Verify if a valid http query string after run parse_str.

Save body request as a property.
2025-02-20 08:22:47 -03:00 · 2025-02-20 08:22:37 -03:00
1 changed files with 6 additions and 3 deletions
--- a/src/Libs/Request.php
+++ b/src/Libs/Request.php
@ -22,6 +22,7 @@ class Request extends Neuron  {
    public Neuron $params;
    public string $path;
    public string $error;
+    public string $body;
    public array  $next;

    /**
@ -37,16 +38,18 @@ class Request extends Neuron  {
        $this->put    = new Neuron();
        $this->patch  = new Neuron();
        $this->delete = new Neuron();
+        $this->body   = file_get_contents("php://input");

        $contentType = isset($_SERVER["CONTENT_TYPE"]) ? trim($_SERVER["CONTENT_TYPE"]) : '';
        if ($contentType === "application/json")
            $this->json = new Neuron(
-                (object) json_decode(trim(file_get_contents("php://input")), false)
+                (object) json_decode(trim($this->body), false)
            );
        else {
            $this->json   = new Neuron();
-            if (in_array($_SERVER['REQUEST_METHOD'], ['PUT', 'PATCH', 'DELETE'])) {
-                parse_str(file_get_contents("php://input"), $input_vars);
+            if (in_array($_SERVER['REQUEST_METHOD'], ['PUT', 'PATCH', 'DELETE']) &&
+                preg_match('/^[^;?\/:@&=+$,]{1,255}[=]/', $this->body, $matches)) { // Con la expresión regular verificamos que sea un http query string válido y evitamos errores de memoria en caso de que el body tenga algo más grande que eso.
+                parse_str($this->body, $input_vars);
                $this->{strtolower($_SERVER['REQUEST_METHOD'])} = new Neuron($input_vars);
            }
        }
Author	SHA1	Message	Date
kj	d0d0d4dc76	Verify if a valid http query string after run parse_str.	2025-02-20 08:22:47 -03:00
kj	595e9c1316	Save body request as a property.	2025-02-20 08:22:37 -03:00