From 8c95184780ce758c497ad3eebfd919b2e24edf78 Mon Sep 17 00:00:00 2001 From: Dennis Eichhorn Date: Sun, 20 Dec 2015 22:26:07 +0100 Subject: [PATCH] Supporting uploaded files and removing http verbs for security reasons --- Message/Http/Request.php | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/Message/Http/Request.php b/Message/Http/Request.php index 93a5c1ec2..4c3f18b83 100644 --- a/Message/Http/Request.php +++ b/Message/Http/Request.php @@ -61,6 +61,14 @@ class Request extends RequestAbstract */ protected $path = null; + /** + * Uploaded files. + * + * @var array + * @since 1.0.0 + */ + protected $files = []; + /** * Request information. * @@ -93,6 +101,8 @@ class Request extends RequestAbstract * * @return void * + * @throws + * * @since 1.0.0 * @author Dennis Eichhorn */ @@ -103,10 +113,16 @@ class Request extends RequestAbstract if (isset($_SERVER['CONTENT_TYPE'])) { if (strpos($_SERVER['CONTENT_TYPE'], 'application/json') !== false) { - $this->data += json_decode(file_get_contents('php://input'), true); + if(($json = json_decode(($input = file_get_contents('php://input')), true)) === false || $json === null) { + throw new \Exception('Is not valid json ' . $input); + } + + $this->data += $json; } elseif (strpos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') !== false) { parse_str(file_get_contents('php://input'), $temp); $this->data += $temp; + } elseif (strpos($_SERVER['CONTENT_TYPE'], 'multipart/form-data') !== false) { + $this->files = $_FILES; } } @@ -370,6 +386,11 @@ class Request extends RequestAbstract return '/'; } + public function getFiles() : array + { + return $this->files; + } + public function setHeader($key, \string $header, \bool $overwrite = true) { // NOT Required for Http request