diff --git a/core/event.php b/core/event.php index c615af10..63e14781 100644 --- a/core/event.php +++ b/core/event.php @@ -48,6 +48,11 @@ class PageRequestEvent extends Event { public string $method; public string $path; + /** @var array */ + public array $GET; + /** @var array */ + public array $POST; + /** * @var string[] */ @@ -55,7 +60,13 @@ class PageRequestEvent extends Event public int $arg_count; public int $part_count; - public function __construct(string $method, string $path) + /** + * @param string $method The HTTP method used to make the request + * @param string $path The path of the request + * @param array $get The GET parameters + * @param array $post The POST parameters + */ + public function __construct(string $method, string $path, array $get, array $post) { parent::__construct(); global $config; @@ -68,6 +79,8 @@ class PageRequestEvent extends Event $path = $config->get_string(SetupConfig::FRONT_PAGE); } $this->path = $path; + $this->GET = $get; + $this->POST = $post; // break the path into parts $args = explode('/', $path); @@ -76,6 +89,30 @@ class PageRequestEvent extends Event $this->arg_count = count($args); } + public function get_GET(string $key): ?string + { + if(array_key_exists($key, $this->GET)) { + if(is_array($this->GET[$key])) { + throw new SCoreException("GET parameter {$key} is an array, expected single value"); + } + return $this->GET[$key]; + } else { + return null; + } + } + + public function get_POST(string $key): ?string + { + if(array_key_exists($key, $this->POST)) { + if(is_array($this->POST[$key])) { + throw new SCoreException("POST parameter {$key} is an array, expected single value"); + } + return $this->POST[$key]; + } else { + return null; + } + } + /** * Test if the requested path matches a given pattern. * diff --git a/core/imageboard/misc.php b/core/imageboard/misc.php index 8c6f0989..fa07d453 100644 --- a/core/imageboard/misc.php +++ b/core/imageboard/misc.php @@ -188,13 +188,13 @@ function create_scaled_image( )); } -function redirect_to_next_image(Image $image): void +function redirect_to_next_image(Image $image, ?string $search = null): void { global $page; - if (isset($_GET['search'])) { - $search_terms = Tag::explode($_GET['search']); - $query = "search=" . url_escape($_GET['search']); + if (!is_null($search)) { + $search_terms = Tag::explode($search); + $query = "search=" . url_escape($search); } else { $search_terms = []; $query = null; diff --git a/core/imageboard/search.php b/core/imageboard/search.php index f5f4c7c6..01493f1c 100644 --- a/core/imageboard/search.php +++ b/core/imageboard/search.php @@ -336,7 +336,7 @@ class Search } } - assert($positive_tag_id_array || $positive_wildcard_id_array || $negative_tag_id_array || $all_nonexistent_negatives, @$_GET['q']); + assert($positive_tag_id_array || $positive_wildcard_id_array || $negative_tag_id_array || $all_nonexistent_negatives, _get_query()); if ($all_nonexistent_negatives) { static::$_search_path[] = "all_nonexistent_negatives"; diff --git a/core/testcase.php b/core/testcase.php index 2dfe126c..279c768a 100644 --- a/core/testcase.php +++ b/core/testcase.php @@ -110,7 +110,7 @@ if(class_exists("\\PHPUnit\\Framework\\TestCase")) { $_GET = $get_args; $_POST = $post_args; $page = new Page(); - send_event(new PageRequestEvent($method, $page_name)); + send_event(new PageRequestEvent($method, $page_name, $get_args, $post_args)); if ($page->mode == PageMode::REDIRECT) { $page->code = 302; } diff --git a/core/tests/UrlsTest.php b/core/tests/UrlsTest.php index 07c1e1ec..7c0a410a 100644 --- a/core/tests/UrlsTest.php +++ b/core/tests/UrlsTest.php @@ -26,7 +26,7 @@ class UrlsTest extends TestCase * @return array */ $gst = function (array $terms): array { - $pre = new PageRequestEvent("GET", _get_query(search_link($terms))); + $pre = new PageRequestEvent("GET", _get_query(search_link($terms)), [], []); $pre->page_matches("post/list"); return $pre->get_search_terms(); }; diff --git a/core/urls.php b/core/urls.php index 747eaae4..bece4272 100644 --- a/core/urls.php +++ b/core/urls.php @@ -88,7 +88,7 @@ function make_link(?string $page = null, ?string $query = null, ?string $fragmen */ function _get_query(?string $uri = null): string { - $parsed_url = parse_url($uri ?? $_SERVER['REQUEST_URI']); + $parsed_url = parse_url($uri ?? $_SERVER['REQUEST_URI'] ?? ""); // if we're looking at http://site.com/$INSTALL_DIR/index.php, // then get the query from the "q" parameter diff --git a/ext/admin/main.php b/ext/admin/main.php index c95cd3a7..9a056f13 100644 --- a/ext/admin/main.php +++ b/ext/admin/main.php @@ -81,12 +81,12 @@ class AdminPage extends Extension global $page; $query = $input->getArgument('query'); $args = $input->getArgument('args'); - $_SERVER['REQUEST_URI'] = $query; + $_SERVER['REQUEST_URI'] = make_link($query); if (!is_null($args)) { parse_str($args, $_GET); $_SERVER['REQUEST_URI'] .= "?" . $args; } - send_event(new PageRequestEvent("GET", $query)); + send_event(new PageRequestEvent("GET", $query, $_GET, [])); $page->display(); return Command::SUCCESS; }); @@ -102,7 +102,7 @@ class AdminPage extends Extension if (!is_null($args)) { parse_str($args, $_POST); } - send_event(new PageRequestEvent("POST", $query)); + send_event(new PageRequestEvent("POST", $query, [], $_POST)); $page->display(); return Command::SUCCESS; }); diff --git a/ext/alias_editor/main.php b/ext/alias_editor/main.php index 58b11bbd..26bef9b3 100644 --- a/ext/alias_editor/main.php +++ b/ext/alias_editor/main.php @@ -89,7 +89,7 @@ class AliasEditor extends Extension } elseif ($event->get_arg(0) == "list") { $t = new AliasTable($database->raw_db()); $t->token = $user->get_auth_token(); - $t->inputs = $_GET; + $t->inputs = $event->GET; $t->size = $config->get_int('alias_items_per_page', 30); if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { $t->create_url = make_link("alias/add"); diff --git a/ext/auto_tagger/main.php b/ext/auto_tagger/main.php index 3d328991..08882f70 100644 --- a/ext/auto_tagger/main.php +++ b/ext/auto_tagger/main.php @@ -95,7 +95,7 @@ class AutoTagger extends Extension } elseif ($event->get_arg(0) == "list") { $t = new AutoTaggerTable($database->raw_db()); $t->token = $user->get_auth_token(); - $t->inputs = $_GET; + $t->inputs = $event->GET; $t->size = $config->get_int(AutoTaggerConfig::ITEMS_PER_PAGE, 30); if ($user->can(Permissions::MANAGE_AUTO_TAG)) { $t->create_url = make_link("auto_tag/add"); diff --git a/ext/autocomplete/main.php b/ext/autocomplete/main.php index 506be6fa..3939c5bc 100644 --- a/ext/autocomplete/main.php +++ b/ext/autocomplete/main.php @@ -16,8 +16,8 @@ class AutoComplete extends Extension global $page; if ($event->page_matches("api/internal/autocomplete")) { - $limit = (int)($_GET["limit"] ?? 1000); - $s = $_GET["s"] ?? ""; + $limit = (int)($event->get_GET("limit") ?? 1000); + $s = $event->get_GET("s") ?? ""; $res = $this->complete($s, $limit); diff --git a/ext/danbooru_api/main.php b/ext/danbooru_api/main.php index 6d515ce4..f5f9c128 100644 --- a/ext/danbooru_api/main.php +++ b/ext/danbooru_api/main.php @@ -50,10 +50,10 @@ class DanbooruApi extends Extension $this->api_add_post(); } elseif ($event->page_matches("api/danbooru/find_posts") || $event->page_matches("api/danbooru/post/index.xml")) { $page->set_mime(MimeType::XML_APPLICATION); - $page->set_data((string)$this->api_find_posts()); + $page->set_data((string)$this->api_find_posts($event->GET)); } elseif ($event->page_matches("api/danbooru/find_tags")) { $page->set_mime(MimeType::XML_APPLICATION); - $page->set_data((string)$this->api_find_tags()); + $page->set_data((string)$this->api_find_tags($event->GET)); } // Hackery for danbooruup 0.3.2 providing the wrong view url. This simply redirects to the proper @@ -102,13 +102,15 @@ class DanbooruApi extends Extension * - name: A comma delimited list of tag names. * - tags: any typical tag query. See Tag#parse_query for details. * - after_id: limit results to tags with an id number after after_id. Useful if you only want to refresh + + * @param array $GET */ - private function api_find_tags(): HTMLElement + private function api_find_tags(array $GET): HTMLElement { global $database; $results = []; - if (isset($_GET['id'])) { - $idlist = explode(",", $_GET['id']); + if (isset($GET['id'])) { + $idlist = explode(",", $GET['id']); foreach ($idlist as $id) { $sqlresult = $database->get_all( "SELECT id,tag,count FROM tags WHERE id = :id", @@ -118,8 +120,8 @@ class DanbooruApi extends Extension $results[] = [$row['count'], $row['tag'], $row['id']]; } } - } elseif (isset($_GET['name'])) { - $namelist = explode(",", $_GET['name']); + } elseif (isset($GET['name'])) { + $namelist = explode(",", $GET['name']); foreach ($namelist as $name) { $sqlresult = $database->get_all( "SELECT id,tag,count FROM tags WHERE LOWER(tag) = LOWER(:tag)", @@ -132,14 +134,14 @@ class DanbooruApi extends Extension } // Currently disabled to maintain identical functionality to danbooru 1.0's own "broken" find_tags /* - elseif (isset($_GET['tags'])) { - $start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0; - $tags = Tag::explode($_GET['tags']); + elseif (isset($GET['tags'])) { + $start = isset($GET['after_id']) ? int_escape($GET['offset']) : 0; + $tags = Tag::explode($GET['tags']); assert(!is_null($start) && !is_null($tags)); } */ else { - $start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0; + $start = isset($GET['after_id']) ? int_escape($GET['offset']) : 0; $sqlresult = $database->get_all( "SELECT id,tag,count FROM tags WHERE count > 0 AND id >= :id ORDER BY id DESC", ['id' => $start] @@ -173,39 +175,41 @@ class DanbooruApi extends Extension * - limit: limit * - page: page number * - after_id: limit results to posts added after this id + * + * @param array $GET */ - private function api_find_posts(): HTMLElement + private function api_find_posts(array $GET): HTMLElement { $results = []; $this->authenticate_user(); $start = 0; - if (isset($_GET['md5'])) { - $md5list = explode(",", $_GET['md5']); + if (isset($GET['md5'])) { + $md5list = explode(",", $GET['md5']); foreach ($md5list as $md5) { $results[] = Image::by_hash($md5); } $count = count($results); - } elseif (isset($_GET['id'])) { - $idlist = explode(",", $_GET['id']); + } elseif (isset($GET['id'])) { + $idlist = explode(",", $GET['id']); foreach ($idlist as $id) { $results[] = Image::by_id(int_escape($id)); } $count = count($results); } else { - $limit = isset($_GET['limit']) ? int_escape($_GET['limit']) : 100; + $limit = isset($GET['limit']) ? int_escape($GET['limit']) : 100; // Calculate start offset. - if (isset($_GET['page'])) { // Danbooru API uses 'page' >= 1 - $start = (int_escape($_GET['page']) - 1) * $limit; - } elseif (isset($_GET['pid'])) { // Gelbooru API uses 'pid' >= 0 - $start = int_escape($_GET['pid']) * $limit; + if (isset($GET['page'])) { // Danbooru API uses 'page' >= 1 + $start = (int_escape($GET['page']) - 1) * $limit; + } elseif (isset($GET['pid'])) { // Gelbooru API uses 'pid' >= 0 + $start = int_escape($GET['pid']) * $limit; } else { $start = 0; } - $tags = isset($_GET['tags']) ? Tag::explode($_GET['tags']) : []; + $tags = isset($GET['tags']) ? Tag::explode($GET['tags']) : []; // danbooru API clients often set tags=* $tags = array_filter($tags, static function ($element) { return $element !== "*"; diff --git a/ext/download/events.php b/ext/download/events.php index 0f5e1bb6..14597a3d 100644 --- a/ext/download/events.php +++ b/ext/download/events.php @@ -10,12 +10,18 @@ class ImageDownloadingEvent extends Event public string $mime; public string $path; public bool $file_modified = false; + /** @var array */ + public array $params; - public function __construct(Image $image, string $path, string $mime) + /** + * @param array $params + */ + public function __construct(Image $image, string $path, string $mime, array $params) { parent::__construct(); $this->image = $image; $this->path = $path; $this->mime = $mime; + $this->params = $params; } } diff --git a/ext/image/main.php b/ext/image/main.php index b7f8627d..0df196c4 100644 --- a/ext/image/main.php +++ b/ext/image/main.php @@ -91,13 +91,13 @@ class ImageIO extends Extension if ($event->page_matches("image/delete")) { global $page, $user; - if ($user->can(Permissions::DELETE_IMAGE) && isset($_POST['image_id']) && $user->check_auth_token()) { - $image = Image::by_id(int_escape($_POST['image_id'])); + if ($user->can(Permissions::DELETE_IMAGE) && $event->get_POST('image_id') && $user->check_auth_token()) { + $image = Image::by_id(int_escape($event->get_POST('image_id'))); if ($image) { send_event(new ImageDeletionEvent($image)); if ($config->get_string(ImageConfig::ON_DELETE) === ImageConfig::ON_DELETE_NEXT) { - redirect_to_next_image($image); + redirect_to_next_image($image, @$event->get_GET('search')); } else { $page->set_mode(PageMode::REDIRECT); $page->set_redirect(referer_or(make_link(), ['post/view'])); @@ -106,10 +106,10 @@ class ImageIO extends Extension } } elseif ($event->page_matches("image")) { $num = int_escape($event->get_arg(0)); - $this->send_file($num, "image"); + $this->send_file($num, "image", $event->GET); } elseif ($event->page_matches("thumb")) { $num = int_escape($event->get_arg(0)); - $this->send_file($num, "thumb"); + $this->send_file($num, "thumb", $event->GET); } } @@ -217,7 +217,10 @@ class ImageIO extends Extension $event->replace("\\n", "\n"); } - private function send_file(int $image_id, string $type): void + /** + * @param array $params + */ + private function send_file(int $image_id, string $type, array $params): void { global $config, $page; @@ -266,7 +269,7 @@ class ImageIO extends Extension $page->add_http_header('Expires: ' . $expires); } - send_event(new ImageDownloadingEvent($image, $file, $mime)); + send_event(new ImageDownloadingEvent($image, $file, $mime, $params)); } else { $page->set_title("Not Found"); $page->set_heading("Not Found"); diff --git a/ext/image/test.php b/ext/image/test.php index d2eef83c..41235435 100644 --- a/ext/image/test.php +++ b/ext/image/test.php @@ -30,8 +30,7 @@ class ImageIOTest extends ShimmiePHPUnitTestCase { $this->log_in_as_admin(); $image_id = $this->post_image("tests/pbx_screenshot.jpg", "test"); - $_POST['image_id'] = "$image_id"; - send_event(new PageRequestEvent("POST", "image/delete")); + send_event(new PageRequestEvent("POST", "image/delete", [], ['image_id' => "$image_id"])); $this->assertTrue(true); // FIXME: assert image was deleted? } } diff --git a/ext/image_hash_ban/main.php b/ext/image_hash_ban/main.php index 33fe41be..65f9bd21 100644 --- a/ext/image_hash_ban/main.php +++ b/ext/image_hash_ban/main.php @@ -121,7 +121,7 @@ class ImageBan extends Extension } elseif ($event->get_arg(0) == "list") { $t = new HashBanTable($database->raw_db()); $t->token = $user->get_auth_token(); - $t->inputs = $_GET; + $t->inputs = $event->GET; $this->theme->display_bans($page, $t->table($t->query()), $t->paginator()); } } diff --git a/ext/index/main.php b/ext/index/main.php index 77e9bfb5..6f617d79 100644 --- a/ext/index/main.php +++ b/ext/index/main.php @@ -28,9 +28,9 @@ class Index extends Extension { global $cache, $config, $page, $user; if ($event->page_matches("post/list")) { - if (isset($_POST['search'])) { + if ($event->get_GET('search')) { $page->set_mode(PageMode::REDIRECT); - $page->set_redirect(search_link(Tag::explode($_POST['search'], false))); + $page->set_redirect(search_link(Tag::explode($event->get_GET('search'), false))); return; } diff --git a/ext/ipban/main.php b/ext/ipban/main.php index 2978fb3b..5ba55976 100644 --- a/ext/ipban/main.php +++ b/ext/ipban/main.php @@ -198,11 +198,11 @@ class IPBan extends Extension $page->set_mode(PageMode::REDIRECT); $page->set_redirect(make_link("ip_ban/list")); } elseif ($event->get_arg(0) == "list") { - $_GET['c_banner'] = $user->name; - $_GET['c_added'] = date('Y-m-d'); + $event->GET['c_banner'] = $user->name; + $event->GET['c_added'] = date('Y-m-d'); $t = new IPBanTable($database->raw_db()); $t->token = $user->get_auth_token(); - $t->inputs = $_GET; + $t->inputs = $event->GET; $this->theme->display_bans($page, $t->table($t->query()), $t->paginator()); } } else { diff --git a/ext/link_scan/main.php b/ext/link_scan/main.php index 9084f796..8c7b01c3 100644 --- a/ext/link_scan/main.php +++ b/ext/link_scan/main.php @@ -15,7 +15,7 @@ class LinkScan extends Extension { global $config, $page; - $search = @$_GET['search'] ?? @$_POST['search'] ?? ""; + $search = $event->get_GET('search') ?? $event->get_POST('search') ?? ""; if ($event->page_matches("post/list") && !empty($search)) { $trigger = $config->get_string("link_scan_trigger", "https?://"); if (preg_match("#.*{$trigger}.*#", $search)) { diff --git a/ext/log_db/main.php b/ext/log_db/main.php index 1873465a..6de2329e 100644 --- a/ext/log_db/main.php +++ b/ext/log_db/main.php @@ -284,7 +284,7 @@ class LogDatabase extends Extension if ($event->page_matches("log/view")) { if ($user->can(Permissions::VIEW_EVENTLOG)) { $t = new LogTable($database->raw_db()); - $t->inputs = $_GET; + $t->inputs = $event->GET; $this->theme->display_events($t->table($t->query()), $t->paginator()); } } diff --git a/ext/not_a_tag/main.php b/ext/not_a_tag/main.php index fa93f936..b9dfc73c 100644 --- a/ext/not_a_tag/main.php +++ b/ext/not_a_tag/main.php @@ -153,7 +153,7 @@ class NotATag extends Extension } elseif ($event->get_arg(0) == "list") { $t = new NotATagTable($database->raw_db()); $t->token = $user->get_auth_token(); - $t->inputs = $_GET; + $t->inputs = $event->GET; $this->theme->display_untags($page, $t->table($t->query()), $t->paginator()); } } diff --git a/ext/numeric_score/main.php b/ext/numeric_score/main.php index 35c6005c..b11d36ec 100644 --- a/ext/numeric_score/main.php +++ b/ext/numeric_score/main.php @@ -190,16 +190,16 @@ class NumericScore extends Extension //FIXME: popular_by isn't linked from anywhere list($day, $month, $year) = [date("d"), date("m"), date("Y")]; - if (!empty($_GET['day'])) { - $D = (int) $_GET['day']; + if ($event->get_GET('day')) { + $D = (int) $event->get_GET('day'); $day = clamp($D, 1, 31); } - if (!empty($_GET['month'])) { - $M = (int) $_GET['month']; + if ($event->get_GET('month')) { + $M = (int) $event->get_GET('month'); $month = clamp($M, 1, 12); } - if (!empty($_GET['year'])) { - $Y = (int) $_GET['year']; + if ($event->get_GET('year')) { + $Y = (int) $event->get_GET('year'); $year = clamp($Y, 1970, 2100); } diff --git a/ext/pools/main.php b/ext/pools/main.php index b8c52f11..5a1763b7 100644 --- a/ext/pools/main.php +++ b/ext/pools/main.php @@ -236,9 +236,9 @@ class Pools extends Extension { global $config, $database, $page, $user; if ($event->page_matches("pool/list")) { //index - if (isset($_POST['search']) and $_POST['search'] != null) { + if ($event->get_GET('search')) { $page->set_mode(PageMode::REDIRECT); - $page->set_redirect(make_link('pool/list').'/'.url_escape($_POST['search']).'/'.strval($event->try_page_num(1))); + $page->set_redirect(make_link('pool/list').'/'.url_escape($event->get_GET('search')).'/'.strval($event->try_page_num(1))); return; } if (count($event->args) >= 4) { // Assume first 2 args are search and page num diff --git a/ext/random_image/main.php b/ext/random_image/main.php index 0e43ae91..1131f2d4 100644 --- a/ext/random_image/main.php +++ b/ext/random_image/main.php @@ -29,7 +29,7 @@ class RandomImage extends Extension } if ($action === "download") { - send_event(new ImageDownloadingEvent($image, $image->get_image_filename(), $image->get_mime())); + send_event(new ImageDownloadingEvent($image, $image->get_image_filename(), $image->get_mime(), $event->GET)); } elseif ($action === "view") { send_event(new DisplayingImageEvent($image)); } elseif ($action === "widget") { diff --git a/ext/random_list/main.php b/ext/random_list/main.php index aa819843..fb09e2b0 100644 --- a/ext/random_list/main.php +++ b/ext/random_list/main.php @@ -14,9 +14,9 @@ class RandomList extends Extension global $config, $page; if ($event->page_matches("random")) { - if (isset($_POST['search'])) { + if ($event->get_GET('search')) { // implode(explode()) to resolve aliases and sanitise - $search = url_escape(Tag::implode(Tag::explode($_POST['search'], false))); + $search = url_escape(Tag::implode(Tag::explode($event->get_GET('search'), false))); if (empty($search)) { $page->set_mode(PageMode::REDIRECT); $page->set_redirect(make_link("random")); diff --git a/ext/resize/main.php b/ext/resize/main.php index 83f4beac..fd6faeaa 100644 --- a/ext/resize/main.php +++ b/ext/resize/main.php @@ -171,14 +171,14 @@ class ResizeImage extends Extension if ($config->get_bool(ResizeConfig::GET_ENABLED) && $user->can(Permissions::EDIT_FILES) && $this->can_resize_mime($event->image->get_mime())) { - if (isset($_GET['max_height'])) { - $max_height = int_escape($_GET['max_height']); + if (isset($event->params['max_height'])) { + $max_height = int_escape($event->params['max_height']); } else { $max_height = $event->image->height; } - if (isset($_GET['max_width'])) { - $max_width = int_escape($_GET['max_width']); + if (isset($event->params['max_width'])) { + $max_width = int_escape($event->params['max_width']); } else { $max_width = $event->image->width; } diff --git a/ext/tag_list/main.php b/ext/tag_list/main.php index 284f7586..b7c1bc9b 100644 --- a/ext/tag_list/main.php +++ b/ext/tag_list/main.php @@ -29,7 +29,7 @@ class TagList extends Extension public function onPageRequest(PageRequestEvent $event): void { - global $page; + global $config, $page; if ($event->page_matches("tags")) { $this->theme->set_navigation($this->build_navigation()); @@ -38,19 +38,37 @@ class TagList extends Extension } else { $sub = $event->get_arg(0); } + + if ($event->get_GET('starts_with')) { + $starts_with = $event->get_GET('starts_with') . "%"; + } else { + if ($config->get_bool(TagListConfig::PAGES)) { + $starts_with = "a%"; + } else { + $starts_with = "%"; + } + } + + if ($event->get_GET('mincount')) { + $tags_min = int_escape($event->get_GET('mincount')); + } else { + global $config; + $tags_min = $config->get_int(TagListConfig::TAGS_MIN); // get the default. + } + switch ($sub) { default: case 'map': $this->theme->set_heading("Tag Map"); - $this->theme->set_tag_list($this->build_tag_map()); + $this->theme->set_tag_list($this->build_tag_map($starts_with, $tags_min)); break; case 'alphabetic': $this->theme->set_heading("Alphabetic Tag List"); - $this->theme->set_tag_list($this->build_tag_alphabetic()); + $this->theme->set_tag_list($this->build_tag_alphabetic($starts_with, $tags_min)); break; case 'popularity': $this->theme->set_heading("Tag List by Popularity"); - $this->theme->set_tag_list($this->build_tag_popularity()); + $this->theme->set_tag_list($this->build_tag_popularity($tags_min)); break; } $this->theme->display_page($page); @@ -138,20 +156,6 @@ class TagList extends Extension $sb->end_table(); } - /** - * Get the minimum number of times a tag needs to be used - * in order to be considered in the tag list. - */ - private function get_tags_min(): int - { - if (isset($_GET['mincount'])) { - return int_escape($_GET['mincount']); - } else { - global $config; - return $config->get_int(TagListConfig::TAGS_MIN); // get the default. - } - } - /** * @return int[] */ @@ -191,26 +195,10 @@ class TagList extends Extension return $results; } - private function get_starts_with(): string - { - global $config; - if (isset($_GET['starts_with'])) { - return $_GET['starts_with'] . "%"; - } else { - if ($config->get_bool(TagListConfig::PAGES)) { - return "a%"; - } else { - return "%"; - } - } - } - - private function build_az(): string + private function build_az(int $tags_min): string { global $database; - $tags_min = $this->get_tags_min(); - $tag_data = $database->get_col(" SELECT DISTINCT LOWER(substr(tag, 1, 1)) @@ -238,13 +226,10 @@ class TagList extends Extension return "$h_index
 
$h_map
$h_alphabetic
$h_popularity
 
$h_all"; } - private function build_tag_map(): string + private function build_tag_map(string $starts_with, int $tags_min): string { global $config, $database; - $tags_min = $this->get_tags_min(); - $starts_with = $this->get_starts_with(); - // check if we have a cached version $cache_key = warehouse_path( "cache/tag_cloud", @@ -266,7 +251,7 @@ class TagList extends Extension $html = ""; if ($config->get_bool(TagListConfig::PAGES)) { - $html .= $this->build_az(); + $html .= $this->build_az($tags_min); } $tag_category_dict = []; if (Extension::is_enabled(TagCategoriesInfo::KEY)) { @@ -294,13 +279,10 @@ class TagList extends Extension return $html; } - private function build_tag_alphabetic(): string + private function build_tag_alphabetic(string $starts_with, int $tags_min): string { global $config, $database; - $tags_min = $this->get_tags_min(); - $starts_with = $this->get_starts_with(); - // check if we have a cached version $cache_key = warehouse_path( "cache/tag_alpha", @@ -320,7 +302,7 @@ class TagList extends Extension $html = ""; if ($config->get_bool(TagListConfig::PAGES)) { - $html .= $this->build_az(); + $html .= $this->build_az($tags_min); } /* @@ -371,12 +353,10 @@ class TagList extends Extension return $html; } - private function build_tag_popularity(): string + private function build_tag_popularity(int $tags_min): string { global $database; - $tags_min = $this->get_tags_min(); - // Make sure that the value of $tags_min is at least 1. // Otherwise the database will complain if you try to do: LOG(0) if ($tags_min < 1) { diff --git a/ext/tagger_xml/main.php b/ext/tagger_xml/main.php index 80faca03..b0ebca00 100644 --- a/ext/tagger_xml/main.php +++ b/ext/tagger_xml/main.php @@ -20,9 +20,9 @@ class TaggerXML extends Extension //$match_tags = null; //$image_tags = null; $tags = null; - if (isset($_GET['s'])) { // tagger/tags[/...]?s=$string + if ($event->get_GET('s')) { // tagger/tags[/...]?s=$string // return matching tags in XML form - $tags = $this->match_tag_list($_GET['s']); + $tags = $this->match_tag_list($event->get_GET('s')); } elseif ($event->get_arg(0)) { // tagger/tags/$int // return arg[1] AS image_id's tag list in XML form $tags = $this->image_tag_list(int_escape($event->get_arg(0))); diff --git a/ext/transcode/main.php b/ext/transcode/main.php index eacb443c..83f9dc68 100644 --- a/ext/transcode/main.php +++ b/ext/transcode/main.php @@ -203,9 +203,6 @@ class TranscodeImage extends Extension } } } - - - public function onPageRequest(PageRequestEvent $event): void { global $page, $user; @@ -240,16 +237,16 @@ class TranscodeImage extends Extension global $config, $user; if ($config->get_bool(TranscodeConfig::GET_ENABLED) && - isset($_GET['transcode']) && + isset($event->params['transcode']) && $user->can(Permissions::EDIT_FILES) && $this->can_convert_mime($config->get_string(TranscodeConfig::ENGINE), $event->image->get_mime())) { - $target_mime = $_GET['transcode']; + $target_mime = $event->params['transcode']; if (!MimeType::is_mime($target_mime)) { $target_mime = MimeType::get_for_extension($target_mime); } if (empty($target_mime)) { - throw new ImageTranscodeException("Unable to determine output MIME for ".$_GET['transcode']); + throw new ImageTranscodeException("Unable to determine output MIME for ".$event->params['transcode']); } MediaEngine::is_output_supported($config->get_string(TranscodeConfig::ENGINE), $target_mime); diff --git a/ext/update/main.php b/ext/update/main.php index 5b7b5b49..dc72358c 100644 --- a/ext/update/main.php +++ b/ext/update/main.php @@ -34,18 +34,20 @@ class Update extends Extension public function onPageRequest(PageRequestEvent $event): void { global $user, $page; - if ($user->can(Permissions::EDIT_FILES) && isset($_GET['sha'])) { + $sha = $event->get_GET('sha'); + + if ($user->can(Permissions::EDIT_FILES) && $sha) { if ($event->page_matches("update/download")) { - $ok = $this->download_shimmie(); + $ok = $this->download_shimmie($sha); $page->set_mode(PageMode::REDIRECT); if ($ok) { - $page->set_redirect(make_link("update/update", "sha=".$_GET['sha'])); + $page->set_redirect(make_link("update/update", "sha=".$sha)); } else { $page->set_redirect(make_link("admin")); } //TODO: Show error? } elseif ($event->page_matches("update/update")) { - $ok = $this->update_shimmie(); + $ok = $this->update_shimmie($sha); $page->set_mode(PageMode::REDIRECT); if ($ok) { @@ -58,11 +60,10 @@ class Update extends Extension } } - private function download_shimmie(): bool + private function download_shimmie(string $commitSHA): bool { global $config; - $commitSHA = $_GET['sha']; $g_userrepo = $config->get_string('update_guserrepo'); $url = "https://codeload.github.com/".$g_userrepo."/zip/".$commitSHA; @@ -79,12 +80,10 @@ class Update extends Extension return true; } - private function update_shimmie(): bool + private function update_shimmie(string $commitSHA): bool { global $config; - $commitSHA = $_GET['sha']; - log_info("update", "Download succeeded. Attempting to update Shimmie."); $ok = false; diff --git a/ext/upload/main.php b/ext/upload/main.php index 51246015..d01beafb 100644 --- a/ext/upload/main.php +++ b/ext/upload/main.php @@ -400,13 +400,6 @@ class Upload extends Extension $metadata['filename'] = $filename; $metadata['tags'] = $tags; $metadata['source'] = $source; - if ($user->can(Permissions::EDIT_IMAGE_LOCK) && !empty($_GET['locked'])) { - $metadata['locked'] = bool_escape($_GET['locked']) ? "on" : ""; - } - if (Extension::is_enabled(RatingsInfo::KEY) && !empty($_GET['rating'])) { - // Rating event will validate that this is s/q/e/u - $metadata['rating'] = strtolower($_GET['rating'])[0]; - } $new_images = $database->with_savepoint(function () use ($tmp_filename, $metadata) { $event = send_event(new DataUploadEvent($tmp_filename, $metadata)); diff --git a/ext/user/main.php b/ext/user/main.php index 36384270..fde47e11 100644 --- a/ext/user/main.php +++ b/ext/user/main.php @@ -188,7 +188,7 @@ class UserPage extends Extension } elseif ($event->get_arg(0) == "list") { $t = new UserTable($database->raw_db()); $t->token = $user->get_auth_token(); - $t->inputs = $_GET; + $t->inputs = $event->GET; if ($user->can(Permissions::DELETE_USER)) { $col = new TextColumn("email", "Email"); // $t->columns[] = $col; diff --git a/ext/user_config/main.php b/ext/user_config/main.php index 579586c4..e92dc1ac 100644 --- a/ext/user_config/main.php +++ b/ext/user_config/main.php @@ -111,10 +111,10 @@ class UserConfig extends Extension global $user, $database, $config, $page, $user_config; if ($config->get_bool(self::ENABLE_API_KEYS)) { - if (!empty($_GET["api_key"]) && $user->is_anonymous()) { + if ($event->get_GET("api_key") && $user->is_anonymous()) { $user_id = $database->get_one( "SELECT user_id FROM user_config WHERE value=:value AND name=:name", - ["value" => $_GET["api_key"], "name" => self::API_KEY] + ["value" => $event->get_GET("api_key"), "name" => self::API_KEY] ); if (!empty($user_id)) { diff --git a/ext/view/main.php b/ext/view/main.php index eab1db3b..c6e8a531 100644 --- a/ext/view/main.php +++ b/ext/view/main.php @@ -25,9 +25,10 @@ class ViewPost extends Extension if ($event->page_matches("post/prev") || $event->page_matches("post/next")) { $image_id = int_escape($event->get_arg(0)); - if (isset($_GET['search'])) { - $search_terms = Tag::explode($_GET['search']); - $query = "#search=".url_escape($_GET['search']); + $search = $event->get_GET('search'); + if ($search) { + $search_terms = Tag::explode($search); + $query = "#search=".url_escape($search); } else { $search_terms = []; $query = null; @@ -82,8 +83,8 @@ class ViewPost extends Extension send_event(new ImageInfoSetEvent($image)); $page->set_mode(PageMode::REDIRECT); - if (isset($_GET['search'])) { - $query = "search=" . url_escape($_GET['search']); + if ($event->get_GET('search')) { + $query = "search=" . url_escape($event->get_GET('search')); } else { $query = null; } diff --git a/ext/wiki/main.php b/ext/wiki/main.php index bb1cb56f..41bca541 100644 --- a/ext/wiki/main.php +++ b/ext/wiki/main.php @@ -184,8 +184,8 @@ class Wiki extends Extension } $revision = -1; - if (isset($_GET['revision'])) { - $revision = int_escape($_GET['revision']); + if ($event->get_GET('revision')) { + $revision = int_escape($event->get_GET('revision')); } $content = $this->get_page($title, $revision); @@ -212,8 +212,8 @@ class Wiki extends Extension $this->theme->display_permission_denied(); } } elseif ($event->page_matches("wiki_admin/history")) { - $history = $this->get_history($_GET['title']); - $this->theme->display_page_history($page, $_GET['title'], $history); + $history = $this->get_history($event->get_GET('title')); + $this->theme->display_page_history($page, $event->get_GET('title'), $history); } elseif ($event->page_matches("wiki_admin/delete_revision")) { if ($user->can(Permissions::WIKI_ADMIN)) { send_event(new WikiDeleteRevisionEvent($_POST["title"], (int)$_POST["revision"])); diff --git a/index.php b/index.php index 8b3c03a2..63d7ad17 100644 --- a/index.php +++ b/index.php @@ -88,7 +88,7 @@ try { throw new \Exception("CLI command failed"); } } else { - send_event(new PageRequestEvent($_SERVER['REQUEST_METHOD'], _get_query())); + send_event(new PageRequestEvent($_SERVER['REQUEST_METHOD'], _get_query(), $_GET, $_POST)); $page->display(); }