Skip to content

Commit

Permalink
release 1.0.0 security fixes, php v8.1+
Browse files Browse the repository at this point in the history
  • Loading branch information
nategood committed May 1, 2024
1 parent 0cded3e commit 8bdc4f1
Show file tree
Hide file tree
Showing 20 changed files with 368 additions and 314 deletions.
59 changes: 59 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
on:
push:
branches:
- master
pull_request:
branches:
- master

defaults:
run:
shell: bash

jobs:
tests:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php:
- "8.1"
- "8.2"
- "8.3"
composer: [basic]
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Setup PHP
uses: shivammathur/[email protected]
with:
php-version: ${{ matrix.php }}
coverage: xdebug
extensions: zip
tools: composer

- name: Determine composer cache directory
id: composer-cache
run: echo "::set-output name=directory::$(composer config cache-dir)"

- name: Cache composer dependencies
uses: actions/[email protected]
with:
path: ${{ steps.composer-cache.outputs.directory }}
key: ${{ matrix.php }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ matrix.php }}-composer-

- name: Install dependencies
run: |
if [[ "${{ matrix.composer }}" == "lowest" ]]; then
composer update --prefer-dist --no-interaction --prefer-lowest --prefer-stable
fi;
if [[ "${{ matrix.composer }}" == "basic" ]]; then
composer update --prefer-dist --no-interaction
fi;
composer dump-autoload -o
- name: Run tests
run: |
php vendor/bin/phpunit -c phpunit.xml.dist
6 changes: 5 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,8 @@ composer.lock
vendor
downloads
.idea/*
tests/.phpunit.result.cache
.phpunit.result.cache
.phpunit.cache
/rector.php
/.vs
results
173 changes: 88 additions & 85 deletions README.md

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,6 @@
}
},
"require-dev": {
"phpunit/phpunit": "*"
"phpunit/phpunit": "^11.1"
}
}
14 changes: 7 additions & 7 deletions src/Httpful/Bootstrap.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@
class Bootstrap
{

const DIR_GLUE = DIRECTORY_SEPARATOR;
const NS_GLUE = '\\';
public const DIR_GLUE = DIRECTORY_SEPARATOR;
public const NS_GLUE = '\\';

public static $registered = false;

Expand All @@ -21,7 +21,7 @@ class Bootstrap
*/
public static function init()
{
spl_autoload_register(array('\Httpful\Bootstrap', 'autoload'));
spl_autoload_register(['\\' . \Httpful\Bootstrap::class, 'autoload']);
self::registerHandlers();
}

Expand All @@ -32,15 +32,15 @@ public static function init()
*/
public static function autoload($classname)
{
self::_autoload(dirname(dirname(__FILE__)), $classname);
self::_autoload(dirname(__FILE__,2), $classname);
}

/**
* Register the autoloader and any other setup needed
*/
public static function pharInit()
{
spl_autoload_register(array('\Httpful\Bootstrap', 'pharAutoload'));
spl_autoload_register(['\\' . \Httpful\Bootstrap::class, 'pharAutoload']);
self::registerHandlers();
}

Expand Down Expand Up @@ -78,12 +78,12 @@ public static function registerHandlers()

// @todo check a conf file to load from that instead of
// hardcoding into the library?
$handlers = array(
$handlers = [
\Httpful\Mime::JSON => new \Httpful\Handlers\JsonHandler(),
\Httpful\Mime::XML => new \Httpful\Handlers\XmlHandler(),
\Httpful\Mime::FORM => new \Httpful\Handlers\FormHandler(),
\Httpful\Mime::CSV => new \Httpful\Handlers\CsvHandler(),
);
];

foreach ($handlers as $mime => $handler) {
// Don't overwrite if the handler has already been registered
Expand Down
6 changes: 3 additions & 3 deletions src/Httpful/Handlers/CsvHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,13 @@ public function parse($body)
if (empty($body))
return null;

$parsed = array();
$parsed = [];
$fp = fopen('data://text/plain;base64,' . base64_encode($body), 'r');
while (($r = fgetcsv($fp)) !== FALSE) {
$parsed[] = $r;
}

if (empty($parsed))
if ($parsed === [])
throw new \Exception("Unable to parse response as CSV");
return $parsed;
}
Expand All @@ -33,7 +33,7 @@ public function parse($body)
* @param mixed $payload
* @return string
*/
public function serialize($payload)
public function serialize($payload): string
{
$fp = fopen('php://temp/maxmemory:'. (6*1024*1024), 'r+');
$i = 0;
Expand Down
4 changes: 2 additions & 2 deletions src/Httpful/Handlers/FormHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ class FormHandler extends MimeHandlerAdapter
*/
public function parse($body)
{
$parsed = array();
$parsed = [];
parse_str($body, $parsed);
return $parsed;
}
Expand All @@ -23,7 +23,7 @@ public function parse($body)
* @param mixed $payload
* @return string
*/
public function serialize($payload)
public function serialize($payload): string
{
return http_build_query($payload, null, '&');
}
Expand Down
4 changes: 2 additions & 2 deletions src/Httpful/Handlers/JsonHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ class JsonHandler extends MimeHandlerAdapter

public function init(array $args)
{
$this->decode_as_array = !!(array_key_exists('decode_as_array', $args) ? $args['decode_as_array'] : false);
$this->decode_as_array = (bool) ($args['decode_as_array'] ?? false);
}

/**
Expand All @@ -37,7 +37,7 @@ public function parse($body)
* @param mixed $payload
* @return string
*/
public function serialize($payload)
public function serialize($payload): string
{
return json_encode($payload);
}
Expand Down
10 changes: 5 additions & 5 deletions src/Httpful/Handlers/MimeHandlerAdapter.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@

class MimeHandlerAdapter
{
public function __construct(array $args = array())
public function __construct(array $args = [])
{
$this->init($args);
}
Expand All @@ -36,18 +36,18 @@ public function parse($body)
* @param mixed $payload
* @return string
*/
function serialize($payload)
function serialize($payload): string
{
return (string) $payload;
}

protected function stripBom($body)
protected function stripBom($body): string
{
if ( substr($body,0,3) === "\xef\xbb\xbf" ) // UTF-8
$body = substr($body,3);
else if ( substr($body,0,4) === "\xff\xfe\x00\x00" || substr($body,0,4) === "\x00\x00\xfe\xff" ) // UTF-32
elseif ( substr($body,0,4) === "\xff\xfe\x00\x00" || substr($body,0,4) === "\x00\x00\xfe\xff" ) // UTF-32
$body = substr($body,4);
else if ( substr($body,0,2) === "\xff\xfe" || substr($body,0,2) === "\xfe\xff" ) // UTF-16
elseif ( substr($body,0,2) === "\xff\xfe" || substr($body,0,2) === "\xfe\xff" ) // UTF-16
$body = substr($body,2);
return $body;
}
Expand Down
30 changes: 15 additions & 15 deletions src/Httpful/Handlers/XmlHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ class XmlHandler extends MimeHandlerAdapter
/**
* @param array $conf sets configuration options
*/
public function __construct(array $conf = array())
public function __construct(array $conf = [])
{
$this->namespace = isset($conf['namespace']) ? $conf['namespace'] : '';
$this->libxml_opts = isset($conf['libxml_opts']) ? $conf['libxml_opts'] : 0;
$this->namespace = $conf['namespace'] ?? '';
$this->libxml_opts = $conf['libxml_opts'] ?? 0;
}

/**
Expand All @@ -50,9 +50,9 @@ public function parse($body)
* @return string
* @throws \Exception if unable to serialize
*/
public function serialize($payload)
public function serialize($payload): string
{
list($_, $dom) = $this->_future_serializeAsXml($payload);
[$_, $dom] = $this->_future_serializeAsXml($payload);
return $dom->saveXml();
}

Expand All @@ -61,7 +61,7 @@ public function serialize($payload)
* @return string
* @author Ted Zellers
*/
public function serialize_clean($payload)
public function serialize_clean($payload): string
{
$xml = new \XMLWriter;
$xml->openMemory();
Expand All @@ -75,7 +75,7 @@ public function serialize_clean($payload)
* @param mixed $node to serialize
* @author Ted Zellers
*/
public function serialize_node(&$xmlw, $node){
public function serialize_node(&$xmlw, $node) {
if (!is_array($node)){
$xmlw->text($node);
} else {
Expand All @@ -90,7 +90,7 @@ public function serialize_node(&$xmlw, $node){
/**
* @author Zack Douglas <[email protected]>
*/
private function _future_serializeAsXml($value, $node = null, $dom = null)
private function _future_serializeAsXml($value, $node = null, $dom = null): array
{
if (!$dom) {
$dom = new \DOMDocument;
Expand All @@ -107,21 +107,21 @@ private function _future_serializeAsXml($value, $node = null, $dom = null)
$objNode = $dom->createElement(get_class($value));
$node->appendChild($objNode);
$this->_future_serializeObjectAsXml($value, $objNode, $dom);
} else if (is_array($value)) {
} elseif (is_array($value)) {
$arrNode = $dom->createElement('array');
$node->appendChild($arrNode);
$this->_future_serializeArrayAsXml($value, $arrNode, $dom);
} else if (is_bool($value)) {
} elseif (is_bool($value)) {
$node->appendChild($dom->createTextNode($value?'TRUE':'FALSE'));
} else {
$node->appendChild($dom->createTextNode($value));
}
return array($node, $dom);
return [$node, $dom];
}
/**
* @author Zack Douglas <[email protected]>
*/
private function _future_serializeArrayAsXml($value, &$parent, &$dom)
private function _future_serializeArrayAsXml($value, &$parent, &$dom): array
{
foreach ($value as $k => &$v) {
$n = $k;
Expand All @@ -132,12 +132,12 @@ private function _future_serializeArrayAsXml($value, &$parent, &$dom)
$parent->appendChild($el);
$this->_future_serializeAsXml($v, $el, $dom);
}
return array($parent, $dom);
return [$parent, $dom];
}
/**
* @author Zack Douglas <[email protected]>
*/
private function _future_serializeObjectAsXml($value, &$parent, &$dom)
private function _future_serializeObjectAsXml($value, &$parent, &$dom): array
{
$refl = new \ReflectionObject($value);
foreach ($refl->getProperties() as $pr) {
Expand All @@ -147,6 +147,6 @@ private function _future_serializeObjectAsXml($value, &$parent, &$dom)
$this->_future_serializeAsXml($pr->getValue($value), $el, $dom);
}
}
return array($parent, $dom);
return [$parent, $dom];
}
}
Loading

0 comments on commit 8bdc4f1

Please sign in to comment.