,
- @Optional Value options)
+ StringValue variableName,
+ @Optional IntegerValue filter,
+ @Optional Value options)
{
throw new UnimplementedException();
}
@@ -1,6 +1,9 @@
package com.caucho.quercus.lib.filter;
import java.text.MessageFormat;
+import java.util.Map;
+
+import javax.script.ScriptException;
import org.junit.Assert;
import org.junit.Before;
@@ -11,34 +14,40 @@
public class TestQuercusFilter {
- private QuercusScriptEngine engine;
- @Before
- public void setUp() {
- engine = (QuercusScriptEngine) new QuercusScriptEngineFactory().getScriptEngine();
- }
-
- private static String php_script(String code) {
- return "<?php\n" + code + "\n?>";
- }
-
- @Test
- public void test_filter_has_var_INPUT_GET() throws Exception {
- String[] types = {
- "GET",
- "POST",
- // "COOKIE", // request is not set in QuercusScriptEngine so this will throw NPE
- "ENV",
- "SESSION",
- "SERVER",
- "REQUEST"
- };
- String prologue = "$_{0}['test_var'] = 1;\n";
- String test = "return filter_has_var(INPUT_{0}, 'test_var') ? 'Yes' : 'No';";
-
- for (String type: types) {
- System.out.println("Type: " + type);
- Assert.assertEquals("Yes", engine.eval(php_script(MessageFormat.format(prologue + test, type))));
- //Assert.assertEquals("No", engine.eval(php_script(MessageFormat.format(test, type))));
- }
- }
+ private QuercusScriptEngine engine;
+ @Before
+ public void setUp() {
+ engine = (QuercusScriptEngine) new QuercusScriptEngineFactory().getScriptEngine();
+ }
+
+ private Object eval(String script, String... args) throws ScriptException {
+ return engine.eval("<?php\n" + MessageFormat.format(script, (Object[]) args) + "\n?>");
+ }
+
+ @Test
+ public void test_filter_has_var() throws Exception {
+ String[] types = {
+ "GET",
+ "POST",
+ //"COOKIE", // request is not set in QuercusScriptEngine so this will throw NPE
+ "ENV",
+ "SESSION",
+ "SERVER",
+ "REQUEST"
+ };
+ String prologue = "$_{0}['test_var'] = 1;\n";
+ String test = "return filter_has_var(INPUT_{0}, 'test_var') ? 'Yes' : 'No';";
+
+ for (String type: types) {
+ Assert.assertEquals("Yes", eval(prologue + test, type));
+ Assert.assertEquals("No", eval(test, type));
+ }
+ }
+
+ @Test
+ public void test_filter_id() throws ScriptException {
+ for (Map.Entry<String, Integer> entry: FilterModule._filterList.entrySet()) {
+ Assert.assertEquals(entry.getValue().longValue(), eval("return filter_id(''{0}'');",entry.getKey()));
+ }
+ }
}

0 comments on commit c8fe63b

Please sign in to comment.