From 87796a09799b0bfa37ec52475c25cbb5c5b46349 Mon Sep 17 00:00:00 2001 From: Paulo Esteves Date: Tue, 26 Sep 2023 10:37:47 +0100 Subject: [PATCH 1/4] remove $_SESSION from methods and functions --- system/CodeIgniter.php | 4 ++-- system/HTTP/IncomingRequest.php | 29 ++++++++++++++++++----------- system/Helpers/form_helper.php | 6 +++--- system/Helpers/url_helper.php | 6 +++++- 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/system/CodeIgniter.php b/system/CodeIgniter.php index 4bde1c042b6d..dd00746bf567 100644 --- a/system/CodeIgniter.php +++ b/system/CodeIgniter.php @@ -1064,13 +1064,13 @@ public function storePreviousURL($uri) } if (isset($_SESSION)) { - $_SESSION['_ci_previous_url'] = URI::createURIString( + session()->set('_ci_previous_url', URI::createURIString( $uri->getScheme(), $uri->getAuthority(), $uri->getPath(), $uri->getQuery(), $uri->getFragment() - ); + )); } } diff --git a/system/HTTP/IncomingRequest.php b/system/HTTP/IncomingRequest.php index 458e8ef88043..079a3b69d02f 100755 --- a/system/HTTP/IncomingRequest.php +++ b/system/HTTP/IncomingRequest.php @@ -827,35 +827,42 @@ public function getUserAgent() */ public function getOldInput(string $key) { - // If the session hasn't been started, or no - // data was previously saved, we're done. - if (empty($_SESSION['_ci_old_input'])) { + // If the session hasn't been started, we're done. + if (! isset($_SESSION)) { + return null; + } + + // Get previously saved in session + $old = session('_ci_old_input'); + + // If no data was previously saved, we're done. + if ($old === null) { return null; } // Check for the value in the POST array first. - if (isset($_SESSION['_ci_old_input']['post'][$key])) { - return $_SESSION['_ci_old_input']['post'][$key]; + if (isset($old['post'][$key])) { + return $old['post'][$key]; } // Next check in the GET array. - if (isset($_SESSION['_ci_old_input']['get'][$key])) { - return $_SESSION['_ci_old_input']['get'][$key]; + if (isset($old['get'][$key])) { + return $old['get'][$key]; } helper('array'); // Check for an array value in POST. - if (isset($_SESSION['_ci_old_input']['post'])) { - $value = dot_array_search($key, $_SESSION['_ci_old_input']['post']); + if (isset($old['post'])) { + $value = dot_array_search($key, $old['post']); if ($value !== null) { return $value; } } // Check for an array value in GET. - if (isset($_SESSION['_ci_old_input']['get'])) { - $value = dot_array_search($key, $_SESSION['_ci_old_input']['get']); + if (isset($old['get'])) { + $value = dot_array_search($key, $old['get']); if ($value !== null) { return $value; } diff --git a/system/Helpers/form_helper.php b/system/Helpers/form_helper.php index 7f8f191a3a6f..7edb05cf1de3 100644 --- a/system/Helpers/form_helper.php +++ b/system/Helpers/form_helper.php @@ -701,12 +701,12 @@ function set_radio(string $field, string $value = '', bool $default = false): st */ function validation_errors() { - session(); + $errors = session('_ci_validation_errors'); // Check the session to see if any were // passed along from a redirect withErrors() request. - if (isset($_SESSION['_ci_validation_errors']) && (ENVIRONMENT === 'testing' || ! is_cli())) { - return $_SESSION['_ci_validation_errors']; + if ($errors !== null && (ENVIRONMENT === 'testing' || ! is_cli())) { + return $errors; } $validation = Services::validation(); diff --git a/system/Helpers/url_helper.php b/system/Helpers/url_helper.php index a74fe944f148..dce4b26a0b50 100644 --- a/system/Helpers/url_helper.php +++ b/system/Helpers/url_helper.php @@ -88,8 +88,12 @@ function previous_url(bool $returnObject = false) { // Grab from the session first, if we have it, // since it's more reliable and safer. + if (isset($_SESSION)) { + $referer = session('_ci_previous_url'); + } + // Otherwise, grab a sanitized version from $_SERVER. - $referer = $_SESSION['_ci_previous_url'] ?? Services::request()->getServer('HTTP_REFERER', FILTER_SANITIZE_URL); + $referer ??= Services::request()->getServer('HTTP_REFERER', FILTER_SANITIZE_URL); $referer ??= site_url('/'); From 88a842f9ec32f366b042cd91577022082efcee92 Mon Sep 17 00:00:00 2001 From: Paulo Esteves Date: Tue, 26 Sep 2023 10:55:59 +0100 Subject: [PATCH 2/4] update phpstan-baseline.php --- phpstan-baseline.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpstan-baseline.php b/phpstan-baseline.php index 8a3e75dfb0ce..f538808f40c4 100644 --- a/phpstan-baseline.php +++ b/phpstan-baseline.php @@ -2313,7 +2313,7 @@ ]; $ignoreErrors[] = [ 'message' => '#^Construct empty\\(\\) is not allowed\\. Use more strict comparison\\.$#', - 'count' => 7, + 'count' => 6, 'path' => __DIR__ . '/system/HTTP/IncomingRequest.php', ]; $ignoreErrors[] = [ From b357e471989d9d1f00f14ef7cd0ff7e169ae8700 Mon Sep 17 00:00:00 2001 From: Paulo Esteves Date: Thu, 28 Sep 2023 11:09:10 +0100 Subject: [PATCH 3/4] update tests --- tests/system/CodeIgniterTest.php | 2 ++ tests/system/Helpers/URLHelper/MiscUrlTest.php | 16 ++++++++++++++-- tests/system/View/ParserPluginTest.php | 8 +++++++- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/tests/system/CodeIgniterTest.php b/tests/system/CodeIgniterTest.php index 5fae784b51c5..54ea3d10445c 100644 --- a/tests/system/CodeIgniterTest.php +++ b/tests/system/CodeIgniterTest.php @@ -27,6 +27,8 @@ use Tests\Support\Filters\Customfilter; /** + * @runTestsInSeparateProcesses + * * @backupGlobals enabled * * @internal diff --git a/tests/system/Helpers/URLHelper/MiscUrlTest.php b/tests/system/Helpers/URLHelper/MiscUrlTest.php index 4767dbf0cbfd..73ce680ea757 100644 --- a/tests/system/Helpers/URLHelper/MiscUrlTest.php +++ b/tests/system/Helpers/URLHelper/MiscUrlTest.php @@ -52,13 +52,19 @@ protected function tearDown(): void $_SERVER = []; } + /** + * @runInSeparateProcess + * @preserveGlobalState disabled + * + * @group SeparateProcess + */ public function testPreviousURLUsesSessionFirst(): void { $uri1 = 'http://example.com/one?two'; $uri2 = 'http://example.com/two?foo'; - $_SERVER['HTTP_REFERER'] = $uri1; - $_SESSION['_ci_previous_url'] = $uri2; + $_SERVER['HTTP_REFERER'] = $uri1; + session()->set('_ci_previous_url', $uri2); $this->config->baseURL = 'http://example.com/public'; @@ -80,6 +86,12 @@ private function createRequest(string $uri): void Factories::injectMock('config', 'App', $this->config); } + /** + * @runInSeparateProcess + * @preserveGlobalState disabled + * + * @group SeparateProcess + */ public function testPreviousURLUsesRefererIfNeeded(): void { $uri1 = 'http://example.com/one?two'; diff --git a/tests/system/View/ParserPluginTest.php b/tests/system/View/ParserPluginTest.php index 53caa6389213..b5e4c9047297 100644 --- a/tests/system/View/ParserPluginTest.php +++ b/tests/system/View/ParserPluginTest.php @@ -42,12 +42,18 @@ public function testCurrentURL(): void $this->assertSame(current_url(), $this->parser->renderString($template)); } + /** + * @runInSeparateProcess + * @preserveGlobalState disabled + * + * @group SeparateProcess + */ public function testPreviousURL(): void { $template = '{+ previous_url +}'; // Ensure a previous URL exists to work with. - $_SESSION['_ci_previous_url'] = 'http://example.com/foo'; + session()->set('_ci_previous_url', 'http://example.com/foo'); $this->assertSame(previous_url(), $this->parser->renderString($template)); } From b5d123abbd3eab20ddd17be122bacfca8203654f Mon Sep 17 00:00:00 2001 From: Paulo Esteves Date: Sun, 1 Oct 2023 18:31:04 +0100 Subject: [PATCH 4/4] reduce code as suggested Co-authored-by: Mostafa Khudair <59371810+mostafakhudair@users.noreply.github.com> --- system/Helpers/url_helper.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/system/Helpers/url_helper.php b/system/Helpers/url_helper.php index dce4b26a0b50..27e3ce1d079f 100644 --- a/system/Helpers/url_helper.php +++ b/system/Helpers/url_helper.php @@ -93,9 +93,7 @@ function previous_url(bool $returnObject = false) } // Otherwise, grab a sanitized version from $_SERVER. - $referer ??= Services::request()->getServer('HTTP_REFERER', FILTER_SANITIZE_URL); - - $referer ??= site_url('/'); + $referer ??= request()->getServer('HTTP_REFERER', FILTER_SANITIZE_URL) ?? site_url('/'); return $returnObject ? new URI($referer) : $referer; }