[core] reduce use of GET global

This commit is contained in:
Shish 2024-02-09 16:36:57 +00:00
parent e9e2a01aa3
commit 77b755e68b
35 changed files with 176 additions and 157 deletions

View file

@ -48,6 +48,11 @@ class PageRequestEvent extends Event
{
public string $method;
public string $path;
/** @var array<string, string|string[]> */
public array $GET;
/** @var array<string, string|string[]> */
public array $POST;
/**
* @var string[]
*/
@ -55,7 +60,13 @@ class PageRequestEvent extends Event
public int $arg_count;
public int $part_count;
public function __construct(string $method, string $path)
/**
* @param string $method The HTTP method used to make the request
* @param string $path The path of the request
* @param array<string, string|string[]> $get The GET parameters
* @param array<string, string|string[]> $post The POST parameters
*/
public function __construct(string $method, string $path, array $get, array $post)
{
parent::__construct();
global $config;
@ -68,6 +79,8 @@ class PageRequestEvent extends Event
$path = $config->get_string(SetupConfig::FRONT_PAGE);
}
$this->path = $path;
$this->GET = $get;
$this->POST = $post;
// break the path into parts
$args = explode('/', $path);
@ -76,6 +89,30 @@ class PageRequestEvent extends Event
$this->arg_count = count($args);
}
public function get_GET(string $key): ?string
{
if(array_key_exists($key, $this->GET)) {
if(is_array($this->GET[$key])) {
throw new SCoreException("GET parameter {$key} is an array, expected single value");
}
return $this->GET[$key];
} else {
return null;
}
}
public function get_POST(string $key): ?string
{
if(array_key_exists($key, $this->POST)) {
if(is_array($this->POST[$key])) {
throw new SCoreException("POST parameter {$key} is an array, expected single value");
}
return $this->POST[$key];
} else {
return null;
}
}
/**
* Test if the requested path matches a given pattern.
*

View file

@ -188,13 +188,13 @@ function create_scaled_image(
));
}
function redirect_to_next_image(Image $image): void
function redirect_to_next_image(Image $image, ?string $search = null): void
{
global $page;
if (isset($_GET['search'])) {
$search_terms = Tag::explode($_GET['search']);
$query = "search=" . url_escape($_GET['search']);
if (!is_null($search)) {
$search_terms = Tag::explode($search);
$query = "search=" . url_escape($search);
} else {
$search_terms = [];
$query = null;

View file

@ -336,7 +336,7 @@ class Search
}
}
assert($positive_tag_id_array || $positive_wildcard_id_array || $negative_tag_id_array || $all_nonexistent_negatives, @$_GET['q']);
assert($positive_tag_id_array || $positive_wildcard_id_array || $negative_tag_id_array || $all_nonexistent_negatives, _get_query());
if ($all_nonexistent_negatives) {
static::$_search_path[] = "all_nonexistent_negatives";

View file

@ -110,7 +110,7 @@ if(class_exists("\\PHPUnit\\Framework\\TestCase")) {
$_GET = $get_args;
$_POST = $post_args;
$page = new Page();
send_event(new PageRequestEvent($method, $page_name));
send_event(new PageRequestEvent($method, $page_name, $get_args, $post_args));
if ($page->mode == PageMode::REDIRECT) {
$page->code = 302;
}

View file

@ -26,7 +26,7 @@ class UrlsTest extends TestCase
* @return array<string>
*/
$gst = function (array $terms): array {
$pre = new PageRequestEvent("GET", _get_query(search_link($terms)));
$pre = new PageRequestEvent("GET", _get_query(search_link($terms)), [], []);
$pre->page_matches("post/list");
return $pre->get_search_terms();
};

View file

@ -88,7 +88,7 @@ function make_link(?string $page = null, ?string $query = null, ?string $fragmen
*/
function _get_query(?string $uri = null): string
{
$parsed_url = parse_url($uri ?? $_SERVER['REQUEST_URI']);
$parsed_url = parse_url($uri ?? $_SERVER['REQUEST_URI'] ?? "");
// if we're looking at http://site.com/$INSTALL_DIR/index.php,
// then get the query from the "q" parameter

View file

@ -81,12 +81,12 @@ class AdminPage extends Extension
global $page;
$query = $input->getArgument('query');
$args = $input->getArgument('args');
$_SERVER['REQUEST_URI'] = $query;
$_SERVER['REQUEST_URI'] = make_link($query);
if (!is_null($args)) {
parse_str($args, $_GET);
$_SERVER['REQUEST_URI'] .= "?" . $args;
}
send_event(new PageRequestEvent("GET", $query));
send_event(new PageRequestEvent("GET", $query, $_GET, []));
$page->display();
return Command::SUCCESS;
});
@ -102,7 +102,7 @@ class AdminPage extends Extension
if (!is_null($args)) {
parse_str($args, $_POST);
}
send_event(new PageRequestEvent("POST", $query));
send_event(new PageRequestEvent("POST", $query, [], $_POST));
$page->display();
return Command::SUCCESS;
});

View file

@ -89,7 +89,7 @@ class AliasEditor extends Extension
} elseif ($event->get_arg(0) == "list") {
$t = new AliasTable($database->raw_db());
$t->token = $user->get_auth_token();
$t->inputs = $_GET;
$t->inputs = $event->GET;
$t->size = $config->get_int('alias_items_per_page', 30);
if ($user->can(Permissions::MANAGE_ALIAS_LIST)) {
$t->create_url = make_link("alias/add");

View file

@ -95,7 +95,7 @@ class AutoTagger extends Extension
} elseif ($event->get_arg(0) == "list") {
$t = new AutoTaggerTable($database->raw_db());
$t->token = $user->get_auth_token();
$t->inputs = $_GET;
$t->inputs = $event->GET;
$t->size = $config->get_int(AutoTaggerConfig::ITEMS_PER_PAGE, 30);
if ($user->can(Permissions::MANAGE_AUTO_TAG)) {
$t->create_url = make_link("auto_tag/add");

View file

@ -16,8 +16,8 @@ class AutoComplete extends Extension
global $page;
if ($event->page_matches("api/internal/autocomplete")) {
$limit = (int)($_GET["limit"] ?? 1000);
$s = $_GET["s"] ?? "";
$limit = (int)($event->get_GET("limit") ?? 1000);
$s = $event->get_GET("s") ?? "";
$res = $this->complete($s, $limit);

View file

@ -50,10 +50,10 @@ class DanbooruApi extends Extension
$this->api_add_post();
} elseif ($event->page_matches("api/danbooru/find_posts") || $event->page_matches("api/danbooru/post/index.xml")) {
$page->set_mime(MimeType::XML_APPLICATION);
$page->set_data((string)$this->api_find_posts());
$page->set_data((string)$this->api_find_posts($event->GET));
} elseif ($event->page_matches("api/danbooru/find_tags")) {
$page->set_mime(MimeType::XML_APPLICATION);
$page->set_data((string)$this->api_find_tags());
$page->set_data((string)$this->api_find_tags($event->GET));
}
// Hackery for danbooruup 0.3.2 providing the wrong view url. This simply redirects to the proper
@ -102,13 +102,15 @@ class DanbooruApi extends Extension
* - name: A comma delimited list of tag names.
* - tags: any typical tag query. See Tag#parse_query for details.
* - after_id: limit results to tags with an id number after after_id. Useful if you only want to refresh
* @param array<string, mixed> $GET
*/
private function api_find_tags(): HTMLElement
private function api_find_tags(array $GET): HTMLElement
{
global $database;
$results = [];
if (isset($_GET['id'])) {
$idlist = explode(",", $_GET['id']);
if (isset($GET['id'])) {
$idlist = explode(",", $GET['id']);
foreach ($idlist as $id) {
$sqlresult = $database->get_all(
"SELECT id,tag,count FROM tags WHERE id = :id",
@ -118,8 +120,8 @@ class DanbooruApi extends Extension
$results[] = [$row['count'], $row['tag'], $row['id']];
}
}
} elseif (isset($_GET['name'])) {
$namelist = explode(",", $_GET['name']);
} elseif (isset($GET['name'])) {
$namelist = explode(",", $GET['name']);
foreach ($namelist as $name) {
$sqlresult = $database->get_all(
"SELECT id,tag,count FROM tags WHERE LOWER(tag) = LOWER(:tag)",
@ -132,14 +134,14 @@ class DanbooruApi extends Extension
}
// Currently disabled to maintain identical functionality to danbooru 1.0's own "broken" find_tags
/*
elseif (isset($_GET['tags'])) {
$start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0;
$tags = Tag::explode($_GET['tags']);
elseif (isset($GET['tags'])) {
$start = isset($GET['after_id']) ? int_escape($GET['offset']) : 0;
$tags = Tag::explode($GET['tags']);
assert(!is_null($start) && !is_null($tags));
}
*/
else {
$start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0;
$start = isset($GET['after_id']) ? int_escape($GET['offset']) : 0;
$sqlresult = $database->get_all(
"SELECT id,tag,count FROM tags WHERE count > 0 AND id >= :id ORDER BY id DESC",
['id' => $start]
@ -173,39 +175,41 @@ class DanbooruApi extends Extension
* - limit: limit
* - page: page number
* - after_id: limit results to posts added after this id
*
* @param array<string, mixed> $GET
*/
private function api_find_posts(): HTMLElement
private function api_find_posts(array $GET): HTMLElement
{
$results = [];
$this->authenticate_user();
$start = 0;
if (isset($_GET['md5'])) {
$md5list = explode(",", $_GET['md5']);
if (isset($GET['md5'])) {
$md5list = explode(",", $GET['md5']);
foreach ($md5list as $md5) {
$results[] = Image::by_hash($md5);
}
$count = count($results);
} elseif (isset($_GET['id'])) {
$idlist = explode(",", $_GET['id']);
} elseif (isset($GET['id'])) {
$idlist = explode(",", $GET['id']);
foreach ($idlist as $id) {
$results[] = Image::by_id(int_escape($id));
}
$count = count($results);
} else {
$limit = isset($_GET['limit']) ? int_escape($_GET['limit']) : 100;
$limit = isset($GET['limit']) ? int_escape($GET['limit']) : 100;
// Calculate start offset.
if (isset($_GET['page'])) { // Danbooru API uses 'page' >= 1
$start = (int_escape($_GET['page']) - 1) * $limit;
} elseif (isset($_GET['pid'])) { // Gelbooru API uses 'pid' >= 0
$start = int_escape($_GET['pid']) * $limit;
if (isset($GET['page'])) { // Danbooru API uses 'page' >= 1
$start = (int_escape($GET['page']) - 1) * $limit;
} elseif (isset($GET['pid'])) { // Gelbooru API uses 'pid' >= 0
$start = int_escape($GET['pid']) * $limit;
} else {
$start = 0;
}
$tags = isset($_GET['tags']) ? Tag::explode($_GET['tags']) : [];
$tags = isset($GET['tags']) ? Tag::explode($GET['tags']) : [];
// danbooru API clients often set tags=*
$tags = array_filter($tags, static function ($element) {
return $element !== "*";

View file

@ -10,12 +10,18 @@ class ImageDownloadingEvent extends Event
public string $mime;
public string $path;
public bool $file_modified = false;
/** @var array<string, mixed> */
public array $params;
public function __construct(Image $image, string $path, string $mime)
/**
* @param array<string, mixed> $params
*/
public function __construct(Image $image, string $path, string $mime, array $params)
{
parent::__construct();
$this->image = $image;
$this->path = $path;
$this->mime = $mime;
$this->params = $params;
}
}

View file

@ -91,13 +91,13 @@ class ImageIO extends Extension
if ($event->page_matches("image/delete")) {
global $page, $user;
if ($user->can(Permissions::DELETE_IMAGE) && isset($_POST['image_id']) && $user->check_auth_token()) {
$image = Image::by_id(int_escape($_POST['image_id']));
if ($user->can(Permissions::DELETE_IMAGE) && $event->get_POST('image_id') && $user->check_auth_token()) {
$image = Image::by_id(int_escape($event->get_POST('image_id')));
if ($image) {
send_event(new ImageDeletionEvent($image));
if ($config->get_string(ImageConfig::ON_DELETE) === ImageConfig::ON_DELETE_NEXT) {
redirect_to_next_image($image);
redirect_to_next_image($image, @$event->get_GET('search'));
} else {
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(referer_or(make_link(), ['post/view']));
@ -106,10 +106,10 @@ class ImageIO extends Extension
}
} elseif ($event->page_matches("image")) {
$num = int_escape($event->get_arg(0));
$this->send_file($num, "image");
$this->send_file($num, "image", $event->GET);
} elseif ($event->page_matches("thumb")) {
$num = int_escape($event->get_arg(0));
$this->send_file($num, "thumb");
$this->send_file($num, "thumb", $event->GET);
}
}
@ -217,7 +217,10 @@ class ImageIO extends Extension
$event->replace("\\n", "\n");
}
private function send_file(int $image_id, string $type): void
/**
* @param array<string, string|string[]> $params
*/
private function send_file(int $image_id, string $type, array $params): void
{
global $config, $page;
@ -266,7 +269,7 @@ class ImageIO extends Extension
$page->add_http_header('Expires: ' . $expires);
}
send_event(new ImageDownloadingEvent($image, $file, $mime));
send_event(new ImageDownloadingEvent($image, $file, $mime, $params));
} else {
$page->set_title("Not Found");
$page->set_heading("Not Found");

View file

@ -30,8 +30,7 @@ class ImageIOTest extends ShimmiePHPUnitTestCase
{
$this->log_in_as_admin();
$image_id = $this->post_image("tests/pbx_screenshot.jpg", "test");
$_POST['image_id'] = "$image_id";
send_event(new PageRequestEvent("POST", "image/delete"));
send_event(new PageRequestEvent("POST", "image/delete", [], ['image_id' => "$image_id"]));
$this->assertTrue(true); // FIXME: assert image was deleted?
}
}

View file

@ -121,7 +121,7 @@ class ImageBan extends Extension
} elseif ($event->get_arg(0) == "list") {
$t = new HashBanTable($database->raw_db());
$t->token = $user->get_auth_token();
$t->inputs = $_GET;
$t->inputs = $event->GET;
$this->theme->display_bans($page, $t->table($t->query()), $t->paginator());
}
}

View file

@ -28,9 +28,9 @@ class Index extends Extension
{
global $cache, $config, $page, $user;
if ($event->page_matches("post/list")) {
if (isset($_POST['search'])) {
if ($event->get_GET('search')) {
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(search_link(Tag::explode($_POST['search'], false)));
$page->set_redirect(search_link(Tag::explode($event->get_GET('search'), false)));
return;
}

View file

@ -198,11 +198,11 @@ class IPBan extends Extension
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link("ip_ban/list"));
} elseif ($event->get_arg(0) == "list") {
$_GET['c_banner'] = $user->name;
$_GET['c_added'] = date('Y-m-d');
$event->GET['c_banner'] = $user->name;
$event->GET['c_added'] = date('Y-m-d');
$t = new IPBanTable($database->raw_db());
$t->token = $user->get_auth_token();
$t->inputs = $_GET;
$t->inputs = $event->GET;
$this->theme->display_bans($page, $t->table($t->query()), $t->paginator());
}
} else {

View file

@ -15,7 +15,7 @@ class LinkScan extends Extension
{
global $config, $page;
$search = @$_GET['search'] ?? @$_POST['search'] ?? "";
$search = $event->get_GET('search') ?? $event->get_POST('search') ?? "";
if ($event->page_matches("post/list") && !empty($search)) {
$trigger = $config->get_string("link_scan_trigger", "https?://");
if (preg_match("#.*{$trigger}.*#", $search)) {

View file

@ -284,7 +284,7 @@ class LogDatabase extends Extension
if ($event->page_matches("log/view")) {
if ($user->can(Permissions::VIEW_EVENTLOG)) {
$t = new LogTable($database->raw_db());
$t->inputs = $_GET;
$t->inputs = $event->GET;
$this->theme->display_events($t->table($t->query()), $t->paginator());
}
}

View file

@ -153,7 +153,7 @@ class NotATag extends Extension
} elseif ($event->get_arg(0) == "list") {
$t = new NotATagTable($database->raw_db());
$t->token = $user->get_auth_token();
$t->inputs = $_GET;
$t->inputs = $event->GET;
$this->theme->display_untags($page, $t->table($t->query()), $t->paginator());
}
}

View file

@ -190,16 +190,16 @@ class NumericScore extends Extension
//FIXME: popular_by isn't linked from anywhere
list($day, $month, $year) = [date("d"), date("m"), date("Y")];
if (!empty($_GET['day'])) {
$D = (int) $_GET['day'];
if ($event->get_GET('day')) {
$D = (int) $event->get_GET('day');
$day = clamp($D, 1, 31);
}
if (!empty($_GET['month'])) {
$M = (int) $_GET['month'];
if ($event->get_GET('month')) {
$M = (int) $event->get_GET('month');
$month = clamp($M, 1, 12);
}
if (!empty($_GET['year'])) {
$Y = (int) $_GET['year'];
if ($event->get_GET('year')) {
$Y = (int) $event->get_GET('year');
$year = clamp($Y, 1970, 2100);
}

View file

@ -236,9 +236,9 @@ class Pools extends Extension
{
global $config, $database, $page, $user;
if ($event->page_matches("pool/list")) { //index
if (isset($_POST['search']) and $_POST['search'] != null) {
if ($event->get_GET('search')) {
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link('pool/list').'/'.url_escape($_POST['search']).'/'.strval($event->try_page_num(1)));
$page->set_redirect(make_link('pool/list').'/'.url_escape($event->get_GET('search')).'/'.strval($event->try_page_num(1)));
return;
}
if (count($event->args) >= 4) { // Assume first 2 args are search and page num

View file

@ -29,7 +29,7 @@ class RandomImage extends Extension
}
if ($action === "download") {
send_event(new ImageDownloadingEvent($image, $image->get_image_filename(), $image->get_mime()));
send_event(new ImageDownloadingEvent($image, $image->get_image_filename(), $image->get_mime(), $event->GET));
} elseif ($action === "view") {
send_event(new DisplayingImageEvent($image));
} elseif ($action === "widget") {

View file

@ -14,9 +14,9 @@ class RandomList extends Extension
global $config, $page;
if ($event->page_matches("random")) {
if (isset($_POST['search'])) {
if ($event->get_GET('search')) {
// implode(explode()) to resolve aliases and sanitise
$search = url_escape(Tag::implode(Tag::explode($_POST['search'], false)));
$search = url_escape(Tag::implode(Tag::explode($event->get_GET('search'), false)));
if (empty($search)) {
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link("random"));

View file

@ -171,14 +171,14 @@ class ResizeImage extends Extension
if ($config->get_bool(ResizeConfig::GET_ENABLED) &&
$user->can(Permissions::EDIT_FILES) &&
$this->can_resize_mime($event->image->get_mime())) {
if (isset($_GET['max_height'])) {
$max_height = int_escape($_GET['max_height']);
if (isset($event->params['max_height'])) {
$max_height = int_escape($event->params['max_height']);
} else {
$max_height = $event->image->height;
}
if (isset($_GET['max_width'])) {
$max_width = int_escape($_GET['max_width']);
if (isset($event->params['max_width'])) {
$max_width = int_escape($event->params['max_width']);
} else {
$max_width = $event->image->width;
}

View file

@ -29,7 +29,7 @@ class TagList extends Extension
public function onPageRequest(PageRequestEvent $event): void
{
global $page;
global $config, $page;
if ($event->page_matches("tags")) {
$this->theme->set_navigation($this->build_navigation());
@ -38,19 +38,37 @@ class TagList extends Extension
} else {
$sub = $event->get_arg(0);
}
if ($event->get_GET('starts_with')) {
$starts_with = $event->get_GET('starts_with') . "%";
} else {
if ($config->get_bool(TagListConfig::PAGES)) {
$starts_with = "a%";
} else {
$starts_with = "%";
}
}
if ($event->get_GET('mincount')) {
$tags_min = int_escape($event->get_GET('mincount'));
} else {
global $config;
$tags_min = $config->get_int(TagListConfig::TAGS_MIN); // get the default.
}
switch ($sub) {
default:
case 'map':
$this->theme->set_heading("Tag Map");
$this->theme->set_tag_list($this->build_tag_map());
$this->theme->set_tag_list($this->build_tag_map($starts_with, $tags_min));
break;
case 'alphabetic':
$this->theme->set_heading("Alphabetic Tag List");
$this->theme->set_tag_list($this->build_tag_alphabetic());
$this->theme->set_tag_list($this->build_tag_alphabetic($starts_with, $tags_min));
break;
case 'popularity':
$this->theme->set_heading("Tag List by Popularity");
$this->theme->set_tag_list($this->build_tag_popularity());
$this->theme->set_tag_list($this->build_tag_popularity($tags_min));
break;
}
$this->theme->display_page($page);
@ -138,20 +156,6 @@ class TagList extends Extension
$sb->end_table();
}
/**
* Get the minimum number of times a tag needs to be used
* in order to be considered in the tag list.
*/
private function get_tags_min(): int
{
if (isset($_GET['mincount'])) {
return int_escape($_GET['mincount']);
} else {
global $config;
return $config->get_int(TagListConfig::TAGS_MIN); // get the default.
}
}
/**
* @return int[]
*/
@ -191,26 +195,10 @@ class TagList extends Extension
return $results;
}
private function get_starts_with(): string
{
global $config;
if (isset($_GET['starts_with'])) {
return $_GET['starts_with'] . "%";
} else {
if ($config->get_bool(TagListConfig::PAGES)) {
return "a%";
} else {
return "%";
}
}
}
private function build_az(): string
private function build_az(int $tags_min): string
{
global $database;
$tags_min = $this->get_tags_min();
$tag_data = $database->get_col("
SELECT DISTINCT
LOWER(substr(tag, 1, 1))
@ -238,13 +226,10 @@ class TagList extends Extension
return "$h_index<br>&nbsp;<br>$h_map<br>$h_alphabetic<br>$h_popularity<br>&nbsp;<br>$h_all";
}
private function build_tag_map(): string
private function build_tag_map(string $starts_with, int $tags_min): string
{
global $config, $database;
$tags_min = $this->get_tags_min();
$starts_with = $this->get_starts_with();
// check if we have a cached version
$cache_key = warehouse_path(
"cache/tag_cloud",
@ -266,7 +251,7 @@ class TagList extends Extension
$html = "";
if ($config->get_bool(TagListConfig::PAGES)) {
$html .= $this->build_az();
$html .= $this->build_az($tags_min);
}
$tag_category_dict = [];
if (Extension::is_enabled(TagCategoriesInfo::KEY)) {
@ -294,13 +279,10 @@ class TagList extends Extension
return $html;
}
private function build_tag_alphabetic(): string
private function build_tag_alphabetic(string $starts_with, int $tags_min): string
{
global $config, $database;
$tags_min = $this->get_tags_min();
$starts_with = $this->get_starts_with();
// check if we have a cached version
$cache_key = warehouse_path(
"cache/tag_alpha",
@ -320,7 +302,7 @@ class TagList extends Extension
$html = "";
if ($config->get_bool(TagListConfig::PAGES)) {
$html .= $this->build_az();
$html .= $this->build_az($tags_min);
}
/*
@ -371,12 +353,10 @@ class TagList extends Extension
return $html;
}
private function build_tag_popularity(): string
private function build_tag_popularity(int $tags_min): string
{
global $database;
$tags_min = $this->get_tags_min();
// Make sure that the value of $tags_min is at least 1.
// Otherwise the database will complain if you try to do: LOG(0)
if ($tags_min < 1) {

View file

@ -20,9 +20,9 @@ class TaggerXML extends Extension
//$match_tags = null;
//$image_tags = null;
$tags = null;
if (isset($_GET['s'])) { // tagger/tags[/...]?s=$string
if ($event->get_GET('s')) { // tagger/tags[/...]?s=$string
// return matching tags in XML form
$tags = $this->match_tag_list($_GET['s']);
$tags = $this->match_tag_list($event->get_GET('s'));
} elseif ($event->get_arg(0)) { // tagger/tags/$int
// return arg[1] AS image_id's tag list in XML form
$tags = $this->image_tag_list(int_escape($event->get_arg(0)));

View file

@ -203,9 +203,6 @@ class TranscodeImage extends Extension
}
}
}
public function onPageRequest(PageRequestEvent $event): void
{
global $page, $user;
@ -240,16 +237,16 @@ class TranscodeImage extends Extension
global $config, $user;
if ($config->get_bool(TranscodeConfig::GET_ENABLED) &&
isset($_GET['transcode']) &&
isset($event->params['transcode']) &&
$user->can(Permissions::EDIT_FILES) &&
$this->can_convert_mime($config->get_string(TranscodeConfig::ENGINE), $event->image->get_mime())) {
$target_mime = $_GET['transcode'];
$target_mime = $event->params['transcode'];
if (!MimeType::is_mime($target_mime)) {
$target_mime = MimeType::get_for_extension($target_mime);
}
if (empty($target_mime)) {
throw new ImageTranscodeException("Unable to determine output MIME for ".$_GET['transcode']);
throw new ImageTranscodeException("Unable to determine output MIME for ".$event->params['transcode']);
}
MediaEngine::is_output_supported($config->get_string(TranscodeConfig::ENGINE), $target_mime);

View file

@ -34,18 +34,20 @@ class Update extends Extension
public function onPageRequest(PageRequestEvent $event): void
{
global $user, $page;
if ($user->can(Permissions::EDIT_FILES) && isset($_GET['sha'])) {
$sha = $event->get_GET('sha');
if ($user->can(Permissions::EDIT_FILES) && $sha) {
if ($event->page_matches("update/download")) {
$ok = $this->download_shimmie();
$ok = $this->download_shimmie($sha);
$page->set_mode(PageMode::REDIRECT);
if ($ok) {
$page->set_redirect(make_link("update/update", "sha=".$_GET['sha']));
$page->set_redirect(make_link("update/update", "sha=".$sha));
} else {
$page->set_redirect(make_link("admin"));
} //TODO: Show error?
} elseif ($event->page_matches("update/update")) {
$ok = $this->update_shimmie();
$ok = $this->update_shimmie($sha);
$page->set_mode(PageMode::REDIRECT);
if ($ok) {
@ -58,11 +60,10 @@ class Update extends Extension
}
}
private function download_shimmie(): bool
private function download_shimmie(string $commitSHA): bool
{
global $config;
$commitSHA = $_GET['sha'];
$g_userrepo = $config->get_string('update_guserrepo');
$url = "https://codeload.github.com/".$g_userrepo."/zip/".$commitSHA;
@ -79,12 +80,10 @@ class Update extends Extension
return true;
}
private function update_shimmie(): bool
private function update_shimmie(string $commitSHA): bool
{
global $config;
$commitSHA = $_GET['sha'];
log_info("update", "Download succeeded. Attempting to update Shimmie.");
$ok = false;

View file

@ -400,13 +400,6 @@ class Upload extends Extension
$metadata['filename'] = $filename;
$metadata['tags'] = $tags;
$metadata['source'] = $source;
if ($user->can(Permissions::EDIT_IMAGE_LOCK) && !empty($_GET['locked'])) {
$metadata['locked'] = bool_escape($_GET['locked']) ? "on" : "";
}
if (Extension::is_enabled(RatingsInfo::KEY) && !empty($_GET['rating'])) {
// Rating event will validate that this is s/q/e/u
$metadata['rating'] = strtolower($_GET['rating'])[0];
}
$new_images = $database->with_savepoint(function () use ($tmp_filename, $metadata) {
$event = send_event(new DataUploadEvent($tmp_filename, $metadata));

View file

@ -188,7 +188,7 @@ class UserPage extends Extension
} elseif ($event->get_arg(0) == "list") {
$t = new UserTable($database->raw_db());
$t->token = $user->get_auth_token();
$t->inputs = $_GET;
$t->inputs = $event->GET;
if ($user->can(Permissions::DELETE_USER)) {
$col = new TextColumn("email", "Email");
// $t->columns[] = $col;

View file

@ -111,10 +111,10 @@ class UserConfig extends Extension
global $user, $database, $config, $page, $user_config;
if ($config->get_bool(self::ENABLE_API_KEYS)) {
if (!empty($_GET["api_key"]) && $user->is_anonymous()) {
if ($event->get_GET("api_key") && $user->is_anonymous()) {
$user_id = $database->get_one(
"SELECT user_id FROM user_config WHERE value=:value AND name=:name",
["value" => $_GET["api_key"], "name" => self::API_KEY]
["value" => $event->get_GET("api_key"), "name" => self::API_KEY]
);
if (!empty($user_id)) {

View file

@ -25,9 +25,10 @@ class ViewPost extends Extension
if ($event->page_matches("post/prev") || $event->page_matches("post/next")) {
$image_id = int_escape($event->get_arg(0));
if (isset($_GET['search'])) {
$search_terms = Tag::explode($_GET['search']);
$query = "#search=".url_escape($_GET['search']);
$search = $event->get_GET('search');
if ($search) {
$search_terms = Tag::explode($search);
$query = "#search=".url_escape($search);
} else {
$search_terms = [];
$query = null;
@ -82,8 +83,8 @@ class ViewPost extends Extension
send_event(new ImageInfoSetEvent($image));
$page->set_mode(PageMode::REDIRECT);
if (isset($_GET['search'])) {
$query = "search=" . url_escape($_GET['search']);
if ($event->get_GET('search')) {
$query = "search=" . url_escape($event->get_GET('search'));
} else {
$query = null;
}

View file

@ -184,8 +184,8 @@ class Wiki extends Extension
}
$revision = -1;
if (isset($_GET['revision'])) {
$revision = int_escape($_GET['revision']);
if ($event->get_GET('revision')) {
$revision = int_escape($event->get_GET('revision'));
}
$content = $this->get_page($title, $revision);
@ -212,8 +212,8 @@ class Wiki extends Extension
$this->theme->display_permission_denied();
}
} elseif ($event->page_matches("wiki_admin/history")) {
$history = $this->get_history($_GET['title']);
$this->theme->display_page_history($page, $_GET['title'], $history);
$history = $this->get_history($event->get_GET('title'));
$this->theme->display_page_history($page, $event->get_GET('title'), $history);
} elseif ($event->page_matches("wiki_admin/delete_revision")) {
if ($user->can(Permissions::WIKI_ADMIN)) {
send_event(new WikiDeleteRevisionEvent($_POST["title"], (int)$_POST["revision"]));

View file

@ -88,7 +88,7 @@ try {
throw new \Exception("CLI command failed");
}
} else {
send_event(new PageRequestEvent($_SERVER['REQUEST_METHOD'], _get_query()));
send_event(new PageRequestEvent($_SERVER['REQUEST_METHOD'], _get_query(), $_GET, $_POST));
$page->display();
}