Development

- Updated `helpers.php` and helpers example in documentation.
- MalformedUrlException is now handled properly by Router to avoid phpStorm syntax highlights in routes.
- Added `getUrlCopy` to `Request` class, used to clone the current route (to keep domain etc.)
- `setUrl` in `Request` are now strict and requires `Url` object and no longer accepts strings.
- Renamed `hasRewrite` property to `hasPendingRewrite` in `Request` class.
- Renamed `hasRewrite` and `setHasRewrite` methods to `hasPendingRewrite` and `setHasPendingRewrite` in `Request` class.
- Added better usage of `Url` class. When calling `url` you can now use the methods on the `Url` class to filter params, get relative/absolute url etc. See documentation for more info.
- Renamed `get` method to `getValue` in `InputHandler` class.
- Renamed `getObject` to `get` and removed `$defaultValue` argument in `InputHandler` class.
- Optimized `InputHandler` class.
- Fixed issue with `$token` not being proper string in `BaseCsrfVerifier` when token is not found.
- Added php.ini configuration settings to `setcookie` in `CookieTokenProvider` for improved security.
- Added `$router` parameter to `boot` method in `IRouterBootManager` which allows for further manipulation of the router within the bootmanager.
- Renamed `$processingRoute` property to `$isProcessingRoute` in `Router` class.
- Fixed `reset` method not resetting CSRF-verifier in `Router` class.
- Moved `arrayToParams` helper-method from `Router` to `Url` class.
- Began to add Event-functionality to router.
- Added `addEventHandler` method to `SimpleRouter` class.
- Moved `Pecee\SimpleRouter\Handler\CallbackExceptionHandler` to `Pecee\SimpleRouter\Handlers\CallbackExceptionHandler`.
- Moved `Pecee\SimpleRouter\Handler\IExceptionHandler` to `Pecee\SimpleRouter\Handlers\IExceptionHandler`.
- Added Events section to documentation.
- Added more information on url-handling in documentation.
- Optimisations.

helpers.php

@@ -1,6 +1,9 @@
 <?php
 
 use Pecee\SimpleRouter\SimpleRouter as Router;
+use \Pecee\Http\Url;
+use \Pecee\Http\Response;
+use \Pecee\Http\Request;
 
 /**
  * Get url for a route by using either name/alias, class or method name.
@@ -17,29 +20,26 @@
  * @param string|null $name
  * @param string|array|null $parameters
  * @param array|null $getParams
- * @return string
+ * @return \Pecee\Http\Url
  * @throws \InvalidArgumentException
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
  */
-function url($name = null, $parameters = null, $getParams = null)
+function url(?string $name = null, $parameters = null, ?array $getParams = null): Url
 {
  return Router::getUrl($name, $parameters, $getParams);
 }
 
 /**
  * @return \Pecee\Http\Response
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
  */
-function response()
+function response(): Response
 {
  return Router::response();
 }
 
 /**
  * @return \Pecee\Http\Request
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
  */
-function request()
+function request(): Request
 {
  return Router::request();
 }
@@ -49,19 +49,27 @@ function request()
  * @param string|null $index Parameter index name
  * @param string|null $defaultValue Default return value
  * @param string|array|null $methods Default method
- * @return \Pecee\Http\Input\InputHandler|string
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
+ * @return \Pecee\Http\Input\InputHandler|\Pecee\Http\Input\IInputItem|string
  */
 function input($index = null, $defaultValue = null, $methods = null)
 {
  if ($index !== null) {
- return request()->getInputHandler()->get($index, $defaultValue, $methods);
+
+ if ($defaultValue !== null) {
+ return request()->getInputHandler()->getValue($index, $defaultValue, $methods);
+ }
+
+ return request()->getInputHandler()->get($index, $methods);
  }
 
  return request()->getInputHandler();
 }
 
-function redirect($url, $code = null)
+/**
+ * @param string $url
+ * @param int|null $code
+ */
+function redirect(string $url, ?int $code = null): void
 {
  if ($code !== null) {
  response()->httpCode($code);
@@ -73,9 +81,8 @@ function redirect($url, $code = null)
 /**
  * Get current csrf-token
  * @return string|null
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
  */
-function csrf_token()
+function csrf_token(): ?string
 {
  $baseVerifier = Router::router()->getCsrfVerifier();
  if ($baseVerifier !== null) {

src/Pecee/Http/Input/InputHandler.php

@@ -87,7 +87,6 @@ public function parseFiles(): array
  }
 
  $keys = [$key];
-
  $files = $this->rearrangeFiles($value['name'], $keys, $value);
 
  if (isset($list[$key]) === true) {
@@ -212,46 +211,41 @@ public function findGet(string $index, ?string $defaultValue = null)
  * Get input object
  *
  * @param string $index
- * @param string|null $defaultValue
- * @param array|string|null $methods
- * @return IInputItem|string
+ * @param array ...$methods
+ * @return IInputItem|null
  */
- public function getObject(string $index, ?string $defaultValue = null, $methods = null)
+ public function get(string $index, ...$methods) : ?IInputItem
  {
- if ($methods !== null && \is_string($methods) === true) {
- $methods = [$methods];
- }
-
  $element = null;
 
- if ($methods === null || \in_array('get', $methods, true) === true) {
+ if (\count($methods) === 0 || \in_array('get', $methods, true) === true) {
  $element = $this->findGet($index);
  }
 
- if (($element === null && $methods === null) || ($methods !== null && \in_array('post', $methods, true) === true)) {
+ if (($element === null && \count($methods) === 0) || (\count($methods) === 0 && \in_array('post', $methods, true) === true)) {
  $element = $this->findPost($index);
  }
 
- if (($element === null && $methods === null) || ($methods !== null && \in_array('file', $methods, true) === true)) {
+ if (($element === null && \count($methods) === 0) || (\count($methods) === 0 && \in_array('file', $methods, true) === true)) {
  $element = $this->findFile($index);
  }
 
- return $element ?? $defaultValue;
+ return $element;
  }
 
  /**
  * Get input element value matching index
  *
  * @param string $index
  * @param string|null $defaultValue
- * @param array|string|null $methods
- * @return InputItem|string
+ * @param array ...$methods
+ * @return string
  */
- public function get(string $index, ?string $defaultValue = null, $methods = null)
+ public function getValue(string $index, ?string $defaultValue = null, ...$methods) : ?string
  {
- $input = $this->getObject($index, $defaultValue, $methods);
+ $input = $this->get($index, $methods);
 
- if ($input instanceof InputItem) {
+ if ($input !== null) {
  return (trim($input->getValue()) === '') ? $defaultValue : $input->getValue();
  }
 
@@ -262,11 +256,12 @@ public function get(string $index, ?string $defaultValue = null, $methods = null
  * Check if a input-item exist
  *
  * @param string $index
+ * @param array ...$method
  * @return bool
  */
- public function exists(string $index): bool
+ public function exists(string $index, ...$method): bool
  {
- return ($this->getObject($index) !== null);
+ return $this->get($index, $method) !== null;
  }
 
  /**
@@ -276,12 +271,16 @@ public function exists(string $index): bool
  */
  public function all(array $filter = null): array
  {
- $output = $_GET + $_POST;
+ $output = $_GET;
 
  if ($this->request->getMethod() === 'post') {
 
+ // Append POST data
+ $output += $_POST;
+
  $contents = file_get_contents('php://input');
 
+ // Append any PHP-input json
  if (strpos(trim($contents), '{') === 0) {
  $post = json_decode($contents, true);
  if ($post !== false) {

src/Pecee/Http/Middleware/BaseCsrfVerifier.php

@@ -67,14 +67,13 @@ public function handle(Request $request): void
 
  if ($this->skip($request) === false && \in_array($request->getMethod(), ['post', 'put', 'delete'], true) === true) {
 
- $token = $request->getInputHandler()->get(static::POST_KEY, null, 'post');
+ $token = $request->getInputHandler()->getValue(
+ static::POST_KEY,
+ $request->getHeader(static::HEADER_KEY),
+ 'post'
+ );
 
- // If the token is not posted, check headers for valid x-csrf-token
- if ($token === null) {
- $token = $request->getHeader(static::HEADER_KEY);
- }
-
- if ($this->tokenProvider->validate($token) === false) {
+ if ($this->tokenProvider->validate((string)$token) === false) {
  throw new TokenMismatchException('Invalid CSRF-token.');
  }
 

src/Pecee/Http/Request.php

@@ -2,26 +2,66 @@
 
 namespace Pecee\Http;
 
+use Pecee\Http\Exceptions\MalformedUrlException;
 use Pecee\Http\Input\InputHandler;
 use Pecee\SimpleRouter\Route\ILoadableRoute;
 use Pecee\SimpleRouter\Route\RouteUrl;
 use Pecee\SimpleRouter\SimpleRouter;
 
 class Request
 {
+ /**
+ * Additional data
+ *
+ * @var array
+ */
  private $data = [];
+
+ /**
+ * Server headers
+ * @var array
+ */
  protected $headers = [];
+
+ /**
+ * Request host
+ * @var string
+ */
  protected $host;
+
+ /**
+ * Current request url
+ * @var Url
+ */
  protected $url;
+
+ /**
+ * Request method
+ * @var string
+ */
  protected $method;
+
+ /**
+ * Input handler
+ * @var InputHandler
+ */
  protected $inputHandler;
 
- protected $hasRewrite = false;
+ /**
+ * Defines if request has pending rewrite
+ * @var bool
+ */
+ protected $hasPendingRewrite = false;
 
  /**
  * @var ILoadableRoute|null
  */
  protected $rewriteRoute;
+
+ /**
+ * Rewrite url
+ * @var string|null
+ */
  protected $rewriteUrl;
 
  /**
@@ -31,7 +71,7 @@ class Request
 
  /**
  * Request constructor.
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
+ * @throws MalformedUrlException
  */
  public function __construct()
  {
@@ -43,10 +83,10 @@ public function __construct()
  $this->setHost($this->getHeader('http-host'));
 
  // Check if special IIS header exist, otherwise use default.
- $this->setUrl($this->getHeader('unencoded-url', $this->getHeader('request-uri')));
+ $this->setUrl(new Url($this->getHeader('unencoded-url', $this->getHeader('request-uri'))));
 
  $this->inputHandler = new InputHandler($this);
- $this->method = strtolower($this->inputHandler->get('_method', $this->getHeader('request-method')));
+ $this->method = strtolower($this->inputHandler->getValue('_method', $this->getHeader('request-method')));
  }
 
  public function isSecure(): bool
@@ -62,6 +102,16 @@ public function getUrl(): Url
  return $this->url;
  }
 
+ /**
+ * Copy url object
+ *
+ * @return Url
+ */
+ public function getUrlCopy(): Url
+ {
+ return clone $this->url;
+ }
+
  /**
  * @return string|null
  */
@@ -205,12 +255,15 @@ public function getAcceptFormats(): array
  }
 
  /**
- * @param string|Url $url
- * @throws \Pecee\Http\Exceptions\MalformedUrlException
+ * @param Url $url
  */
- public function setUrl($url): void
+ public function setUrl(Url $url): void
  {
- $this->url = ($url instanceof Url) ? $url : new Url($url);
+ $this->url = $url;
+
+ if ($this->url->getHost() === null) {
+ $this->url->setHost((string)$this->getHost());
+ }
  }
 
  /**
@@ -237,7 +290,7 @@ public function setMethod(string $method): void
  */
  public function setRewriteRoute(ILoadableRoute $route): self
  {
- $this->hasRewrite = true;
+ $this->hasPendingRewrite = true;
  $this->rewriteRoute = SimpleRouter::addDefaultNamespace($route);
 
  return $this;
@@ -271,7 +324,7 @@ public function getRewriteUrl(): ?string
  */
  public function setRewriteUrl(string $rewriteUrl): self
  {
- $this->hasRewrite = true;
+ $this->hasPendingRewrite = true;
  $this->rewriteUrl = rtrim($rewriteUrl, '/') . '/';
 
  return $this;
@@ -284,7 +337,7 @@ public function setRewriteUrl(string $rewriteUrl): self
  */
  public function setRewriteCallback($callback): self
  {
- $this->hasRewrite = true;
+ $this->hasPendingRewrite = true;
 
  return $this->setRewriteRoute(new RouteUrl($this->getUrl()->getPath(), $callback));
  }
@@ -339,9 +392,9 @@ public function addLoadedRoute(ILoadableRoute $route): self
  *
  * @return bool
  */
- public function hasRewrite(): bool
+ public function hasPendingRewrite(): bool
  {
- return $this->hasRewrite;
+ return $this->hasPendingRewrite;
  }
 
  /**
@@ -350,9 +403,9 @@ public function hasRewrite(): bool
  * @param bool $boolean
  * @return Request
  */
- public function setHasRewrite(bool $boolean): self
+ public function setHasPendingRewrite(bool $boolean): self
  {
- $this->hasRewrite = $boolean;
+ $this->hasPendingRewrite = $boolean;
 
  return $this;
  }

src/Pecee/Http/Security/CookieTokenProvider.php

@@ -63,7 +63,7 @@ public function validate(string $token): bool
  public function setToken(string $token): void
  {
  $this->token = $token;
- setcookie(static::CSRF_KEY, $token, time() + 60 * $this->cookieTimeoutMinutes, '/');
+ setcookie(static::CSRF_KEY, $token, (int)((time() + 60) * $this->cookieTimeoutMinutes), '/', ini_get('session.cookie_domain'), ini_get('session.cookie_secure'), ini_get('session.cookie_httponly'));
  }
 
  /**