Merge branch 'release-1.6.1'

theinpu · Apr 21, 2012 · f2444b3 · f2444b3
2 parents b3024df + ea6e77f
commit f2444b3
Show file tree

Hide file tree

Showing 10 changed files with 135 additions and 10 deletions.
diff --git a/Slim/Environment.php b/Slim/Environment.php
@@ -137,7 +137,7 @@ private function __construct( $settings = null ) {
             if ( strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0 ) {
                 $env['SCRIPT_NAME'] = $_SERVER['SCRIPT_NAME']; //Without URL rewrite
             } else {
-                $env['SCRIPT_NAME'] = pathinfo($_SERVER['SCRIPT_NAME'], PATHINFO_DIRNAME); //With URL rewrite
+                $env['SCRIPT_NAME'] = str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME']) ); //With URL rewrite
             }
             $env['PATH_INFO'] = substr_replace($_SERVER['REQUEST_URI'], '', 0, strlen($env['SCRIPT_NAME']));
             if ( strpos($env['PATH_INFO'], '?') !== false ) {
@@ -158,6 +158,7 @@ private function __construct( $settings = null ) {
             //HTTP request headers
             $specialHeaders = array('CONTENT_TYPE', 'CONTENT_LENGTH', 'PHP_AUTH_USER', 'PHP_AUTH_PW', 'PHP_AUTH_DIGEST', 'AUTH_TYPE');
             foreach ( $_SERVER as $key => $value ) {
+                $value = is_string($value) ? trim($value) : $value;
                 if ( strpos($key, 'HTTP_') === 0 ) {
                     $env[substr($key, 5)] = $value;
                 } else if ( strpos($key, 'X_') === 0 || in_array($key, $specialHeaders) ) {
@@ -222,4 +223,4 @@ public function offsetUnset( $offset ) {
     public function getIterator() {
         return new ArrayIterator($this->properties);
     }
-}
+}
diff --git a/Slim/Http/Request.php b/Slim/Http/Request.php
@@ -223,6 +223,8 @@ public function post( $key = null ) {
                     parse_str($this->env['slim.input'], $output);
                 }
                 $this->env['slim.request.form_hash'] = Slim_Http_Util::stripSlashesIfMagicQuotes($output);
+            } else {
+                $this->env['slim.request.form_hash'] = Slim_Http_Util::stripSlashesIfMagicQuotes($_POST);
             }
         }
         if ( $key ) {
@@ -245,6 +247,15 @@ public function put( $key = null ) {
         return $this->post($key);
     }
 
+    /**
+     * Fetch DELETE data (alias for Slim_Http_Request::post)
+     * @param   string $key
+     * @return  array|mixed|null
+     */
+    public function delete( $key = null ) {
+        return $this->post($key);
+    }
+
     /**
      * Fetch COOKIE data
      *
@@ -393,6 +404,10 @@ public function getContentLength() {
      */
     public function getHost() {
         if ( isset($this->env['HOST']) ) {
+            if ( strpos($this->env['HOST'], ':') !== false ) {
+                $hostParts = explode(':', $this->env['HOST']);
+                return $hostParts[0];
+            }
             return $this->env['HOST'];
         } else {
             return $this->env['SERVER_NAME'];
@@ -480,6 +495,11 @@ public function getUrl() {
      * @return string
      */
     public function getIp() {
+        if ( isset($this->env['X_FORWARDED_FOR']) ) {
+            return $this->env['X_FORWARDED_FOR'];
+        } else if ( isset($this->env['CLIENT_IP']) ) {
+            return $this->env['CLIENT_IP'];
+        }
         return $this->env['REMOTE_ADDR'];
     }
 

diff --git a/Slim/Http/Util.php b/Slim/Http/Util.php
@@ -183,7 +183,7 @@ public static function decrypt( $data, $key, $iv, $settings = array() ) {
      */
     public static function encodeSecureCookie( $value, $expires, $secret, $algorithm, $mode ) {
         $key = hash_hmac('sha1', $expires, $secret);
-        $iv = md5($expires);
+        $iv = self::get_iv($expires, $secret);
         $secureString = base64_encode(self::encrypt($value, $key, $iv, array(
             'algorithm' => $algorithm,
             'mode' => $mode
@@ -211,7 +211,7 @@ public static function decodeSecureCookie( $value, $secret, $algorithm, $mode )
             $value = explode('|', $value);
             if ( count($value) === 3 && ( (int)$value[0] === 0 || (int)$value[0] > time() ) ) {
                 $key = hash_hmac('sha1', $value[0], $secret);
-                $iv = md5($value[0]);
+                $iv = self::get_iv($value[0], $secret);
                 $data = self::decrypt(base64_decode($value[1]), $key, $iv, array(
                     'algorithm' => $algorithm,
                     'mode' => $mode
@@ -361,4 +361,21 @@ public static function parseCookieHeader( $header ) {
         }
         return $cookies;
     }
+
+    /**
+     * Generate a random IV
+     *
+     * This method will generate a non-predictable IV for use with
+     * the cookie encryption
+     *
+     * @param   int     $expires    The UNIX timestamp at which this cookie will expire
+     * @param   string  $secret     The secret key used to hash the cookie value
+     * @return  binary string with length 40
+     */
+    private static function get_iv($expires, $secret) {
+        $data1 = hash_hmac('sha1', 'a'.$expires.'b', $secret);
+        $data2 = hash_hmac('sha1', 'z'.$expires.'y', $secret);
+        return pack("h*", $data1.$data2);
+    }
+
 }
diff --git a/Slim/Log.php b/Slim/Log.php
@@ -211,7 +211,7 @@ public function fatal( $object ) {
      */
     protected function log( $object, $level ) {
         if ( $this->enabled && $this->writer && $level <= $this->level ) {
-            return $this->writer->write($object);
+            return $this->writer->write($object, $level);
         } else {
             return false;
         }

diff --git a/Slim/LogFileWriter.php b/Slim/LogFileWriter.php
@@ -63,9 +63,10 @@ public function __construct( $resource ) {
     /**
      * Write message
      * @param   mixed       $message
+     * @param   int         $level
      * @return  int|false
      */
-    public function write( $message ) {
+    public function write( $message, $level = null ) {
         return fwrite($this->resource, (string)$message . PHP_EOL);
     }
 }
diff --git a/index.php b/index.php
@@ -88,7 +88,7 @@
         </head>
         <body>
             <header>
-                <a href="http://www.slimframework.com"><img src="logo.png" alt="Slim"/></a>
+                <a href="http://www.slimframework.com"><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAHIAAAA6CAYAAABs1g18AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAABRhJREFUeNrsXY+VsjAMR98twAo6Ao4gI+gIOIKOgCPICDoCjCAjXFdgha+5C3dcv/QfFB5i8h5PD21Bfk3yS9L2VpGnlGW5kS9wJMTHNRxpmjYRy6SycgRvL18OeMQOTYQ8HvIoJKiiz43hgHkq1zvK/h6e/TyJQXeV/VyWBOSHA4C5RvtMAiCc4ZB9FPjgRI8+YuKcrySO515a1hoAY3nc4G2AH52BZsn+MjaAEwIJICKAIR889HljMCcyrR0QE4v/q/BVBQva7Q1tAczG18+x+PvIswHEAslLbfGrMZKiXEOMAMy6LwlisQCJLPFMfKdBtli5dIihRyH7A627Iaiq5sJ1ThP9xoIgSdWSNVIHYmrTQgOgRyRNqm/M5PnrFFopr3F6B41cd8whRUSufUBU5EL4U93AYRnIWimCIiSI1wAaAZpJ9bPnxx8eyI3Gt4QybwWa6T/BvbQECUMQFkhd3jSkPFgrxwcynuBaNT/u6eJIlbGOBWSNIUDFEIwPZFAtBfYrfeIOSRSXuUYCsprCXwUIZWYnmEhJFMIocMDWjn206c2EsGLCJd42aWSyBNMnHxLEq7niMrY2qyDbQUbqrrTbwUPtxN1ZZCitQV4ZSd6DyoxhmRD6OFjuRUS/KdLGRHYowJZaqYgjt9Lchmi3QYA/cXBsHK6VfWNR5jgA1DLhwfFe4HqfODBpINEECCLO47LT/+HSvSd/OCOgQ8qE0DbHQUBqpC4BkKMPYPkFY4iAJXhGAYr1qmaqQDbECCg5A2NMchzR567aA4xcRKclI405Bmt46vYD7/Gcjqfk6GP/kh1wovIDSHDfiAs/8bOCQ4cf4qMt7eH5Cucr3S0aWGFfjdLHD8EhCFvXQlSqRrY5UV2O9cfZtk77jUFMXeqzCEZqSK4ICkSin2tE12/3rbVcE41OBjBjBPSdJ1N5lfYQpIuhr8axnyIy5KvXmkYnw8VbcwtTNj7fDNCmT2kPQXA+bxpEXkB21HlnSQq0gD67jnfh5KavVJa/XQYEFSaagWwbgjNA+ywstLpEWTKgc5gwVpsyO1bTII+tA6B7BPS+0PiznuM9gPKsPVXbFdADMtwbJxSmkXWfRh6AZhyyzBjIHoDmnCGaMZAKjd5hyNJYCBGDOVcg28AXQ5atAVDO3c4dSALQnYblfa3M4kc/cyA7gMIUBQCTyl4kugIpy8yA7ACqK8Uwk30lIFGOEV3rPDAELwQkr/9YjkaCPDQhCcsrAYlF1v8W8jAEYeQDY7qn6tNGWudfq+YUEr6uq6FZzBpJMUfWFDatLHMCciw2mRC+k81qCCA1DzK4aUVfrJpxnloZWCPVnOgYy8L3GvKjE96HpweQoy7iwVQclVutLOEKJxA8gaRCjSzgNI2zhh3bQhzBCQQPIHGaHaUd96GJbZz3Smmjy16u6j3FuKyNxcBarxqWWfYFE0tVVO1Rl3t1Mb05V00MQCJ71YHpNaMcsjWAfkQvPPkaNC7LqTG7JAhGXTKYf+VDeXAX9IvURoAwtTFHvyYIxtnd5tPkywrPafcwbeSuGVwFau3b76NO7SHQrvqhfFE8kM0Wvpv8gVYiYBlxL+fW/34bgP6bIC7JR7YPDubcHCPzIp4+cum7U6NlhZgK7lua3KGLeFwE2m+HblDYWSHG2SAfINuwBBfxbJEIuWZbBH4fAExD7cvaGVyXyH0dhiAYc92z3ZDfUVv+jgb8HrHy7WVO/8BFcy9vuTz+nwADAGnOR39Yg/QkAAAAAElFTkSuQmCC" alt="Slim"/></a>
             </header>
             <h1>Welcome to Slim!</h1>
             <p>

diff --git a/logo.png b/logo.png
diff --git a/tests/Http/RequestTest.php b/tests/Http/RequestTest.php
@@ -290,6 +290,23 @@ public function testPostWithoutInput() {
         $req->post('foo');
     }
 
+    /**
+     * Test fetch POST params even if multipart/form-data request
+     */
+    public function testPostWithMultipartRequest() {
+        $_POST = array('foo' => 'bar'); //<-- Set by PHP
+        $env = Slim_Environment::mock(array(
+            'REQUEST_METHOD' => 'POST',
+            'slim.input' => '', //<-- "php://input" is empty for multipart/form-data requests
+            'CONTENT_TYPE' => 'multipart/form-data',
+            'CONTENT_LENGTH' => 0
+        ));
+        $req = new Slim_Http_Request($env);
+        $this->assertEquals(1, count($req->post()));
+        $this->assertEquals('bar', $req->post('foo'));
+        $this->assertNull($req->post('xyz'));
+    }
+
     /**
      * Test fetch PUT params
      */
@@ -303,9 +320,27 @@ public function testPut() {
         $req = new Slim_Http_Request($env);
         $this->assertEquals(2, count($req->put()));
         $this->assertEquals('bar', $req->put('foo'));
+        $this->assertEquals('bar', $req->params('foo'));
         $this->assertNull($req->put('xyz'));
     }
 
+    /**
+     * Test fetch DELETE params
+     */
+    public function testDelete() {
+        $env = Slim_Environment::mock(array(
+            'REQUEST_METHOD' => 'DELETE',
+            'slim.input' => 'foo=bar&abc=123',
+            'CONTENT_TYPE' => 'application/x-www-form-urlencoded',
+            'CONTENT_LENGTH' => 15
+        ));
+        $req = new Slim_Http_Request($env);
+        $this->assertEquals(2, count($req->delete()));
+        $this->assertEquals('bar', $req->delete('foo'));
+        $this->assertEquals('bar', $req->params('foo'));
+        $this->assertNull($req->delete('xyz'));
+    }
+
     /**
      * Test fetch COOKIE params
      */
@@ -566,6 +601,18 @@ public function testGetHost() {
         $this->assertEquals('slimframework.com', $req->getHost()); //Uses HTTP_HOST if available
     }
 
+    /**
+     * Test get host when it has a port number
+     */
+    public function testGetHostAndStripPort() {
+        $env = Slim_Environment::mock(array(
+            'SERVER_NAME' => 'slim',
+            'HOST' => 'slimframework.com:80'
+        ));
+        $req = new Slim_Http_Request($env);
+        $this->assertEquals('slimframework.com', $req->getHost()); //Uses HTTP_HOST if available
+    }
+
     /**
      * Test get host
      */
@@ -593,6 +640,20 @@ public function testGetHostWithPort() {
         $this->assertEquals('slimframework.com:80', $req->getHostWithPort());
     }
 
+    /**
+     * Test get host with port doesn't dulplicate port numbers
+     */
+    public function testGetHostDoesntDulplicatePort() {
+        $env = Slim_Environment::mock(array(
+            'HOST' => 'slimframework.com:80',
+            'SERVER_NAME' => 'slim',
+            'SERVER_PORT' => 80,
+            'slim.url_scheme' => 'http'
+        ));
+        $req = new Slim_Http_Request($env);
+        $this->assertEquals('slimframework.com:80', $req->getHostWithPort());
+    }
+
     /**
      * Test get port
      */
@@ -744,6 +805,31 @@ public function testGetIp() {
         $this->assertEquals('127.0.0.1', $req->getIp());
     }
 
+    /**
+     * Test get IP with proxy server and Client-Ip header
+     */
+    public function testGetIpWithClientIp() {
+        $env = Slim_Environment::mock(array(
+            'REMOTE_ADDR' => '127.0.0.1',
+            'CLIENT_IP' => '127.0.0.2'
+        ));
+        $req = new Slim_Http_Request($env);
+        $this->assertEquals('127.0.0.2', $req->getIp());
+    }
+
+    /**
+     * Test get IP with proxy server and X-Forwarded-For header
+     */
+    public function testGetIpWithForwardedFor() {
+        $env = Slim_Environment::mock(array(
+            'REMOTE_ADDR' => '127.0.0.1',
+            'CLIENT_IP' => '127.0.0.2',
+            'X_FORWARDED_FOR' => '127.0.0.3'
+        ));
+        $req = new Slim_Http_Request($env);
+        $this->assertEquals('127.0.0.3', $req->getIp());
+    }
+
     /**
      * Test get refererer
      */

diff --git a/tests/LogTest.php b/tests/LogTest.php
@@ -35,7 +35,7 @@
 require 'Slim/Log.php';
 
 class MyWriter {
-    public function write( $object ) {
+    public function write( $object, $level ) {
         echo (string)$object;
         return true;
     }

diff --git a/tests/Middleware/SessionCookieTest.php b/tests/Middleware/SessionCookieTest.php
@@ -76,7 +76,7 @@ public function testSessionIsPopulatedFromCookie() {
         Slim_Environment::mock(array(
             'SCRIPT_NAME' => '/index.php',
             'PATH_INFO' => '/foo',
-            'COOKIE' => 'slim_session=1639490378%7CqWbI5R%2Bf%2B%2F1KfHQQ9cANqEEdK5aNhf%2FQy2WX%2FCFOG5Y%3D%7Ce207c55544e1f7889a357ab39700f9cbb3836ea3',
+            'COOKIE' => 'slim_session=1644004961%7CLKkYPwqKIMvBK7MWl6D%2BxeuhLuMaW4quN%2F512ZAaVIY%3D%7Ce0f007fa852c7101e8224bb529e26be4d0dfbd63',
         ));
         $app = new Slim();
         $app->get('/foo', function () {
@@ -107,4 +107,4 @@ public function testSessionIsPopulatedAsEmptyIfNoCookie() {
         $mw->call();
         $this->assertEquals(array(), $_SESSION);
     }
-}
+}