Skip to content

Commit 73c783a

Browse files
committed
[HttpFoundation] deprecated finding deep items in Request and ParameterBag
1 parent ce3b8fd commit 73c783a

11 files changed

+157
-18
lines changed

src/Symfony/Component/HttpFoundation/ParameterBag.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -99,9 +99,15 @@ public function add(array $parameters = array())
9999
* @throws \InvalidArgumentException
100100
*
101101
* @api
102+
*
103+
* @deprecated Finding deep items is deprecated since version 2.7, to be removed in 3.0.
102104
*/
103105
public function get($path, $default = null, $deep = false)
104106
{
107+
if (true === $deep) {
108+
trigger_error('Using paths to find deeper items in '.__METHOD__.' is deprecated since version 2.7 and will be removed in 3.0. Filter the returned value in your own code instead.', E_USER_DEPRECATED);
109+
}
110+
105111
if (!$deep || false === $pos = strpos($path, '[')) {
106112
return array_key_exists($path, $this->parameters) ? $this->parameters[$path] : $default;
107113
}

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -743,9 +743,15 @@ public static function getHttpMethodParameterOverride()
743743
* @param bool $deep is parameter deep in multidimensional array
744744
*
745745
* @return mixed
746+
*
747+
* @deprecated Finding deep items is deprecated since version 2.7, to be removed in 3.0.
746748
*/
747749
public function get($key, $default = null, $deep = false)
748750
{
751+
if (true === $deep) {
752+
trigger_error('Using paths to find deeper items in '.__METHOD__.' is deprecated since version 2.7 and will be removed in 3.0. Filter the returned value in your own code instead.', E_USER_DEPRECATED);
753+
}
754+
749755
if ($this !== $result = $this->query->get($key, $this, $deep)) {
750756
return $result;
751757
}

src/Symfony/Component/HttpFoundation/Tests/ParameterBagTest.php

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -86,11 +86,14 @@ public function testGetDoesNotUseDeepByDefault()
8686
}
8787

8888
/**
89+
* @group legacy
8990
* @dataProvider getInvalidPaths
9091
* @expectedException \InvalidArgumentException
9192
*/
92-
public function testGetDeepWithInvalidPaths($path)
93+
public function testLegacyGetDeepWithInvalidPaths($path)
9394
{
95+
$this->iniSet('error_reporting', -1 & ~E_USER_DEPRECATED);
96+
9497
$bag = new ParameterBag(array('foo' => array('bar' => 'moo')));
9598

9699
$bag->get($path, null, true);
@@ -106,8 +109,13 @@ public function getInvalidPaths()
106109
);
107110
}
108111

109-
public function testGetDeep()
112+
/**
113+
* @group legacy
114+
*/
115+
public function testLegacyGetDeep()
110116
{
117+
$this->iniSet('error_reporting', -1 & ~E_USER_DEPRECATED);
118+
111119
$bag = new ParameterBag(array('foo' => array('bar' => array('moo' => 'boo'))));
112120

113121
$this->assertEquals(array('moo' => 'boo'), $bag->get('foo[bar]', null, true));

src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
use Symfony\Component\Security\Core\Exception\AuthenticationException;
1818
use Symfony\Component\Security\Core\Security;
1919
use Symfony\Component\Security\Http\HttpUtils;
20+
use Symfony\Component\Security\Http\Util\RequestUtils;
2021

2122
/**
2223
* Class with the default authentication failure handling logic.
@@ -82,7 +83,7 @@ public function setOptions(array $options)
8283
*/
8384
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
8485
{
85-
if ($failureUrl = $request->get($this->options['failure_path_parameter'], null, true)) {
86+
if ($failureUrl = RequestUtils::getDeepParameter($request, $this->options['failure_path_parameter'])) {
8687
$this->options['failure_path'] = $failureUrl;
8788
}
8889

src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
1515
use Symfony\Component\HttpFoundation\Request;
1616
use Symfony\Component\Security\Http\HttpUtils;
17+
use Symfony\Component\Security\Http\Util\RequestUtils;
1718

1819
/**
1920
* Class with the default authentication success handling logic.
@@ -108,7 +109,7 @@ protected function determineTargetUrl(Request $request)
108109
return $this->options['default_target_path'];
109110
}
110111

111-
if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
112+
if ($targetUrl = RequestUtils::getDeepParameter($request, $this->options['target_path_parameter'])) {
112113
return $targetUrl;
113114
}
114115

src/Symfony/Component/Security/Http/Firewall/LogoutListener.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
use Symfony\Component\Security\Http\HttpUtils;
2525
use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface;
2626
use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
27+
use Symfony\Component\Security\Http\Util\RequestUtils;
2728

2829
/**
2930
* LogoutListener logout users.
@@ -98,7 +99,7 @@ public function handle(GetResponseEvent $event)
9899
}
99100

100101
if (null !== $this->csrfTokenManager) {
101-
$csrfToken = $request->get($this->options['csrf_parameter'], null, true);
102+
$csrfToken = RequestUtils::getDeepParameter($request, $this->options['csrf_parameter']);
102103

103104
if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['intention'], $csrfToken))) {
104105
throw new LogoutException('Invalid CSRF token.');

src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@
2828
use Symfony\Component\Security\Http\HttpUtils;
2929
use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
3030
use Psr\Log\LoggerInterface;
31+
use Symfony\Component\Security\Http\Util\RequestUtils;
3132

3233
/**
3334
* @author Jordi Boggiano <j.boggiano@seld.be>
@@ -101,19 +102,19 @@ protected function requiresAuthentication(Request $request)
101102
protected function attemptAuthentication(Request $request)
102103
{
103104
if (null !== $this->csrfTokenManager) {
104-
$csrfToken = $request->get($this->options['csrf_parameter'], null, true);
105+
$csrfToken = RequestUtils::getDeepParameter($request, $this->options['csrf_parameter']);
105106

106107
if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['intention'], $csrfToken))) {
107108
throw new InvalidCsrfTokenException('Invalid CSRF token.');
108109
}
109110
}
110111

111112
if ($this->options['post_only']) {
112-
$username = trim($request->request->get($this->options['username_parameter'], null, true));
113-
$password = $request->request->get($this->options['password_parameter'], null, true);
113+
$username = trim(RequestUtils::getDeepPostParameter($request, $this->options['username_parameter']));
114+
$password = RequestUtils::getDeepPostParameter($request, $this->options['password_parameter']);
114115
} else {
115-
$username = trim($request->get($this->options['username_parameter'], null, true));
116-
$password = $request->get($this->options['password_parameter'], null, true);
116+
$username = trim(RequestUtils::getDeepParameter($request, $this->options['username_parameter']));
117+
$password = RequestUtils::getDeepParameter($request, $this->options['password_parameter']);
117118
}
118119

119120
$request->getSession()->set(Security::LAST_USERNAME, $username);

src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@
2828
use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
2929
use Symfony\Component\Security\Core\Security;
3030
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
31+
use Symfony\Component\Security\Http\Util\RequestUtils;
3132

3233
/**
3334
* UsernamePasswordFormAuthenticationListener is the default implementation of
@@ -76,19 +77,19 @@ protected function requiresAuthentication(Request $request)
7677
protected function attemptAuthentication(Request $request)
7778
{
7879
if (null !== $this->csrfTokenManager) {
79-
$csrfToken = $request->get($this->options['csrf_parameter'], null, true);
80+
$csrfToken = RequestUtils::getDeepParameter($request, $this->options['csrf_parameter']);
8081

8182
if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['intention'], $csrfToken))) {
8283
throw new InvalidCsrfTokenException('Invalid CSRF token.');
8384
}
8485
}
8586

8687
if ($this->options['post_only']) {
87-
$username = trim($request->request->get($this->options['username_parameter'], null, true));
88-
$password = $request->request->get($this->options['password_parameter'], null, true);
88+
$username = trim(RequestUtils::getDeepPostParameter($request, $this->options['username_parameter']));
89+
$password = RequestUtils::getDeepPostParameter($request, $this->options['password_parameter']);
8990
} else {
90-
$username = trim($request->get($this->options['username_parameter'], null, true));
91-
$password = $request->get($this->options['password_parameter'], null, true);
91+
$username = trim(RequestUtils::getDeepParameter($request, $this->options['username_parameter']));
92+
$password = RequestUtils::getDeepParameter($request, $this->options['password_parameter']);
9293
}
9394

9495
$request->getSession()->set(Security::LAST_USERNAME, $username);

src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323
use Symfony\Component\HttpFoundation\Request;
2424
use Symfony\Component\HttpFoundation\Cookie;
2525
use Psr\Log\LoggerInterface;
26+
use Symfony\Component\Security\Http\Util\RequestUtils;
2627

2728
/**
2829
* Base class implementing the RememberMeServicesInterface.
@@ -301,7 +302,7 @@ protected function isRememberMeRequested(Request $request)
301302
return true;
302303
}
303304

304-
$parameter = $request->get($this->options['remember_me_parameter'], null, true);
305+
$parameter = RequestUtils::getDeepParameter($request, $this->options['remember_me_parameter']);
305306

306307
if (null === $parameter && null !== $this->logger) {
307308
$this->logger->debug('Did not send remember-me cookie.', array('parameter' => $this->options['remember_me_parameter']));

src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -145,7 +145,7 @@ public function testFailurePathCanBeOverwritten()
145145
public function testFailurePathCanBeOverwrittenWithRequest()
146146
{
147147
$this->request->expects($this->once())
148-
->method('get')->with('_failure_path', null, true)
148+
->method('get')->with('_failure_path', null, false)
149149
->will($this->returnValue('/auth/login'));
150150

151151
$this->httpUtils->expects($this->once())
@@ -160,7 +160,7 @@ public function testFailurePathParameterCanBeOverwritten()
160160
$options = array('failure_path_parameter' => '_my_failure_path');
161161

162162
$this->request->expects($this->once())
163-
->method('get')->with('_my_failure_path', null, true)
163+
->method('get')->with('_my_failure_path', null, false)
164164
->will($this->returnValue('/auth/login'));
165165

166166
$this->httpUtils->expects($this->once())

0 commit comments

Comments
 (0)