Avoid $_POST direct use
ClosedPublic
Actions

Authored by dereckson on Dec 25 2015, 19:11.

Details

Reviewers

dereckson

Commits

Unknown Object (Diffusion Commit)
rNOTIF61e3ec5a8698: Avoid $_POST direct use

Summary

Frameworks like Laravel offers wrappers around superglobals.

It allows a more versatile code (but $_REQUEST would do too),
and some sanitization.

Test Plan

(1) Capture a request (for example through Runscope) with this code:

protected function extractPayload () {
	$this->payload = $_POST;
	print_r($_POST);
	abort(503, "Debugging payload");
}

(2) Replace by $this->payload = Request::all();.

(3) Replay the request, and check if the reply diff is identical

Diff Detail

Repository

rNOTIF Notifications center

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

dereckson updated this revision to Diff 283.Dec 25 2015, 19:11

dereckson retitled this revision from to Avoid $_POST direct use.

dereckson updated this object.

dereckson edited the test plan for this revision. (Show Details)

dereckson added a reviewer: dereckson.

Reference: https://laravel.com/docs/5.2/requests#retrieving-input

This revision is now accepted and ready to land.Dec 25 2015, 19:12

Closed by commit rNOTIF61e3ec5a8698: Avoid $_POST direct use (authored by dereckson, committed by dereckson). · Explain WhyDec 25 2015, 19:12

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

app/

Http/

Controllers/

Gate/

PhabricatorGateController.php

2 lines

Diff 284

View Options

app/Http/Controllers/Gate/PhabricatorGateController.php

Avoid $_POST direct useClosedPublicActions