Namespaces

  • Latte
    • Loaders
    • Macros
    • Runtime
  • Nette
    • Application
      • Responses
      • Routers
      • UI
    • Bridges
      • ApplicationDI
      • ApplicationLatte
      • ApplicationTracy
      • CacheDI
      • CacheLatte
      • DatabaseDI
      • DatabaseTracy
      • DITracy
      • FormsDI
      • FormsLatte
      • Framework
      • HttpDI
      • HttpTracy
      • MailDI
      • ReflectionDI
      • SecurityDI
      • SecurityTracy
    • Caching
      • Storages
    • ComponentModel
    • Database
      • Conventions
      • Drivers
      • Reflection
      • Table
    • DI
      • Config
        • Adapters
      • Extensions
    • Diagnostics
    • Forms
      • Controls
      • Rendering
    • Http
    • Iterators
    • Latte
    • Loaders
    • Localization
    • Mail
    • Neon
    • PhpGenerator
    • Reflection
    • Security
    • Templating
    • Utils
  • NetteModule
  • none
  • Tracy
    • Bridges
      • Nette

Classes

  • Context
  • FileUpload
  • Helpers
  • Request
  • RequestFactory
  • Response
  • Session
  • SessionSection
  • Url
  • UrlScript
  • UserStorage

Interfaces

  • IRequest
  • IResponse
  • ISessionStorage
  • Overview
  • Namespace
  • Class
  • Tree
  • Deprecated
  1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (https://nette.org)
  5:  * Copyright (c) 2004 David Grudl (https://davidgrudl.com)
  6:  */
  7: 
  8: namespace Nette\Http;
  9: 
 10: use Nette;
 11: use Nette\Utils\Strings;
 12: 
 13: 
 14: /**
 15:  * Current HTTP request factory.
 16:  */
 17: class RequestFactory extends Nette\Object
 18: {
 19:     /** @internal */
 20:     const CHARS = '\x09\x0A\x0D\x20-\x7E\xA0-\x{10FFFF}';
 21: 
 22:     /** @var array */
 23:     public $urlFilters = array(
 24:         'path' => array('#/{2,}#' => '/'), // '%20' => ''
 25:         'url' => array(), // '#[.,)]\z#' => ''
 26:     );
 27: 
 28:     /** @var bool */
 29:     private $binary = FALSE;
 30: 
 31:     /** @var array */
 32:     private $proxies = array();
 33: 
 34: 
 35:     /**
 36:      * @param  bool
 37:      * @return self
 38:      */
 39:     public function setBinary($binary = TRUE)
 40:     {
 41:         $this->binary = (bool) $binary;
 42:         return $this;
 43:     }
 44: 
 45: 
 46:     /**
 47:      * @param  array|string
 48:      * @return self
 49:      */
 50:     public function setProxy($proxy)
 51:     {
 52:         $this->proxies = (array) $proxy;
 53:         return $this;
 54:     }
 55: 
 56: 
 57:     /**
 58:      * Creates current HttpRequest object.
 59:      * @return Request
 60:      */
 61:     public function createHttpRequest()
 62:     {
 63:         // DETECTS URI, base path and script path of the request.
 64:         $url = new UrlScript;
 65:         $url->setScheme(!empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'off') ? 'https' : 'http');
 66:         $url->setUser(isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '');
 67:         $url->setPassword(isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '');
 68: 
 69:         // host & port
 70:         if ((isset($_SERVER[$tmp = 'HTTP_HOST']) || isset($_SERVER[$tmp = 'SERVER_NAME']))
 71:             && preg_match('#^([a-z0-9_.-]+|\[[a-f0-9:]+\])(:\d+)?\z#i', $_SERVER[$tmp], $pair)
 72:         ) {
 73:             $url->setHost(strtolower($pair[1]));
 74:             if (isset($pair[2])) {
 75:                 $url->setPort(substr($pair[2], 1));
 76:             } elseif (isset($_SERVER['SERVER_PORT'])) {
 77:                 $url->setPort($_SERVER['SERVER_PORT']);
 78:             }
 79:         }
 80: 
 81:         // path & query
 82:         $requestUrl = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/';
 83:         $requestUrl = Strings::replace($requestUrl, $this->urlFilters['url']);
 84:         $tmp = explode('?', $requestUrl, 2);
 85:         $path = Url::unescape($tmp[0], '%/?#');
 86:         $path = Strings::fixEncoding(Strings::replace($path, $this->urlFilters['path']));
 87:         $url->setPath($path);
 88:         $url->setQuery(isset($tmp[1]) ? $tmp[1] : '');
 89: 
 90:         // detect script path
 91:         $lpath = strtolower($path);
 92:         $script = isset($_SERVER['SCRIPT_NAME']) ? strtolower($_SERVER['SCRIPT_NAME']) : '';
 93:         if ($lpath !== $script) {
 94:             $max = min(strlen($lpath), strlen($script));
 95:             for ($i = 0; $i < $max && $lpath[$i] === $script[$i]; $i++);
 96:             $path = $i ? substr($path, 0, strrpos($path, '/', $i - strlen($path) - 1) + 1) : '/';
 97:         }
 98:         $url->setScriptPath($path);
 99: 
100:         // GET, POST, COOKIE
101:         $useFilter = (!in_array(ini_get('filter.default'), array('', 'unsafe_raw')) || ini_get('filter.default_flags'));
102: 
103:         $query = $url->getQueryParameters();
104:         $post = $useFilter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
105:         $cookies = $useFilter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
106: 
107:         if (get_magic_quotes_gpc()) {
108:             $post = Helpers::stripslashes($post, $useFilter);
109:             $cookies = Helpers::stripslashes($cookies, $useFilter);
110:         }
111: 
112:         // remove invalid characters
113:         $reChars = '#^[' . self::CHARS . ']*+\z#u';
114:         if (!$this->binary) {
115:             $list = array(& $query, & $post, & $cookies);
116:             while (list($key, $val) = each($list)) {
117:                 foreach ($val as $k => $v) {
118:                     if (is_string($k) && (!preg_match($reChars, $k) || preg_last_error())) {
119:                         unset($list[$key][$k]);
120: 
121:                     } elseif (is_array($v)) {
122:                         $list[$key][$k] = $v;
123:                         $list[] = & $list[$key][$k];
124: 
125:                     } else {
126:                         $list[$key][$k] = (string) preg_replace('#[^' . self::CHARS . ']+#u', '', $v);
127:                     }
128:                 }
129:             }
130:             unset($list, $key, $val, $k, $v);
131:         }
132:         $url->setQuery($query);
133: 
134: 
135:         // FILES and create FileUpload objects
136:         $files = array();
137:         $list = array();
138:         if (!empty($_FILES)) {
139:             foreach ($_FILES as $k => $v) {
140:                 if (!$this->binary && is_string($k) && (!preg_match($reChars, $k) || preg_last_error())) {
141:                     continue;
142:                 }
143:                 $v['@'] = & $files[$k];
144:                 $list[] = $v;
145:             }
146:         }
147: 
148:         while (list(, $v) = each($list)) {
149:             if (!isset($v['name'])) {
150:                 continue;
151: 
152:             } elseif (!is_array($v['name'])) {
153:                 if (get_magic_quotes_gpc()) {
154:                     $v['name'] = stripSlashes($v['name']);
155:                 }
156:                 if (!$this->binary && (!preg_match($reChars, $v['name']) || preg_last_error())) {
157:                     $v['name'] = '';
158:                 }
159:                 if ($v['error'] !== UPLOAD_ERR_NO_FILE) {
160:                     $v['@'] = new FileUpload($v);
161:                 }
162:                 continue;
163:             }
164: 
165:             foreach ($v['name'] as $k => $foo) {
166:                 if (!$this->binary && is_string($k) && (!preg_match($reChars, $k) || preg_last_error())) {
167:                     continue;
168:                 }
169:                 $list[] = array(
170:                     'name' => $v['name'][$k],
171:                     'type' => $v['type'][$k],
172:                     'size' => $v['size'][$k],
173:                     'tmp_name' => $v['tmp_name'][$k],
174:                     'error' => $v['error'][$k],
175:                     '@' => & $v['@'][$k],
176:                 );
177:             }
178:         }
179: 
180: 
181:         // HEADERS
182:         if (function_exists('apache_request_headers')) {
183:             $headers = apache_request_headers();
184:         } else {
185:             $headers = array();
186:             foreach ($_SERVER as $k => $v) {
187:                 if (strncmp($k, 'HTTP_', 5) == 0) {
188:                     $k = substr($k, 5);
189:                 } elseif (strncmp($k, 'CONTENT_', 8)) {
190:                     continue;
191:                 }
192:                 $headers[ strtr($k, '_', '-') ] = $v;
193:             }
194:         }
195: 
196: 
197:         $remoteAddr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL;
198:         $remoteHost = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : NULL;
199: 
200:         // proxy
201:         foreach ($this->proxies as $proxy) {
202:             if (Helpers::ipMatch($remoteAddr, $proxy) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
203:                 $proxies = $this->proxies;
204:                 $xForwardedForWithoutProxies = array_filter(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']), function ($ip) use ($proxies) {
205:                     return !array_filter($proxies, function ($proxy) use ($ip) {
206:                         return Helpers::ipMatch(trim($ip), $proxy);
207:                     });
208:                 });
209:                 $remoteAddr = trim(end($xForwardedForWithoutProxies));
210: 
211:                 if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
212:                     $xForwardedForRealIpKey = key($xForwardedForWithoutProxies);
213:                     $xForwardedHost = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
214:                     if (isset($xForwardedHost[$xForwardedForRealIpKey])) {
215:                         $remoteHost = trim($xForwardedHost[$xForwardedForRealIpKey]);
216:                     }
217:                 }
218:                 break;
219:             }
220:         }
221: 
222: 
223:         $method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL;
224:         if ($method === 'POST' && isset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'])
225:             && preg_match('#^[A-Z]+\z#', $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'])
226:         ) {
227:             $method = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'];
228:         }
229: 
230:         // raw body
231:         $rawBodyCallback = function () {
232:             static $rawBody;
233: 
234:             if (PHP_VERSION_ID >= 50600) {
235:                 return file_get_contents('php://input');
236: 
237:             } elseif ($rawBody === NULL) { // can be read only once in PHP < 5.6
238:                 $rawBody = (string) file_get_contents('php://input');
239:             }
240: 
241:             return $rawBody;
242:         };
243: 
244:         return new Request($url, NULL, $post, $files, $cookies, $headers, $method, $remoteAddr, $remoteHost, $rawBodyCallback);
245:     }
246: 
247: }
248: 
Nette 2.3-20160731 API API documentation generated by ApiGen 2.8.0