Skip to content

Commit d569fe2

Browse files
clxswaltherMauricioFauth
authored andcommitted
Use ServerRequestObject to access POST-vars
Signed-off-by: Sebastian Walther <swalther@complex-it.de>
1 parent d3a8edb commit d569fe2

File tree

8 files changed

+68
-25
lines changed

8 files changed

+68
-25
lines changed

libraries/classes/Controllers/Database/CentralColumns/PopulateColumnsController.php

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,10 @@ public function __construct(
2626

2727
public function __invoke(ServerRequest $request): void
2828
{
29-
$columns = $this->centralColumns->getColumnsNotInCentralList($GLOBALS['db'], $_POST['selectedTable']);
29+
$columns = $this->centralColumns->getColumnsNotInCentralList(
30+
$GLOBALS['db'],
31+
$request->getParsedBodyParam('selectedTable')
32+
);
3033
$this->render('database/central_columns/populate_columns', ['columns' => $columns]);
3134
}
3235
}

libraries/classes/Controllers/Database/SqlController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ public function __invoke(ServerRequest $request): void
6363
true,
6464
false,
6565
isset($_POST['delimiter'])
66-
? htmlspecialchars($_POST['delimiter'])
66+
? htmlspecialchars($request->getParsedBodyParam('delimiter'))
6767
: ';'
6868
));
6969
}

libraries/classes/Controllers/Database/SqlFormatController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ class SqlFormatController extends AbstractController
1717
{
1818
public function __invoke(ServerRequest $request): void
1919
{
20-
$params = ['sql' => $_POST['sql'] ?? null];
20+
$params = ['sql' => $request->getParsedBodyParam('sql')];
2121
$query = strlen((string) $params['sql']) > 0 ? $params['sql'] : '';
2222
$this->response->addJSON(['sql' => Formatter::format($query)]);
2323
}

libraries/classes/Controllers/Database/StructureController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -168,7 +168,7 @@ public function __invoke(ServerRequest $request): void
168168
]);
169169
}
170170

171-
$this->replicationInfo->load($_POST['primary_connection'] ?? null);
171+
$this->replicationInfo->load($request->getParsedBodyParam('primary_connection'));
172172
$replicaInfo = $this->replicationInfo->getReplicaInfo();
173173

174174
$pageSettings = new PageSettings('DbStructure');

libraries/classes/Controllers/HomeController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,7 @@ public function __invoke(ServerRequest $request): void
8282
// This is for $cfg['ShowDatabasesNavigationAsTree'] = false;
8383
// See: https://github.com/phpmyadmin/phpmyadmin/issues/16520
8484
// The DB is defined here and sent to the JS front-end to refresh the DB tree
85-
$GLOBALS['db'] = $_POST['db'] ?? '';
85+
$GLOBALS['db'] = $request->getParsedBodyParam('db', '');
8686
$GLOBALS['table'] = '';
8787
$GLOBALS['show_query'] = '1';
8888
$GLOBALS['errorUrl'] = Url::getFromRoute('/');

libraries/classes/Controllers/LintController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ public function __invoke(ServerRequest $request): void
2222
{
2323
$params = [
2424
'sql_query' => $_POST['sql_query'] ?? null,
25-
'options' => $_POST['options'] ?? null,
25+
'options' => $request->getParsedBodyParam('options'),
2626
];
2727

2828
/**

phpstan-baseline.neon

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -975,6 +975,11 @@ parameters:
975975
count: 1
976976
path: libraries/classes/Controllers/Config/SetConfigController.php
977977

978+
-
979+
message: "#^Parameter \\#2 \\$table of method PhpMyAdmin\\\\Database\\\\CentralColumns\\:\\:getColumnsNotInCentralList\\(\\) expects string, mixed given\\.$#"
980+
count: 1
981+
path: libraries/classes/Controllers/Database/CentralColumns/PopulateColumnsController.php
982+
978983
-
979984
message: "#^Method PhpMyAdmin\\\\Controllers\\\\Database\\\\CentralColumnsController\\:\\:addColumn\\(\\) has parameter \\$params with no value type specified in iterable type array\\.$#"
980985
count: 1
@@ -1055,6 +1060,21 @@ parameters:
10551060
count: 1
10561061
path: libraries/classes/Controllers/Database/SqlAutoCompleteController.php
10571062

1063+
-
1064+
message: "#^Parameter \\#1 \\$string of function htmlspecialchars expects string, mixed given\\.$#"
1065+
count: 1
1066+
path: libraries/classes/Controllers/Database/SqlController.php
1067+
1068+
-
1069+
message: "#^Cannot cast mixed to string\\.$#"
1070+
count: 1
1071+
path: libraries/classes/Controllers/Database/SqlFormatController.php
1072+
1073+
-
1074+
message: "#^Parameter \\#1 \\$query of static method PhpMyAdmin\\\\SqlParser\\\\Utils\\\\Formatter\\:\\:format\\(\\) expects string, mixed given\\.$#"
1075+
count: 1
1076+
path: libraries/classes/Controllers/Database/SqlFormatController.php
1077+
10581078
-
10591079
message: "#^Cannot access offset non\\-empty\\-string on mixed\\.$#"
10601080
count: 1
@@ -1160,6 +1180,11 @@ parameters:
11601180
count: 1
11611181
path: libraries/classes/Controllers/Database/StructureController.php
11621182

1183+
-
1184+
message: "#^Parameter \\#1 \\$connection of method PhpMyAdmin\\\\ReplicationInfo\\:\\:load\\(\\) expects string\\|null, mixed given\\.$#"
1185+
count: 1
1186+
path: libraries/classes/Controllers/Database/StructureController.php
1187+
11631188
-
11641189
message: "#^Parameter \\#4 \\$formattedSize of method PhpMyAdmin\\\\Controllers\\\\Database\\\\StructureController\\:\\:getValuesForAriaTable\\(\\) expects int, string given\\.$#"
11651190
count: 1
@@ -1240,6 +1265,21 @@ parameters:
12401265
count: 1
12411266
path: libraries/classes/Controllers/HomeController.php
12421267

1268+
-
1269+
message: "#^Cannot access offset 'eventEditor' on mixed\\.$#"
1270+
count: 1
1271+
path: libraries/classes/Controllers/LintController.php
1272+
1273+
-
1274+
message: "#^Cannot access offset 'routineEditor' on mixed\\.$#"
1275+
count: 1
1276+
path: libraries/classes/Controllers/LintController.php
1277+
1278+
-
1279+
message: "#^Cannot access offset 'triggerEditor' on mixed\\.$#"
1280+
count: 1
1281+
path: libraries/classes/Controllers/LintController.php
1282+
12431283
-
12441284
message: "#^Parameter \\#1 \\$partialDependencies of method PhpMyAdmin\\\\Normalization\\:\\:createNewTablesFor2NF\\(\\) expects array, mixed given\\.$#"
12451285
count: 1

psalm-baseline.xml

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -941,12 +941,9 @@
941941
</MixedArgument>
942942
</file>
943943
<file src="libraries/classes/Controllers/Database/CentralColumns/PopulateColumnsController.php">
944-
<PossiblyInvalidArgument occurrences="1">
945-
<code>$_POST['selectedTable']</code>
946-
</PossiblyInvalidArgument>
947-
<PossiblyInvalidCast occurrences="1">
948-
<code>$_POST['selectedTable']</code>
949-
</PossiblyInvalidCast>
944+
<MixedArgument occurrences="1">
945+
<code>$request-&gt;getParsedBodyParam('selectedTable')</code>
946+
</MixedArgument>
950947
</file>
951948
<file src="libraries/classes/Controllers/Database/CentralColumnsController.php">
952949
<MixedArgument occurrences="22">
@@ -1395,22 +1392,21 @@
13951392
</MixedAssignment>
13961393
</file>
13971394
<file src="libraries/classes/Controllers/Database/SqlController.php">
1395+
<MixedArgument occurrences="1">
1396+
<code>$request-&gt;getParsedBodyParam('delimiter')</code>
1397+
</MixedArgument>
13981398
<MixedAssignment occurrences="2">
13991399
<code>$GLOBALS['back']</code>
14001400
<code>$GLOBALS['errorUrl']</code>
14011401
</MixedAssignment>
1402-
<PossiblyInvalidArgument occurrences="1">
1403-
<code>$_POST['delimiter']</code>
1404-
</PossiblyInvalidArgument>
14051402
</file>
14061403
<file src="libraries/classes/Controllers/Database/SqlFormatController.php">
1407-
<PossiblyInvalidArgument occurrences="1">
1404+
<MixedArgument occurrences="1">
14081405
<code>$query</code>
1409-
</PossiblyInvalidArgument>
1410-
<PossiblyInvalidCast occurrences="2">
1411-
<code>$params['sql']</code>
1406+
</MixedArgument>
1407+
<MixedAssignment occurrences="1">
14121408
<code>$query</code>
1413-
</PossiblyInvalidCast>
1409+
</MixedAssignment>
14141410
</file>
14151411
<file src="libraries/classes/Controllers/Database/Structure/AddPrefixController.php">
14161412
<MixedAssignment occurrences="2">
@@ -1668,7 +1664,7 @@
16681664
<code>$formattedOverhead</code>
16691665
<code>$formattedSize</code>
16701666
</InvalidScalarArgument>
1671-
<MixedArgument occurrences="36">
1667+
<MixedArgument occurrences="37">
16721668
<code>$checkTime</code>
16731669
<code>$checkTimeAll</code>
16741670
<code>$createTime</code>
@@ -1700,6 +1696,7 @@
17001696
<code>$replicaInfo['Ignore_Table']</code>
17011697
<code>$replicaInfo['Wild_Do_Table']</code>
17021698
<code>$replicaInfo['Wild_Ignore_Table']</code>
1699+
<code>$request-&gt;getParsedBodyParam('primary_connection')</code>
17031700
<code>$sumSize</code>
17041701
<code>$tableIsView</code>
17051702
<code>$truename</code>
@@ -1771,9 +1768,6 @@
17711768
<code>$currentTable['TABLE_NAME']</code>
17721769
<code>$currentTable['TABLE_ROWS']</code>
17731770
</MixedOperand>
1774-
<PossiblyInvalidArgument occurrences="1">
1775-
<code>$_POST['primary_connection'] ?? null</code>
1776-
</PossiblyInvalidArgument>
17771771
<PossiblyNullArrayAccess occurrences="8">
17781772
<code>$formattedOverhead</code>
17791773
<code>$formattedSize</code>
@@ -2192,7 +2186,8 @@
21922186
<MixedArrayAccess occurrences="1">
21932187
<code>$GLOBALS['language_stats'][$GLOBALS['lang']]</code>
21942188
</MixedArrayAccess>
2195-
<MixedAssignment occurrences="2">
2189+
<MixedAssignment occurrences="3">
2190+
<code>$GLOBALS['db']</code>
21962191
<code>$GLOBALS['errorUrl']</code>
21972192
<code>$GLOBALS['show_query']</code>
21982193
</MixedAssignment>
@@ -2334,6 +2329,11 @@
23342329
<code>$_GET['id']</code>
23352330
</PossiblyInvalidCast>
23362331
</file>
2332+
<file src="libraries/classes/Controllers/LintController.php">
2333+
<MixedAssignment occurrences="1">
2334+
<code>$options</code>
2335+
</MixedAssignment>
2336+
</file>
23372337
<file src="libraries/classes/Controllers/LogoutController.php">
23382338
<MixedAssignment occurrences="1">
23392339
<code>$GLOBALS['auth_plugin']</code>

0 commit comments

Comments
 (0)