Commit 60583b87 by Qiang Xue

cleanup

parent f610527a
......@@ -91,9 +91,10 @@ class Application extends \yii\base\Application
/** @var $request Request */
$request = $this->getRequest();
if ($request->getIsConsoleRequest()) {
return $this->runAction($request->route, $request->params);
list ($route, $params) = $request->resolve();
return $this->runAction($route, $params);
} else {
throw new Exception(\Yii::t('yii|this script must be run from the command line.'));
throw new Exception(\Yii::t('yii|This script must be run from the command line.'));
}
}
......
......@@ -17,49 +17,33 @@ class Request extends \yii\base\Request
{
const ANONYMOUS_PARAMS = '-args';
/**
* @var string the controller route specified by this request. If this is an empty string,
* it means the [[Application::defaultRoute|default route]] will be used.
* Note that the value of this property may not be a correct route. The console application
* will determine it is valid or not when it attempts to execute with this route.
*/
public $route;
/**
* @var array
*/
public $params;
public function init()
{
parent::init();
$this->resolveRequest();
}
public function getRawParams()
{
return isset($_SERVER['argv']) ? $_SERVER['argv'] : array();
}
protected function resolveRequest()
public function resolve()
{
$rawParams = $this->getRawParams();
array_shift($rawParams); // the 1st argument is the yiic script name
if (isset($rawParams[0])) {
$this->route = $rawParams[0];
$route = $rawParams[0];
array_shift($rawParams);
} else {
$this->route = '';
$route = '';
}
$this->params = array(self::ANONYMOUS_PARAMS => array());
$params = array(self::ANONYMOUS_PARAMS => array());
foreach ($rawParams as $param) {
if (preg_match('/^--(\w+)(=(.*))?$/', $param, $matches)) {
$name = $matches[1];
$this->params[$name] = isset($matches[3]) ? $matches[3] : true;
$params[$name] = isset($matches[3]) ? $matches[3] : true;
} else {
$this->params[self::ANONYMOUS_PARAMS][] = $param;
$params[self::ANONYMOUS_PARAMS][] = $param;
}
}
return array($route, $params);
}
}
......@@ -67,6 +67,9 @@ class Application extends \yii\base\Application
'response' => array(
'class' => 'yii\web\Response',
),
'session' => array(
'class' => 'yii\web\Session',
),
'urlManager' => array(
'class' => 'yii\web\UrlManager',
),
......
......@@ -27,27 +27,6 @@ class Request extends \yii\base\Request
*/
public $cookieValidationKey;
/**
* @var boolean whether to enable CSRF (Cross-Site Request Forgery) validation. Defaults to false.
* By setting this property to true, forms submitted to an Yii Web application must be originated
* from the same application. If not, a 400 HTTP exception will be raised.
* Note, this feature requires that the user client accepts cookie.
* You also need to use {@link CHtml::form} or {@link CHtml::statefulForm} to generate
* the needed HTML forms in your pages.
* @see http://seclab.stanford.edu/websec/csrf/csrf.pdf
*/
public $enableCsrfValidation = false;
/**
* @var string the name of the token used to prevent CSRF. Defaults to 'YII_CSRF_TOKEN'.
* This property is used only when [[enableCsrfValidation]] is true.
*/
public $csrfTokenName = 'YII_CSRF_TOKEN';
/**
* @var array the property values (in name-value pairs) used to initialize the CSRF cookie.
* Any property of {@link CHttpCookie} may be initialized.
* This property is effective only when {@link enableCsrfValidation} is true.
*/
public $csrfCookie;
/**
* @var string|boolean the name of the POST parameter that is used to indicate if a request is a PUT or DELETE
* request tunneled through POST. If false, it means disabling REST request tunneled through POST.
* Default to '_method'.
......@@ -59,55 +38,6 @@ class Request extends \yii\base\Request
private $_cookies;
/**
* Initializes the application component.
* This method overrides the parent implementation by preprocessing
* the user request data.
*/
public function init()
{
parent::init();
$this->normalizeRequest();
}
/**
* Normalizes the request data.
* This method strips off slashes in request data if get_magic_quotes_gpc() returns true.
* It also performs CSRF validation if {@link enableCsrfValidation} is true.
*/
protected function normalizeRequest()
{
if (get_magic_quotes_gpc()) {
if (isset($_GET)) {
$_GET = $this->stripSlashes($_GET);
}
if (isset($_POST)) {
$_POST = $this->stripSlashes($_POST);
}
if (isset($_REQUEST)) {
$_REQUEST = $this->stripSlashes($_REQUEST);
}
if (isset($_COOKIE)) {
$_COOKIE = $this->stripSlashes($_COOKIE);
}
}
if ($this->enableCsrfValidation) {
\Yii::$app->on('beginRequest', array($this, 'validateCsrfToken'));
}
}
/**
* Strips slashes from input data.
* This method is applied when magic quotes is enabled.
* @param mixed $data input data to be processed
* @return mixed processed data
*/
public function stripSlashes($data)
{
return is_array($data) ? array_map(array($this, 'stripSlashes'), $data) : stripslashes($data);
}
/**
* Returns the method of the current request (e.g. GET, POST, HEAD, PUT, DELETE).
* @return string request method, such as GET, POST, HEAD, PUT, DELETE.
* The value returned is turned into upper case.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment