diff options
| author | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2022-11-08 06:06:25 +0300 |
|---|---|---|
| committer | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2022-11-08 06:06:25 +0300 |
| commit | f103bdc1e2b733f8b10243a9d1aa04ee0ec83b11 (patch) | |
| tree | 0c47508f8cb7263da3a203af0d71ca9a354c7c2e | |
| parent | 97aac39a40cef8f0ec63f380be79e14c4633bd67 (diff) | |
Replace $_REQUEST with ServerRequest in Util::getDbInfo()
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
19 files changed, 48 insertions, 41 deletions
diff --git a/libraries/classes/Controllers/Database/DesignerController.php b/libraries/classes/Controllers/Database/DesignerController.php index de5ec33686..45f66c0230 100644 --- a/libraries/classes/Controllers/Database/DesignerController.php +++ b/libraries/classes/Controllers/Database/DesignerController.php @@ -242,7 +242,7 @@ class DesignerController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); // Embed some data into HTML, later it will be read // by designer/init.js and converted to JS variables. diff --git a/libraries/classes/Controllers/Database/EventsController.php b/libraries/classes/Controllers/Database/EventsController.php index 208df75c69..d697dc01ef 100644 --- a/libraries/classes/Controllers/Database/EventsController.php +++ b/libraries/classes/Controllers/Database/EventsController.php @@ -65,7 +65,7 @@ final class EventsController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); } elseif (strlen($GLOBALS['db']) > 0) { $this->dbi->selectDb($GLOBALS['db']); } diff --git a/libraries/classes/Controllers/Database/ExportController.php b/libraries/classes/Controllers/Database/ExportController.php index a0b260cad1..227b5ce876 100644 --- a/libraries/classes/Controllers/Database/ExportController.php +++ b/libraries/classes/Controllers/Database/ExportController.php @@ -76,7 +76,7 @@ final class ExportController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db'], false); + ] = Util::getDbInfo($request, $GLOBALS['db'], false); // exit if no tables in db found if ($GLOBALS['num_tables'] < 1) { diff --git a/libraries/classes/Controllers/Database/ImportController.php b/libraries/classes/Controllers/Database/ImportController.php index 4b3a759bdc..b1585a39a7 100644 --- a/libraries/classes/Controllers/Database/ImportController.php +++ b/libraries/classes/Controllers/Database/ImportController.php @@ -68,7 +68,7 @@ final class ImportController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); [$GLOBALS['SESSION_KEY'], $uploadId] = Ajax::uploadProgressSetup(); diff --git a/libraries/classes/Controllers/Database/Operations/CollationController.php b/libraries/classes/Controllers/Database/Operations/CollationController.php index b9242225bb..c50420fe90 100644 --- a/libraries/classes/Controllers/Database/Operations/CollationController.php +++ b/libraries/classes/Controllers/Database/Operations/CollationController.php @@ -69,7 +69,7 @@ final class CollationController extends AbstractController * Changes tables charset if requested by the user */ if ($request->getParsedBodyParam('change_all_tables_collations') === 'on') { - [$tables] = Util::getDbInfo($GLOBALS['db']); + [$tables] = Util::getDbInfo($request, $GLOBALS['db']); foreach ($tables as ['Name' => $tableName]) { if ($this->dbi->getTable($GLOBALS['db'], $tableName)->isView()) { // Skip views, we can not change the collation of a view. diff --git a/libraries/classes/Controllers/Database/OperationsController.php b/libraries/classes/Controllers/Database/OperationsController.php index 378bfa26de..9b793f55ee 100644 --- a/libraries/classes/Controllers/Database/OperationsController.php +++ b/libraries/classes/Controllers/Database/OperationsController.php @@ -293,7 +293,7 @@ class OperationsController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); $oldMessage = ''; if (isset($GLOBALS['message'])) { diff --git a/libraries/classes/Controllers/Database/PrivilegesController.php b/libraries/classes/Controllers/Database/PrivilegesController.php index ae4a36d651..5bed75c150 100644 --- a/libraries/classes/Controllers/Database/PrivilegesController.php +++ b/libraries/classes/Controllers/Database/PrivilegesController.php @@ -98,7 +98,7 @@ class PrivilegesController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($db->getName()); + ] = Util::getDbInfo($request, $db->getName()); $content = ob_get_clean(); $this->response->addHTML($content . "\n"); diff --git a/libraries/classes/Controllers/Database/QueryByExampleController.php b/libraries/classes/Controllers/Database/QueryByExampleController.php index 1bbb252cc1..06019397c6 100644 --- a/libraries/classes/Controllers/Database/QueryByExampleController.php +++ b/libraries/classes/Controllers/Database/QueryByExampleController.php @@ -162,7 +162,7 @@ class QueryByExampleController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); $databaseQbe = new Qbe( $this->relation, diff --git a/libraries/classes/Controllers/Database/RoutinesController.php b/libraries/classes/Controllers/Database/RoutinesController.php index 32661369dd..e569e90072 100644 --- a/libraries/classes/Controllers/Database/RoutinesController.php +++ b/libraries/classes/Controllers/Database/RoutinesController.php @@ -94,7 +94,7 @@ class RoutinesController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); } } elseif (strlen($GLOBALS['db']) > 0) { $this->dbi->selectDb($GLOBALS['db']); diff --git a/libraries/classes/Controllers/Database/SearchController.php b/libraries/classes/Controllers/Database/SearchController.php index 857913b718..07ab737a03 100644 --- a/libraries/classes/Controllers/Database/SearchController.php +++ b/libraries/classes/Controllers/Database/SearchController.php @@ -73,7 +73,7 @@ class SearchController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); } // Main search form has been submitted, get results diff --git a/libraries/classes/Controllers/Database/Structure/RealRowCountController.php b/libraries/classes/Controllers/Database/Structure/RealRowCountController.php index fa25360ac1..7800ccd991 100644 --- a/libraries/classes/Controllers/Database/Structure/RealRowCountController.php +++ b/libraries/classes/Controllers/Database/Structure/RealRowCountController.php @@ -46,7 +46,7 @@ final class RealRowCountController extends AbstractController return; } - [$tables] = Util::getDbInfo($GLOBALS['db']); + [$tables] = Util::getDbInfo($request, $GLOBALS['db']); // If there is a request to update all table's row count. if (! isset($parameters['real_row_count_all'])) { diff --git a/libraries/classes/Controllers/Database/StructureController.php b/libraries/classes/Controllers/Database/StructureController.php index 143e24d8aa..b309d06e67 100644 --- a/libraries/classes/Controllers/Database/StructureController.php +++ b/libraries/classes/Controllers/Database/StructureController.php @@ -113,7 +113,7 @@ class StructureController extends AbstractController /** * Retrieves database information for further use. */ - private function getDatabaseInfo(): void + private function getDatabaseInfo(ServerRequest $request): void { [ $tables, @@ -122,7 +122,7 @@ class StructureController extends AbstractController $isShowStats, $dbIsSystemSchema,,, $position, - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); $this->tables = $tables; $this->numTables = $numTables; @@ -153,7 +153,7 @@ class StructureController extends AbstractController $this->addScriptFiles(['database/structure.js', 'table/change.js']); // Gets the database structure - $this->getDatabaseInfo(); + $this->getDatabaseInfo($request); // Checks if there are any tables to be shown on current page. // If there are no tables, the user is redirected to the last page diff --git a/libraries/classes/Controllers/Database/TrackingController.php b/libraries/classes/Controllers/Database/TrackingController.php index b7da0188d3..4fe2fb9d56 100644 --- a/libraries/classes/Controllers/Database/TrackingController.php +++ b/libraries/classes/Controllers/Database/TrackingController.php @@ -78,7 +78,7 @@ class TrackingController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); if (isset($_POST['delete_tracking'], $_POST['table'])) { Tracker::deleteTracking($GLOBALS['db'], $_POST['table']); diff --git a/libraries/classes/Controllers/Database/TriggersController.php b/libraries/classes/Controllers/Database/TriggersController.php index 8736bf75ab..5ce1506a0a 100644 --- a/libraries/classes/Controllers/Database/TriggersController.php +++ b/libraries/classes/Controllers/Database/TriggersController.php @@ -84,7 +84,7 @@ class TriggersController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); } } elseif (strlen($GLOBALS['db']) > 0) { $this->dbi->selectDb($GLOBALS['db']); diff --git a/libraries/classes/Controllers/Table/TriggersController.php b/libraries/classes/Controllers/Table/TriggersController.php index 249571d6e7..67f3f7c5e5 100644 --- a/libraries/classes/Controllers/Table/TriggersController.php +++ b/libraries/classes/Controllers/Table/TriggersController.php @@ -84,7 +84,7 @@ class TriggersController extends AbstractController $GLOBALS['tooltip_truename'], $GLOBALS['tooltip_aliasname'], $GLOBALS['pos'], - ] = Util::getDbInfo($GLOBALS['db']); + ] = Util::getDbInfo($request, $GLOBALS['db']); } } elseif (strlen($GLOBALS['db']) > 0) { $this->dbi->selectDb($GLOBALS['db']); diff --git a/libraries/classes/Util.php b/libraries/classes/Util.php index 5de93076b2..cd2f9060c0 100644 --- a/libraries/classes/Util.php +++ b/libraries/classes/Util.php @@ -6,6 +6,7 @@ namespace PhpMyAdmin; use PhpMyAdmin\Dbal\ResultInterface; use PhpMyAdmin\Html\Generator; +use PhpMyAdmin\Http\ServerRequest; use PhpMyAdmin\Query\Compatibility; use PhpMyAdmin\Query\Utilities; use PhpMyAdmin\SqlParser\Components\Expression; @@ -43,6 +44,7 @@ use function implode; use function in_array; use function ini_get; use function is_array; +use function is_numeric; use function is_object; use function is_scalar; use function is_string; @@ -2070,11 +2072,9 @@ class Util /** * Gets the list of tables in the current db and information about these tables if possible. * - * @param string $db - * * @return array */ - public static function getDbInfo($db, bool $isResultLimited = true) + public static function getDbInfo(ServerRequest $request, string $db, bool $isResultLimited = true): array { /** * limits for table list @@ -2084,8 +2084,10 @@ class Util $_SESSION['tmpval']['table_limit_offset_db'] = $db; } - if (isset($_REQUEST['pos'])) { - $_SESSION['tmpval']['table_limit_offset'] = (int) $_REQUEST['pos']; + /** @var mixed $posParam */ + $posParam = $request->getParam('pos'); + if (is_numeric($posParam)) { + $_SESSION['tmpval']['table_limit_offset'] = (int) $posParam; } $pos = $_SESSION['tmpval']['table_limit_offset']; @@ -2130,7 +2132,9 @@ class Util $sort = 'Name'; $sortOrder = 'ASC'; - if (isset($_REQUEST['sort'])) { + /** @var mixed $sortParam */ + $sortParam = $request->getParam('sort'); + if (is_string($sortParam)) { $sortableNameMappings = [ 'table' => 'Name', 'records' => 'Rows', @@ -2145,9 +2149,9 @@ class Util ]; // Make sure the sort type is implemented - if (isset($sortableNameMappings[$_REQUEST['sort']])) { - $sort = $sortableNameMappings[$_REQUEST['sort']]; - if ($_REQUEST['sort_order'] === 'DESC') { + if (isset($sortableNameMappings[$sortParam])) { + $sort = $sortableNameMappings[$sortParam]; + if ($request->getParam('sort_order') === 'DESC') { $sortOrder = 'DESC'; } } @@ -2159,15 +2163,22 @@ class Util $limitCount = false; $groupTable = []; - if (! empty($_REQUEST['tbl_group']) || ! empty($_REQUEST['tbl_type'])) { - if (! empty($_REQUEST['tbl_type'])) { + /** @var mixed $tableGroupParam */ + $tableGroupParam = $request->getParam('tbl_group'); + /** @var mixed $tableTypeParam */ + $tableTypeParam = $request->getParam('tbl_type'); + if ( + is_string($tableGroupParam) && $tableGroupParam !== '' + || is_string($tableTypeParam) && $tableTypeParam !== '' + ) { + if (is_string($tableTypeParam) && $tableTypeParam !== '') { // only tables for selected type - $tableType = $_REQUEST['tbl_type']; + $tableType = $tableTypeParam; } - if (! empty($_REQUEST['tbl_group'])) { + if (is_string($tableGroupParam) && $tableGroupParam !== '') { // only tables for selected group - $tableGroup = $_REQUEST['tbl_group']; + $tableGroup = $tableGroupParam; // include the table with the exact name of the group if such // exists $groupTable = $GLOBALS['dbi']->getTablesFull( diff --git a/psalm-baseline.xml b/psalm-baseline.xml index 5a4578df17..afaf9b619b 100644 --- a/psalm-baseline.xml +++ b/psalm-baseline.xml @@ -14526,12 +14526,10 @@ <code>mb_strpos($value, '.')</code> <code>mb_strrpos($columnSpecification, ')')</code> </PossiblyFalseOperand> - <PossiblyInvalidArgument occurrences="5"> + <PossiblyInvalidArgument occurrences="3"> <code>$sep</code> <code>$sep</code> <code>$table</code> - <code>$tableType</code> - <code>$tableType</code> </PossiblyInvalidArgument> <PossiblyInvalidArrayAccess occurrences="2"> <code>$group[$groupName]['tab' . $sep . 'count']</code> @@ -14549,7 +14547,7 @@ <code>$sep</code> <code>$sep</code> </PossiblyInvalidCast> - <PossiblyInvalidOperand occurrences="12"> + <PossiblyInvalidOperand occurrences="11"> <code>$GLOBALS['cfg']['NavigationTreeTableSeparator']</code> <code>$GLOBALS['cfg']['NavigationTreeTableSeparator']</code> <code>$sep</code> @@ -14561,7 +14559,6 @@ <code>$sep</code> <code>$sep</code> <code>$sep</code> - <code>$tableGroup</code> </PossiblyInvalidOperand> <PossiblyNullArgument occurrences="2"> <code>$maxSize</code> @@ -14592,9 +14589,6 @@ <RedundantCondition occurrences="1"> <code>$columnsList !== null</code> </RedundantCondition> - <RiskyCast occurrences="1"> - <code>$_REQUEST['pos']</code> - </RiskyCast> </file> <file src="libraries/classes/Utils/ForeignKey.php"> <RedundantCastGivenDocblockType occurrences="1"> diff --git a/test/classes/Controllers/Database/StructureControllerTest.php b/test/classes/Controllers/Database/StructureControllerTest.php index 1cd678f816..e96f14c6d2 100644 --- a/test/classes/Controllers/Database/StructureControllerTest.php +++ b/test/classes/Controllers/Database/StructureControllerTest.php @@ -9,6 +9,7 @@ use PhpMyAdmin\ConfigStorage\RelationCleanup; use PhpMyAdmin\Controllers\Database\StructureController; use PhpMyAdmin\DatabaseInterface; use PhpMyAdmin\FlashMessages; +use PhpMyAdmin\Http\ServerRequest; use PhpMyAdmin\Operations; use PhpMyAdmin\Replication; use PhpMyAdmin\Table; @@ -448,7 +449,7 @@ class StructureControllerTest extends AbstractTestCase $structureController, StructureController::class, 'getDatabaseInfo', - [''] + [$this->createStub(ServerRequest::class)] ); $this->assertSame( diff --git a/test/classes/UtilTest.php b/test/classes/UtilTest.php index 781a3a2183..78da6fa430 100644 --- a/test/classes/UtilTest.php +++ b/test/classes/UtilTest.php @@ -6,6 +6,7 @@ namespace PhpMyAdmin\Tests; use PhpMyAdmin\DatabaseInterface; use PhpMyAdmin\FieldMetadata; +use PhpMyAdmin\Http\ServerRequest; use PhpMyAdmin\MoTranslator\Loader; use PhpMyAdmin\SqlParser\Context; use PhpMyAdmin\SqlParser\Token; @@ -2546,7 +2547,7 @@ class UtilTest extends AbstractTestCase 'TABLE_TYPE' => 'BASE TABLE', ]; $expected = [['test_table' => $tableInfo], 1, 1, true, false, [], [], 0]; - $actual = Util::getDbInfo('test_db'); + $actual = Util::getDbInfo($this->createStub(ServerRequest::class), 'test_db'); $this->assertSame($expected, $actual); } |