From c68f7671d29fb824ef3c05a6b592fabb7ae1cdb8 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 18 Mar 2014 09:36:02 +0100 Subject: [PATCH] [ticket/12286] Use $request->variable() instead of request_var() PHPBB3-12286 --- phpBB/docs/coding-guidelines.html | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/phpBB/docs/coding-guidelines.html b/phpBB/docs/coding-guidelines.html index ceac388269..27f639f855 100644 --- a/phpBB/docs/coding-guidelines.html +++ b/phpBB/docs/coding-guidelines.html @@ -106,8 +106,8 @@

Tabs in front of lines are no problem, but having them within the text can be a problem if you do not set it to the amount of spaces every one of us uses. Here is a short example of how it should look like:

-{TAB}$mode{TAB}{TAB}= request_var('mode', '');
-{TAB}$search_id{TAB}= request_var('search_id', '');
+{TAB}$mode{TAB}{TAB}= $request->variable('mode', '');
+{TAB}$search_id{TAB}= $request->variable('search_id', '');

If entered with tabs (replace the {TAB}) both equal signs need to be on the same column.

@@ -1025,8 +1025,8 @@ for ($i = 0, $size = sizeof($post_data); $i < $size; $i++)

No attempt should be made to remove any copyright information (either contained within the source or displayed interactively when the source is run/compiled), neither should the copyright information be altered in any way (it may be added to).

Variables:

-

Make use of the request_var() function for anything except for submit or single checking params.

-

The request_var function determines the type to set from the second parameter (which determines the default value too). If you need to get a scalar variable type, you need to tell this the request_var function explicitly. Examples:

+

Make use of the \phpbb\request\request class for everything.

+

The $request->variable() method determines the type to set from the second parameter (which determines the default value too). If you need to get a scalar variable type, you need to tell this the variable() method explicitly. Examples:

// Old method, do not use it

@@ -1036,23 +1036,23 @@ $submit = (isset($HTTP_POST_VARS['submit'])) ? true : false;
 
 	
// Use request var and define a default variable (use the correct type)

 	
-$start = request_var('start', 0);
-$submit = (isset($_POST['submit'])) ? true : false;
+$start = $request->variable('start', 0);
+$submit = $request->is_set_post('submit');
 	

 
-	
// $start is an int, the following use of request_var therefore is not allowed

+	
// $start is an int, the following use of $request->variable() therefore is not allowed

 	
-$start = request_var('start', '0');
+$start = $request->variable('start', '0');
 	

 
 	
// Getting an array, keys are integers, value defaults to 0

 	
-$mark_array = request_var('mark', array(0));
+$mark_array = $request->variable('mark', array(0));
 	

 
 	
// Getting an array, keys are strings, value defaults to 0

 	
-$action_ary = request_var('action', array('' => 0));
+$action_ary = $request->variable('action', array('' => 0));
 	

 
 	
Login checks/redirection: 

@@ -1765,16 +1765,16 @@ This may span multiple lines.
 
 
phpBB only uses the ASCII and the UTF-8 character encodings. Still all Strings are UTF-8 encoded because ASCII is a subset of UTF-8. The only exceptions to this rule are code sections which deal with external systems which use other encodings and character sets. Such external data should be converted to UTF-8 using the utf8_recode() function supplied with phpBB. It supports a variety of other character sets and encodings, a full list can be found below.

 
-
With request_var() you can either allow all UCS characters in user input or restrict user input to ASCII characters. This feature is controlled by the function's third parameter called $multibyte. You should allow multibyte characters in posts, PMs, topic titles, forum names, etc. but it's not necessary for internal uses like a $mode variable which should only hold a predefined list of ASCII strings anyway.

+
With $request->variable() you can either allow all UCS characters in user input or restrict user input to ASCII characters. This feature is controlled by the method's third parameter called $multibyte. You should allow multibyte characters in posts, PMs, topic titles, forum names, etc. but it's not necessary for internal uses like a $mode variable which should only hold a predefined list of ASCII strings anyway.

 
 
 // an input string containing a multibyte character
 $_REQUEST['multibyte_string'] = 'Käse';
 
 // print request variable as a UTF-8 string allowing multibyte characters
-echo request_var('multibyte_string', '', true);
+echo $request->variable('multibyte_string', '', true);
 // print request variable as ASCII string
-echo request_var('multibyte_string', '');
+echo $request->variable('multibyte_string', '');
 

 
 
This code snippet will generate the following output:

@@ -1792,9 +1792,9 @@ K??se
 $_REQUEST['multibyte_string'] = 'Käse';
 
 // normalize multibyte strings
-echo utf8_normalize_nfc(request_var('multibyte_string', '', true));
+echo utf8_normalize_nfc($request->variable('multibyte_string', '', true));
 // ASCII strings do not need to be normalized
-echo request_var('multibyte_string', '');
+echo $request->variable('multibyte_string', '');

Case Folding