6 use SL::MoreCommon qw(uri_encode uri_decode);
7 use List::Util qw(first max min sum);
8 use List::MoreUtils qw(all any apply);
11 $::lxdebug->enter_sub(2);
13 my ($target, $key, $value) = @_;
14 my @tokens = split /((?:\[\+?\])?(?:\.|$))/, $key;
18 $curr = \ $target->{ shift @tokens };
22 my $sep = shift @tokens;
23 my $key = shift @tokens;
25 $curr = \ $$curr->[++$#$$curr], next if $sep eq '[]';
26 $curr = \ $$curr->[max 0, $#$$curr] if $sep eq '[].';
27 $curr = \ $$curr->[++$#$$curr] if $sep eq '[+].';
28 $curr = \ $$curr->{$key}
33 $::lxdebug->leave_sub(2);
39 $::lxdebug->enter_sub(2);
41 my ($target, $input) = @_;
42 my @pairs = split(/&/, $input);
45 my ($key, $value) = split(/=/, $_, 2);
46 _store_value($target, uri_decode($key), uri_decode($value)) if ($key);
49 $::lxdebug->leave_sub(2);
52 sub _parse_multipart_formdata {
53 my ($target, $temp_target, $input) = @_;
54 my ($name, $filename, $headers_done, $content_type, $boundary_found, $need_cr, $previous, $p_attachment, $encoding, $transfer_encoding);
56 # We SHOULD honor encodings and transfer-encodings here, but as hard as I
57 # looked I couldn't find a reasonably recent webbrowser that makes use of
58 # these. Transfer encoding just eats up bandwidth...
60 # so all I'm going to do is add a fail safe that if anyone ever encounters
61 # this, it's going to croak so that debugging is easier
62 $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data\s*;\s*boundary\s*=\s*(.+)$/;
63 my $boundary = '--' . $1;
65 foreach my $line (split m/\n/, $input) {
66 last if (($line eq "${boundary}--") || ($line eq "${boundary}--\r"));
68 if (($line eq $boundary) || ($line eq "$boundary\r")) {
69 ${ $previous } =~ s|\r?\n$|| if $previous;
70 ${ $previous } = Encode::decode($encoding, $$previous) if $previous && !$filename && !$transfer_encoding eq 'binary';
76 $content_type = "text/plain";
79 $encoding = $::lx_office_conf{system}->{dbcharset} || Common::DEFAULT_CHARSET;
80 $transfer_encoding = undef;
85 next unless $boundary_found;
88 $line =~ s/[\r\n]*$//;
95 if ($line =~ m|^content-disposition\s*:.*?form-data\s*;|i) {
96 if ($line =~ m|filename\s*=\s*"(.*?)"|i) {
98 substr $line, $-[0], $+[0] - $-[0], "";
101 if ($line =~ m|name\s*=\s*"(.*?)"|i) {
103 substr $line, $-[0], $+[0] - $-[0], "";
107 # legacy, some old upload routines expect this to be here
108 $temp_target->{FILENAME} = $filename if defined $filename;
110 # name can potentially be both a normal variable or a file upload
111 # a file upload can be identified by its "filename" attribute
112 # the thing is, if a [+] clause vivifies atructur in one of the
113 # branches it must be done in both, or subsequent "[]" will fail
114 my $temp_target_slot = _store_value($temp_target, $name);
115 my $target_slot = _store_value($target, $name);
117 # set the reference for appending of multiline data to the correct one
118 $previous = defined $filename ? $target_slot : $temp_target_slot;
120 # for multiple uploads: save the attachments in a SL/Mailer like structure
121 if (defined $filename) {
122 my $target_attachment = _store_value($target, "ATTACHMENTS.$name", {});
123 my $temp_target_attachment = _store_value($temp_target, "ATTACHMENTS.$name", {});
125 $$target_attachment->{data} = $previous;
126 $$temp_target_attachment->{filename} = $filename;
128 $p_attachment = $$temp_target_attachment;
135 if ($line =~ m|^content-type\s*:\s*(.*?)[;\$]|i) {
137 $p_attachment->{content_type} = $1;
139 if ($content_type =~ /^text/ && $line =~ m|;\s*charset\s*:\s*("?)(.*?)\1$|i) {
146 if ($line =~ m|^content-transfer-encoding\s*=\s*(.*?)$|i) {
147 $transfer_encoding = lc($1);
148 if ($transfer_encoding && $transfer_encoding !~ /^[78]bit|binary$/) {
149 die 'Transfer encodings beyond 7bit/8bit and binary are not implemented.';
151 $p_attachment->{transfer_encoding} = $transfer_encoding;
159 next unless $previous;
161 ${ $previous } .= "${line}\n";
164 ${ $previous } =~ s|\r?\n$|| if $previous;
166 $::lxdebug->leave_sub(2);
169 sub _recode_recursively {
170 $::lxdebug->enter_sub;
171 my ($iconv, $from, $to) = @_;
173 if (any { ref $from eq $_ } qw(Form HASH)) {
174 for my $key (keys %{ $from }) {
175 if (!ref $from->{$key}) {
176 # Workaround for a bug: converting $from->{$key} directly
177 # leads to 'undef'. I don't know why. Converting a copy works,
179 $to->{$key} = $iconv->convert("" . $from->{$key}) if defined $from->{$key} && !defined $to->{$key};
181 $to->{$key} ||= {} if 'HASH' eq ref $from->{$key};
182 $to->{$key} ||= [] if 'ARRAY' eq ref $from->{$key};
183 _recode_recursively($iconv, $from->{$key}, $to->{$key});
187 } elsif (ref $from eq 'ARRAY') {
188 foreach my $idx (0 .. scalar(@{ $from }) - 1) {
189 if (!ref $from->[$idx]) {
190 # Workaround for a bug: converting $from->[$idx] directly
191 # leads to 'undef'. I don't know why. Converting a copy works,
193 $to->[$idx] = $iconv->convert("" . $from->[$idx]);
195 $to->[$idx] ||= {} if 'HASH' eq ref $from->[$idx];
196 $to->[$idx] ||= [] if 'ARRAY' eq ref $from->[$idx];
197 _recode_recursively($iconv, $from->[$idx], $to->[$idx]);
201 $main::lxdebug->leave_sub();
205 $::lxdebug->enter_sub;
208 my $db_charset = $::lx_office_conf{system}->{dbcharset} || Common::DEFAULT_CHARSET;
210 # yes i know, copying all those values around isn't terribly efficient, but
211 # the old version of dumping everything into form and then launching a
212 # tactical recode nuke at the data is still worse.
214 # this way the data can at least be recoded on the fly as soon as we get to
215 # know the source encoding and only in the cases where encoding may be hidden
216 # among the payload we take the hit of copying the request around
217 my $temp_target = { };
219 # since both of these can potentially bring their encoding in INPUT_ENCODING
220 # they get dumped into temp_target
221 _input_to_hash($temp_target, $ENV{QUERY_STRING}) if $ENV{QUERY_STRING};
222 _input_to_hash($temp_target, $ARGV[0]) if @ARGV && $ARGV[0];
224 if ($ENV{CONTENT_LENGTH}) {
226 read STDIN, $content, $ENV{CONTENT_LENGTH};
227 if ($ENV{'CONTENT_TYPE'} && $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/) {
228 # multipart formdata can bring it's own encoding, so give it both
229 # and let ti decide on it's own
230 _parse_multipart_formdata($target, $temp_target, $content);
232 # normal encoding must be recoded
233 _input_to_hash($temp_target, $content);
237 my $encoding = delete $temp_target->{INPUT_ENCODING} || $db_charset;
239 _recode_recursively(SL::Iconv->new($encoding, $db_charset), $temp_target => $target) if keys %$target;
241 if ($target->{RESTORE_FORM_FROM_SESSION_ID}) {
243 $::auth->restore_form_from_session(delete $target->{RESTORE_FORM_FROM_SESSION_ID}, form => \%temp_form);
244 _store_value($target, $_, $temp_form{$_}) for keys %temp_form;
247 $::lxdebug->leave_sub;
258 SL::Form.pm - main data object.
262 This module handles unpacking of cgi parameters. usually you donÄt want to call
263 anything in here directly,
265 SL::Request::read_cgi_input($target_hash_ref);
267 =head1 SPECIAL FUNCTIONS
269 =head2 C<_store_value()>
271 parses a complex var name, and stores it in the form.
274 $form->_store_value($key, $value);
276 keys must start with a string, and can contain various tokens.
277 supported key structures are:
280 simple key strings work as expected
285 separating two keys by a dot (.) will result in a hash lookup for the inner value
286 this is similar to the behaviour of java and templating mechanisms.
288 filter.description => $form->{filter}->{description}
290 3. array+hashref access
292 adding brackets ([]) before the dot will cause the next hash to be put into an array.
293 using [+] instead of [] will force a new array index. this is useful for recurring
294 data structures like part lists. put a [+] into the first varname, and use [] on the
297 repeating these names in your template:
300 invoice.items[].parts_id
304 $form->{invoice}->{items}->[
318 using brackets at the end of a name will result in a pure array to be created.
319 note that you mustn't use [+], which is reserved for array+hash access and will
320 result in undefined behaviour in array context.
322 filter.status[] => $form->{status}->[ val1, val2, ... ]