nas
/
todo_api
Beobachten 2
Favorisieren 1
Fork 0
Code Issues 1 Pull-Requests 0 Releases 0 Wiki Aktivität
api de gestion de ticket, basé sur php-crud-api. Le but est de décorrélé les outils de gestion des données, afin
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
1709 Commits
1 Branch
Struktur: 78e1314864
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „78e1314864“
${ noResults }
todo_api/src/Tqdev/PhpCrudApi/Middleware/SanitationMiddleware.php

SanitationMiddleware.php 6.1KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 
  1. <?php

  2. 

  3. namespace Tqdev\PhpCrudApi\Middleware;

  4. 

  5. use Psr\Http\Message\ResponseInterface;

  6. use Psr\Http\Message\ServerRequestInterface;

  7. use Psr\Http\Server\RequestHandlerInterface;

  8. use Tqdev\PhpCrudApi\Column\Reflection\ReflectedTable;

  9. use Tqdev\PhpCrudApi\Column\Reflection\ReflectedColumn;

  10. use Tqdev\PhpCrudApi\Column\ReflectionService;

  11. use Tqdev\PhpCrudApi\Controller\Responder;

  12. use Tqdev\PhpCrudApi\Middleware\Base\Middleware;

  13. use Tqdev\PhpCrudApi\Middleware\Router\Router;

  14. use Tqdev\PhpCrudApi\RequestUtils;

  15. 

  16. class SanitationMiddleware extends Middleware

  17. {

  18.     private $reflection;

  19. 

  20.     public function __construct(Router $router, Responder $responder, array $properties, ReflectionService $reflection)

  21.     {

  22.         parent::__construct($router, $responder, $properties);

  23.         $this->reflection = $reflection;

  24.     }

  25. 

  26.     private function callHandler($handler, $record, string $operation, ReflectedTable $table) /*: object */

  27.     {

  28.         $context = (array) $record;

  29.         $tableName = $table->getName();

  30.         foreach ($context as $columnName => &$value) {

  31.             if ($table->hasColumn($columnName)) {

  32.                 $column = $table->getColumn($columnName);

  33.                 $value = call_user_func($handler, $operation, $tableName, $column->serialize(), $value);

  34.                 $value = $this->sanitizeType($table, $column, $value);

  35.             }

  36.         }

  37.         return (object) $context;

  38.     }

  39. 

  40.     private function sanitizeType(ReflectedTable $table, ReflectedColumn $column, $value)

  41.     {

  42.         $tables = $this->getArrayProperty('tables', 'all');

  43.         $types = $this->getArrayProperty('types', 'all');

  44.         if (

  45.             (in_array('all', $tables) || in_array($table->getName(), $tables)) &&

  46.             (in_array('all', $types) || in_array($column->getType(), $types))

  47.         ) {

  48.             if (is_null($value)) {

  49.                 return $value;

  50.             }

  51.             if (is_string($value)) {

  52.                 $newValue = null;

  53.                 switch ($column->getType()) {

  54.                     case 'integer':

  55.                     case 'bigint':

  56.                         $newValue = filter_var(trim($value), FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);

  57.                         break;

  58.                     case 'decimal':

  59.                         $newValue = filter_var(trim($value), FILTER_VALIDATE_FLOAT, FILTER_NULL_ON_FAILURE);

  60.                         if (is_float($newValue)) {

  61.                             $newValue = number_format($newValue, $column->getScale(), '.', '');

  62.                         }

  63.                         break;

  64.                     case 'float':

  65.                     case 'double':

  66.                         $newValue = filter_var(trim($value), FILTER_VALIDATE_FLOAT, FILTER_NULL_ON_FAILURE);

  67.                         break;

  68.                     case 'boolean':

  69.                         $newValue = filter_var(trim($value), FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);

  70.                         break;

  71.                     case 'date':

  72.                         $time = strtotime(trim($value));

  73.                         if ($time !== false) {

  74.                             $newValue = date('Y-m-d', $time);

  75.                         }

  76.                         break;

  77.                     case 'time':

  78.                         $time = strtotime(trim($value));

  79.                         if ($time !== false) {

  80.                             $newValue = date('H:i:s', $time);

  81.                         }

  82.                         break;

  83.                     case 'timestamp':

  84.                         $time = strtotime(trim($value));

  85.                         if ($time !== false) {

  86.                             $newValue = date('Y-m-d H:i:s', $time);

  87.                         }

  88.                         break;

  89.                     case 'blob':

  90.                     case 'varbinary':

  91.                         // allow base64url format

  92.                         $newValue = strtr(trim($value), '-_', '+/');

  93.                         break;

  94.                     case 'clob':

  95.                     case 'varchar':

  96.                         $newValue = $value;

  97.                         break;

  98.                     case 'geometry':

  99.                         $newValue = trim($value);

  100.                         break;

  101.                 }

  102.                 if (!is_null($newValue)) {

  103.                     $value = $newValue;

  104.                 }

  105.             } else {

  106.                 switch ($column->getType()) {

  107.                     case 'integer':

  108.                     case 'bigint':

  109.                         if (is_float($value)) {

  110.                             $value = (int) round($value);

  111.                         }

  112.                         break;

  113.                     case 'decimal':

  114.                         if (is_float($value) || is_int($value)) {

  115.                             $value = number_format((float) $value, $column->getScale(), '.', '');

  116.                         }

  117.                         break;

  118.                 }

  119.             }

  120.             // post process

  121.         }

  122.         return $value;

  123.     }

  124. 

  125.     public function process(ServerRequestInterface $request, RequestHandlerInterface $next): ResponseInterface

  126.     {

  127.         $operation = RequestUtils::getOperation($request);

  128.         if (in_array($operation, ['create', 'update', 'increment'])) {

  129.             $tableName = RequestUtils::getPathSegment($request, 2);

  130.             if ($this->reflection->hasTable($tableName)) {

  131.                 $record = $request->getParsedBody();

  132.                 if ($record !== null) {

  133.                     $handler = $this->getProperty('handler', '');

  134.                     if ($handler !== '') {

  135.                         $table = $this->reflection->getTable($tableName);

  136.                         if (is_array($record)) {

  137.                             foreach ($record as &$r) {

  138.                                 $r = $this->callHandler($handler, $r, $operation, $table);

  139.                             }

  140.                         } else {

  141.                             $record = $this->callHandler($handler, $record, $operation, $table);

  142.                         }

  143.                         $request = $request->withParsedBody($record);

  144.                     }

  145.                 }

  146.             }

  147.         }

  148.         return $next->handle($request);

  149.     }

  150. }