Where possible scripts should as quickly as possible check for any needed variables and exit if these are missing. The advantage of exiting if they are missing is to minimise PHP warnings and fatal errors.
New code must use one of these methods to to access all variables passed to a page. |
The param class contains 4 methods that can be used to check and clean variables passed to a page:
param::clean($value, $type)
Parameter | Type | Explanation |
---|---|---|
$value | mixed | The value that should be cleaned |
$type | int | The type that $value should be cleaned as. It should be passed as one of the param class constants, i.e. param::FLOAT |
The cleaned value will be returned, or null if it does not match the type passed.
$val1 = 'Test1 String'; echo param::clean($val1, param::ALPHA); // 'Test String' echo param::clean($val1, param::ALPHANUM); // 'Test1 String' echo param::clean($val1, param::INT); // null $val2 = '2'; echo param::clean($val2, param::ALPHANUM); // '2' echo param::clean($val2, param::INT); // 2 echo param::clean($val2, param::FLOAT); // 2 $val3 = '2.1'; echo param::clean($val3, param::ALPHANUM); // '2.1' echo param::clean($val3, param::INT); // null echo param::clean($val3, param::FLOAT); // 2.1 |
param::clean_array($value, $type, $required)
Parameter | Type | Explanation |
---|---|---|
$value | array | The array that should be cleaned |
$type | int | The type that $value should be cleaned as. It should be passed as one of the param class constants, i.e. param::FLOAT |
$required | boolean | Default: false. If true and a parameter in the array is not of the required type an exception will be thrown. |
Returns an array containing only values of the appropriate type, if required is true a MissingParameter exception will be thrown if any value of the array is not of the required type.
$array = array( '3', '4.2', array( '769', ), ); $clean = param::clean_array($array, param::INT); // Returns: array('3', null, array('769')) $clean = param::clean_array($array, param::INT, true); // Throws a MissingParameter exception. |
param::required($name, $type, $from)
Parameter | Type | Explanation |
---|---|---|
$name | string | The name of the parameter to be retrieved |
$type | int | The type that $value should be cleaned as. It should be passed as one of the param class constants, i.e. param::FLOAT |
$from | string | Default: param::FETCH_REQUEST. Should be one of: param::FETCH_GET, param::FETCH_POST or param::FETCH_REQUEST |
Returns the value of the parameter if it is set, throws a MissingParameter exception if the value is either not set, or invalid for the type.
try { $id = param::required('id', param::INT); // Look for the id parameter in both _GET and _POST $paperid = param::required('paperID', param::INT, param::FETCH_GET); // Look for paperID in _GET $moduleid = param::required('module', param::INT, param::FETCH_POST); // Look for module in _POST } catch (MissingParameter $e) { // Do something when the parameter is not present. } |
param::optional($name, $default, $type, $from)
Parameter | Type | Explanation |
---|---|---|
$name | string | The name of the parameter to be retrieved |
$default | mixed | The value that should be returned if the parameter is not set, or not of the correct type. |
$type | int | The type that $value should be cleaned as. It should be passed as one of the param class constants, i.e. param::FLOAT |
$from | string | Default: param::FETCH_REQUEST. Should be one of: param::FETCH_GET, param::FETCH_POST or param::FETCH_REQUEST |
Returns a value
$username = param::optional('user', null, param::ALPHANUM); if (!is_null($username)) { // Do something with the username. } |
check_var($name, $method, $mandatory, $headers, $return_var, $type)
Parameter | Type | Explanation |
---|---|---|
$name | string | The name of the parameter to be retrieved |
$method | string|array | Should be one of: param::FETCH_GET, param::FETCH_POST, param::FETCH_REQUEST, or an array |
$mandatory | boolean | If true then exit if the variable does not exist |
$headers | boolean | If true then output HTML header code on a failure |
$return_var | boolean | If true return the value of the tested variable back |
$type | int | Default: param::RAW. The type that $value should be cleaned as. It should be passed as one of the param class constants. (Since Rogo 6.3.0) |
To check for variables include:
require_once '../include/errors.inc';
To check for a specific variable use:
$labID = check_var('labID', 'POST', true, false, true);
This will look for a variable ('labID') that was submitted using POST and if exists will assign to the local variable `$labID`. If $_POST'labID'] does not exist then a warning is set to the user interface and the script will exit.
For security reasons the warning 'Page not Found' is used in situations where a) the current user is not authorised to see the current page, and b) what is being requested is not found in the database (e.g. paperID=9999999999). This is a security principle so that users do not sniff around to see what data exists and what does not.
Access denied failures are recorded by using the record_access_denied()
function which will write to denied_log table. This is useful for SysAdmin users to pick up any patterns of users 'attacking' the system.
Staff screens can use the internal paper number (e.g. PaperID) and it is OK to pass this around as a GET parameter on URLs. However, any student accessible screen should use 'crypt_name' so that IDs are not guessable.
Rogo has a number of MySQL users with various permissions. After a successful authentication Rogo will switch to an appropriate MySQL user based on the role of the user held within Rogo. So, for example, a member of staff user will use a staff database role and a student a student role. Within the database the permissions that a staff user has on the individual MySQL tables is more extensive than a student. The advantage of this architecture is that a rouge script that tries to do something is should not (i.e. student deleting a user record) will not have the correct database permissions to do so.