diff options
author | Jeremy Kemper <jeremy@bitsweat.net> | 2007-05-15 00:08:05 +0000 |
---|---|---|
committer | Jeremy Kemper <jeremy@bitsweat.net> | 2007-05-15 00:08:05 +0000 |
commit | f8273e430916f8c7b0d21ad14aab90e427f8c0a6 (patch) | |
tree | 4dfec8ec427d1c1d3b2fc98184790a95f5ff7919 /actionpack/lib/action_controller/cgi_ext/parameters.rb | |
parent | 7fb5d44df77c377a02797d0dbdddbf6817d55ce8 (diff) | |
download | rails-f8273e430916f8c7b0d21ad14aab90e427f8c0a6.tar.gz rails-f8273e430916f8c7b0d21ad14aab90e427f8c0a6.tar.bz2 rails-f8273e430916f8c7b0d21ad14aab90e427f8c0a6.zip |
Shine some sunlight on the CGI extensions. Remove unused CGI#session.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6733 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/lib/action_controller/cgi_ext/parameters.rb')
-rw-r--r-- | actionpack/lib/action_controller/cgi_ext/parameters.rb | 232 |
1 files changed, 232 insertions, 0 deletions
diff --git a/actionpack/lib/action_controller/cgi_ext/parameters.rb b/actionpack/lib/action_controller/cgi_ext/parameters.rb new file mode 100644 index 0000000000..639f131e00 --- /dev/null +++ b/actionpack/lib/action_controller/cgi_ext/parameters.rb @@ -0,0 +1,232 @@ +require 'cgi' +require 'strscan' + +class CGI #:nodoc: + class << self + alias :escapeHTML_fail_on_nil :escapeHTML + + def escapeHTML(string) + escapeHTML_fail_on_nil(string) unless string.nil? + end + end +end + +module ActionController + module CgiExt + module Parameters + def self.included(base) + base.extend ClassMethods + end + + # Merge POST and GET parameters from the request body and query string, + # with GET parameters taking precedence. + def parameters + request_parameters.update(query_parameters) + end + + def query_parameters + self.class.parse_query_parameters(query_string) + end + + def request_parameters + self.class.parse_request_parameters(params, env_table) + end + + module ClassMethods + # DEPRECATED: Use parse_form_encoded_parameters + def parse_query_parameters(query_string) + pairs = query_string.split('&').collect do |chunk| + next if chunk.empty? + key, value = chunk.split('=', 2) + next if key.empty? + value = value.nil? ? nil : CGI.unescape(value) + [ CGI.unescape(key), value ] + end.compact + + FormEncodedPairParser.new(pairs).result + end + + # DEPRECATED: Use parse_form_encoded_parameters + def parse_request_parameters(params) + parser = FormEncodedPairParser.new + + params = params.dup + until params.empty? + for key, value in params + if key.blank? + params.delete key + elsif !key.include?('[') + # much faster to test for the most common case first (GET) + # and avoid the call to build_deep_hash + parser.result[key] = get_typed_value(value[0]) + params.delete key + elsif value.is_a?(Array) + parser.parse(key, get_typed_value(value.shift)) + params.delete key if value.empty? + else + raise TypeError, "Expected array, found #{value.inspect}" + end + end + end + + parser.result + end + + def parse_formatted_request_parameters(mime_type, raw_post_data) + case strategy = ActionController::Base.param_parsers[mime_type] + when Proc + strategy.call(raw_post_data) + when :xml_simple, :xml_node + raw_post_data.blank? ? {} : Hash.from_xml(raw_post_data).with_indifferent_access + when :yaml + YAML.load(raw_post_data) + end + rescue Exception => e # YAML, XML or Ruby code block errors + { "exception" => "#{e.message} (#{e.class})", "backtrace" => e.backtrace, + "raw_post_data" => raw_post_data, "format" => mime_type } + end + + private + def get_typed_value(value) + case value + when String + value + when NilClass + '' + when Array + value.map { |v| get_typed_value(v) } + else + # Uploaded file provides content type and filename. + if value.respond_to?(:content_type) && + !value.content_type.blank? && + !value.original_filename.blank? + unless value.respond_to?(:full_original_filename) + class << value + alias_method :full_original_filename, :original_filename + + # Take the basename of the upload's original filename. + # This handles the full Windows paths given by Internet Explorer + # (and perhaps other broken user agents) without affecting + # those which give the lone filename. + # The Windows regexp is adapted from Perl's File::Basename. + def original_filename + if md = /^(?:.*[:\\\/])?(.*)/m.match(full_original_filename) + md.captures.first + else + File.basename full_original_filename + end + end + end + end + + # Return the same value after overriding original_filename. + value + + # Multipart values may have content type, but no filename. + elsif value.respond_to?(:read) + result = value.read + value.rewind + result + + # Unknown value, neither string nor multipart. + else + raise "Unknown form value: #{value.inspect}" + end + end + end + end + + class FormEncodedPairParser < StringScanner #:nodoc: + attr_reader :top, :parent, :result + + def initialize(pairs = []) + super('') + @result = {} + pairs.each { |key, value| parse(key, value) } + end + + KEY_REGEXP = %r{([^\[\]=&]+)} + BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]} + + # Parse the query string + def parse(key, value) + self.string = key + @top, @parent = result, nil + + # First scan the bare key + key = scan(KEY_REGEXP) or return + key = post_key_check(key) + + # Then scan as many nestings as present + until eos? + r = scan(BRACKETED_KEY_REGEXP) or return + key = self[1] + key = post_key_check(key) + end + + bind(key, value) + end + + private + # After we see a key, we must look ahead to determine our next action. Cases: + # + # [] follows the key. Then the value must be an array. + # = follows the key. (A value comes next) + # & or the end of string follows the key. Then the key is a flag. + # otherwise, a hash follows the key. + def post_key_check(key) + if scan(/\[\]/) # a[b][] indicates that b is an array + container(key, Array) + nil + elsif check(/\[[^\]]/) # a[b] indicates that a is a hash + container(key, Hash) + nil + else # End of key? We do nothing. + key + end + end + + # Add a container to the stack. + def container(key, klass) + type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass) + value = bind(key, klass.new) + type_conflict! klass, value unless value.is_a?(klass) + push(value) + end + + # Push a value onto the 'stack', which is actually only the top 2 items. + def push(value) + @parent, @top = @top, value + end + + # Bind a key (which may be nil for items in an array) to the provided value. + def bind(key, value) + if top.is_a? Array + if key + if top[-1].is_a?(Hash) && ! top[-1].key?(key) + top[-1][key] = value + else + top << {key => value}.with_indifferent_access + push top.last + end + else + top << value + end + elsif top.is_a? Hash + key = CGI.unescape(key) + parent << (@top = {}) if top.key?(key) && parent.is_a?(Array) + return top[key] ||= value + else + raise ArgumentError, "Don't know what to do: top is #{top.inspect}" + end + + return value + end + + def type_conflict!(klass, value) + raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value." + end + end + end + end +end |