12673986434

Committed 08 Jan 2025 03:42PM UTC coverage: 84.455% (+0.001%) from 84.454%

Build # 12673986434

Build Type

Pull #9385

github

Committed by

web-flow

Commit Message

Merge 06e47f0ee into e475fd8fa

Pull Request Pull Request #9385: refactor: Fix phpstan expr.resultUnused

Run Details

20699 of 24509 relevant lines covered (84.45%)

190.57 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

96.15

/system/Filters/InvalidChars.php

<?php

declare(strict_types=1);

/**
 * This file is part of CodeIgniter 4 framework.
 *
 * (c) CodeIgniter Foundation <admin@codeigniter.com>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace CodeIgniter\Filters;

use CodeIgniter\HTTP\IncomingRequest;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use CodeIgniter\Security\Exceptions\SecurityException;

/**
 * InvalidChars filter.
 *
 * Check if user input data ($_GET, $_POST, $_COOKIE, php://input) do not contain
 * invalid characters:
 *   - invalid UTF-8 characters
 *   - control characters except line break and tab code
 *
 * @see \CodeIgniter\Filters\InvalidCharsTest
 */
class InvalidChars implements FilterInterface
{
    /**
     * Data source
     *
     * @var string
     */
    protected $source;

    /**
     * Regular expressions for valid control codes
     *
     * @var string
     */
    protected $controlCodeRegex = '/\A[\r\n\t[:^cntrl:]]*\z/u';

    /**
     * Check invalid characters.
     *
     * @param list<string>|null $arguments
     */
    public function before(RequestInterface $request, $arguments = null)
    {
        if (! $request instanceof IncomingRequest) {
            return null;
        }

        $data = [
            'get'      => $request->getGet(),
            'post'     => $request->getPost(),
            'cookie'   => $request->getCookie(),
            'rawInput' => $request->getRawInput(),
        ];

        foreach ($data as $source => $values) {
            $this->source = $source;
            $this->checkEncoding($values);
            $this->checkControl($values);
        }

        return null;
    }

    /**
     * We don't have anything to do here.
     *
     * @param list<string>|null $arguments
     */
    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
    {
        return null;
    }

    /**
     * Check the character encoding is valid UTF-8.
     *
     * @param array|string $value
     *
     * @return array|string
     */
    protected function checkEncoding($value)
    {
        if (is_array($value)) {
            array_map($this->checkEncoding(...), $value);

            return $value;
        }

        if (mb_check_encoding($value, 'UTF-8')) {
            return $value;
        }

        throw SecurityException::forInvalidUTF8Chars($this->source, $value);
    }

    /**
     * Check for the presence of control characters except line breaks and tabs.
     *
     * @param array|string $value
     *
     * @return array|string
     */
    protected function checkControl($value)
    {
        if (is_array($value)) {
            array_map($this->checkControl(...), $value);

            return $value;
        }

        if (preg_match($this->controlCodeRegex, $value) === 1) {
            return $value;
        }

        throw SecurityException::forInvalidControlChars($this->source, $value);
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of CodeIgniter 4 framework.
7	*
8	* (c) CodeIgniter Foundation <admin@codeigniter.com>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace CodeIgniter\Filters;
15
16	use CodeIgniter\HTTP\IncomingRequest;
17	use CodeIgniter\HTTP\RequestInterface;
18	use CodeIgniter\HTTP\ResponseInterface;
19	use CodeIgniter\Security\Exceptions\SecurityException;
20
21	/**
22	* InvalidChars filter.
23	*
24	* Check if user input data ($_GET, $_POST, $_COOKIE, php://input) do not contain
25	* invalid characters:
26	* - invalid UTF-8 characters
27	* - control characters except line break and tab code
28	*
29	* @see \CodeIgniter\Filters\InvalidCharsTest
30	*/
31	class InvalidChars implements FilterInterface
32	{
33	/**
34	* Data source
35	*
36	* @var string
37	*/
38	protected $source;
39
40	/**
41	* Regular expressions for valid control codes
42	*
43	* @var string
44	*/
45	protected $controlCodeRegex = '/\A[\r\n\t[:^cntrl:]]*\z/u';
46
47	/**
48	* Check invalid characters.
49	*
50	* @param list<string>\|null $arguments
51	*/
52	public function before(RequestInterface $request, $arguments = null)
53	{
54	if (! $request instanceof IncomingRequest) {	11✔
55	return null;	1✔
56	}
57
58	$data = [	10✔
59	'get' => $request->getGet(),	10✔
60	'post' => $request->getPost(),	10✔
61	'cookie' => $request->getCookie(),	10✔
62	'rawInput' => $request->getRawInput(),	10✔
63	];	10✔
64
65	foreach ($data as $source => $values) {	10✔
66	$this->source = $source;	10✔
67	$this->checkEncoding($values);	10✔
68	$this->checkControl($values);	10✔
69	}
70
71	return null;	6✔
72	}
73
74	/**
75	* We don't have anything to do here.
76	*
77	* @param list<string>\|null $arguments
78	*/
79	public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
80	{
81	return null;	×
82	}
83
84	/**
85	* Check the character encoding is valid UTF-8.
86	*
87	* @param array\|string $value
88	*
89	* @return array\|string
90	*/
91	protected function checkEncoding($value)
92	{
93	if (is_array($value)) {	10✔
94	array_map($this->checkEncoding(...), $value);	10✔
95
96	return $value;	10✔
97	}
98
99	if (mb_check_encoding($value, 'UTF-8')) {	10✔
100	return $value;	10✔
101	}
102
103	throw SecurityException::forInvalidUTF8Chars($this->source, $value);	1✔
104	}
105
106	/**
107	* Check for the presence of control characters except line breaks and tabs.
108	*
109	* @param array\|string $value
110	*
111	* @return array\|string
112	*/
113	protected function checkControl($value)
114	{
115	if (is_array($value)) {	10✔
116	array_map($this->checkControl(...), $value);	10✔
117
118	return $value;	8✔
119	}
120
121	if (preg_match($this->controlCodeRegex, $value) === 1) {	9✔
122	return $value;	6✔
123	}
124
125	throw SecurityException::forInvalidControlChars($this->source, $value);	3✔
126	}
127	}

codeigniter4 / CodeIgniter4 / 12673986434

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous