<?php
/**
* The Input Class, it is one of Mysidia system core classes.
* It acts as a secure wrapper for user input in $_GET and $_POST.
* Input is a final class, no child class shall derive from it.
* An instance of Input class is generated upon Mysidia system object's creation.
* This specific instance is available from Registry, just like any other Mysidia core objects.
* @category Resource
* @package Core
* @author Hall of Famer
* @copyright Mysidia Adoptables Script
* @link http://www.mysidiaadoptables.com
* @since 1.3.2
* @todo incorporate input class in Mysidia adoptables system.
*/
final class Input{
/**
* The request property, which holds request method information: get, post or else.
* @access public
* @var String
*/
public $request;
/**
* The post property, it stores all user input vars in $_POST.
* @access private
* @var ArrayObject
*/
private $post;
/**
* The get property, it stores all user input vars in $_GET.
* @access private
* @var ArrayObject
*/
private $get;
/**
* The action property, which specifies users action.
* @access private
* @var String
*/
private $action;
/**
* Constructor of Input Class, it generates basic properties for an input object.
* @access public
* @return Void
*/
public function __construct(){
$this->checkrequest();
$this->initialize();
}
/**
* The initialize method, which handles parsing of user input vars.
* @access public
* @return Void
*/
public function initialize(){
if(isset($_POST)){
$post = array_map('secure',$_POST);
$this->post = new ArrayObject($post, ArrayObject::ARRAY_AS_PROPS);
if(isset($this->post->action)) $this->action = $this->post->action;
unset($_POST);
}
if(isset($_GET)){
$get = array_map('secure',$_GET);
$this->get = new ArrayObject($get, ArrayObject::ARRAY_AS_PROPS);
if(isset($this->get->action)) $this->action = $this->get->action;
unset($_GET);
}
if(defined("SUBDIR")){
$parser = new UrlParser($_SERVER['REQUEST_URI']);
$elements = $parser->parse();
$get = array_map('secure', $elements);
$this->get = new ArrayObject($get, ArrayObject::ARRAY_AS_PROPS);
if(isset($this->get->action)) $this->action = $this->get->action;
}
}
/**
* The post method, returns a user input var stored in Input::$post property.
* @param String $key
* @access public
* @return Object
*/
public function post($key = ""){
if(empty($key) and !empty($this->post)) return $this->post;
elseif(isset($this->post->{$key})) return $this->post->{$key};
else return FALSE;
}
/**
* The get method, returns a user input var stored in Input::$get property.
* @param String $key
* @access public
* @return Object
*/
public function get($key = ""){
if(empty($key) and !empty($this->get)) return $this->get;
elseif(isset($this->get->{$key})) return $this->get->{$key};
else return FALSE;
}
/**
* The manipulate method, set values in a get variable from post variable.
* This can be manipulated by controller objects.
* It serves as a temporary solution to url rewrite problem with get forms.
* @param String $controller
* @access public
* @return Void
*/
public function manipulate($controller){
if(!($controller instanceof AppController)) throw new Exception("Controller not found.");
elseif(is_array($controller::$param)){
foreach($controller::$param as $key){
if($this->post->{$key}) $this->get->{$key} = $this->post->{$key};
}
}
else{
$key = $controller::$param;
if($this->post->{$key}) $this->get->{$key} = $this->post->{$key};
}
}
/**
* The action method, verifies whether a specified action is taken by this user.
* @param String $act
* @access private
* @return Boolean
*/
public function action(){
if(empty($this->action)) return FALSE;
else return $this->action;
}
/**
* The checkrequest method, checks to see the request method of a particular user
* @access private
* @return Boolean
*/
private function checkrequest(){
// This method checks if there is user input, and returns the request_method if evaluated to be true
if($_SERVER['REQUEST_METHOD'] == "POST"){
$this->request = "post";
return TRUE;
}
elseif($_SERVER['REQUEST_METHOD'] == "GET"){
$this->request = "get";
return TRUE;
}
else $this->request = FALSE;
}
/**
* The secure method, parse user input in a safe manner.
* @param Array $data
* @access private
* @return ArrayObject
*/
private function secure($data){
if(is_array($data) and SUBDIR != "AdminCP") die("Hacking Attempt!");
$data = htmlentities($data);
$data = addslashes($data);
$data = strip_tags($data, '');
return $data;
}
}
?>