From 5c2fafa05faf532ab6e7ccde0ffadd8c984671fb Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Fri, 27 Feb 2015 13:05:57 +0100
Subject: [PATCH] Read from IRequest instead of reading twice

Potentially fixes https://github.com/owncloud/core/issues/14541 and https://github.com/owncloud/core/issues/14506
---
 lib/private/api.php          | 10 +++--
 lib/private/ocs.php          |  1 -
 lib/private/server.php       | 86 +++++++++++++++++-------------------
 tests/lib/templatelayout.php | 72 ------------------------------
 4 files changed, 47 insertions(+), 122 deletions(-)
 delete mode 100644 tests/lib/templatelayout.php

diff --git a/lib/private/api.php b/lib/private/api.php
index c58d2620684..804d9346842 100644
--- a/lib/private/api.php
+++ b/lib/private/api.php
@@ -84,11 +84,13 @@ class OC_API {
 	 * @param array $parameters
 	 */
 	public static function call($parameters) {
+		$request = \OC::$server->getRequest();
+
 		// Prepare the request variables
-		if($_SERVER['REQUEST_METHOD'] == 'PUT') {
-			parse_str(file_get_contents("php://input"), $parameters['_put']);
-		} else if($_SERVER['REQUEST_METHOD'] == 'DELETE') {
-			parse_str(file_get_contents("php://input"), $parameters['_delete']);
+		if($request->getMethod() === 'PUT') {
+			$parameters['_put'] = $request->getParams();
+		} else if($request->getMethod() === 'DELETE') {
+			$parameters['_delete'] = $request->getParams();
 		}
 		$name = $parameters['_route'];
 		// Foreach registered action
diff --git a/lib/private/ocs.php b/lib/private/ocs.php
index bbe642a247d..d43811e339b 100644
--- a/lib/private/ocs.php
+++ b/lib/private/ocs.php
@@ -76,7 +76,6 @@ class OC_OCS {
 			$method='get';
 		}elseif($_SERVER['REQUEST_METHOD'] == 'PUT') {
 			$method='put';
-			parse_str(file_get_contents("php://input"), $put_vars);
 		}elseif($_SERVER['REQUEST_METHOD'] == 'POST') {
 			$method='post';
 		}else{
diff --git a/lib/private/server.php b/lib/private/server.php
index a16854d6288..18d996537e2 100644
--- a/lib/private/server.php
+++ b/lib/private/server.php
@@ -268,6 +268,46 @@ class Server extends SimpleContainer implements IServerContainer {
 		$this->registerService('TrustedDomainHelper', function ($c) {
 			return new TrustedDomainHelper($this->getConfig());
 		});
+		$this->registerService('Request', function ($c) {
+			if (isset($this['urlParams'])) {
+				$urlParams = $this['urlParams'];
+			} else {
+				$urlParams = [];
+			}
+
+			if ($this->getSession()->exists('requesttoken')) {
+				$requestToken = $this->getSession()->get('requesttoken');
+			} else {
+				$requestToken = false;
+			}
+
+			if (defined('PHPUNIT_RUN') && PHPUNIT_RUN
+				&& in_array('fakeinput', stream_get_wrappers())
+			) {
+				$stream = 'fakeinput://data';
+			} else {
+				$stream = 'php://input';
+			}
+
+			return new Request(
+				[
+					'get' => $_GET,
+					'post' => $_POST,
+					'files' => $_FILES,
+					'server' => $_SERVER,
+					'env' => $_ENV,
+					'cookies' => $_COOKIE,
+					'method' => (isset($_SERVER) && isset($_SERVER['REQUEST_METHOD']))
+						? $_SERVER['REQUEST_METHOD']
+						: null,
+					'urlParams' => $urlParams,
+					'requesttoken' => $requestToken,
+				],
+				$this->getSecureRandom(),
+				$this->getConfig(),
+				$stream
+			);
+		});
 	}
 
 	/**
@@ -282,54 +322,10 @@ class Server extends SimpleContainer implements IServerContainer {
 	 * currently being processed is returned from this method.
 	 * In case the current execution was not initiated by a web request null is returned
 	 *
-	 * FIXME: This should be queried as well. However, due to our totally awesome
-	 * static code a lot of tests do stuff like $_SERVER['foo'] which obviously
-	 * will not work with that approach. We even have some integration tests in our
-	 * unit tests which setup a complete webserver. Once the code is all non-static
-	 * or we don't have such mixed integration/unit tests setup anymore this can
-	 * get moved out again.
-	 *
 	 * @return \OCP\IRequest|null
 	 */
 	function getRequest() {
-		if (isset($this['urlParams'])) {
-			$urlParams = $this['urlParams'];
-		} else {
-			$urlParams = array();
-		}
-
-		if ($this->getSession()->exists('requesttoken')) {
-			$requestToken = $this->getSession()->get('requesttoken');
-		} else {
-			$requestToken = false;
-		}
-
-		if (defined('PHPUNIT_RUN') && PHPUNIT_RUN
-			&& in_array('fakeinput', stream_get_wrappers())
-		) {
-			$stream = 'fakeinput://data';
-		} else {
-			$stream = 'php://input';
-		}
-
-		return new Request(
-			[
-				'get' => $_GET,
-				'post' => $_POST,
-				'files' => $_FILES,
-				'server' => $_SERVER,
-				'env' => $_ENV,
-				'cookies' => $_COOKIE,
-				'method' => (isset($_SERVER) && isset($_SERVER['REQUEST_METHOD']))
-					? $_SERVER['REQUEST_METHOD']
-					: null,
-				'urlParams' => $urlParams,
-				'requesttoken' => $requestToken,
-			],
-			$this->getSecureRandom(),
-			$this->getConfig(),
-			$stream
-		);
+		return $this->query('Request');
 	}
 
 	/**
diff --git a/tests/lib/templatelayout.php b/tests/lib/templatelayout.php
deleted file mode 100644
index c23aaa9b762..00000000000
--- a/tests/lib/templatelayout.php
+++ /dev/null
@@ -1,72 +0,0 @@
-<?php
-/**
- * Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>
- * This file is licensed under the Affero General Public License version 3 or
- * later.
- * See the COPYING-README file.
- */
-
-namespace OC\Test;
-
-/**
- * @package OC\Test
- */
-class OC_TemplateLayout extends \Test\TestCase {
-
-	private $oldServerURI;
-	private $oldScriptName;
-
-	protected function setUp() {
-		parent::setUp();
-
-		$this->oldServerURI = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : null;
-		$this->oldScriptName = $_SERVER['SCRIPT_NAME'];
-	}
-
-	protected function tearDown() {
-		if ($this->oldServerURI === null) {
-			unset($_SERVER['REQUEST_URI']);
-		} else {
-			$_SERVER['REQUEST_URI'] = $this->oldServerURI;
-		}
-		$_SERVER['SCRIPT_NAME'] = $this->oldScriptName;
-
-		parent::tearDown();
-	}
-
-	/**
-	 * Contains valid file paths in the scheme array($absolutePath, $expectedPath)
-	 * @return array
-	 */
-	public function validFilePathProvider() {
-		return array(
-			array(\OC::$SERVERROOT . '/apps/files/js/fancyJS.js', '/apps/files/js/fancyJS.js'),
-			array(\OC::$SERVERROOT. '/test.js', '/test.js'),
-			array(\OC::$SERVERROOT . '/core/test.js', '/core/test.js'),
-			array(\OC::$SERVERROOT, ''),
-		);
-	}
-
-	/**
-	 * @dataProvider validFilePathProvider
-	 */
-	public function testConvertToRelativePath($absolutePath, $expected) {
-		$_SERVER['REQUEST_URI'] = $expected;
-		$_SERVER['SCRIPT_NAME'] = $expected;
-
-		$relativePath = \Test_Helper::invokePrivate(new \OC_TemplateLayout('user'), 'convertToRelativePath', array($absolutePath));
-		$this->assertEquals($expected, $relativePath);
-	}
-
-	/**
-	 * @expectedException \Exception
-	 * @expectedExceptionMessage $filePath is not under the \OC::$SERVERROOT
-	 */
-	public function testInvalidConvertToRelativePath() {
-		$invalidFile = '/this/file/is/invalid';
-		$_SERVER['REQUEST_URI'] = $invalidFile;
-		$_SERVER['SCRIPT_NAME'] = '/';
-
-		\Test_Helper::invokePrivate(new \OC_TemplateLayout('user'), 'convertToRelativePath', array($invalidFile));
-	}
-}
-- 
GitLab