From 42e88f2e0910d5b8d4a9c2dcf4762ae57679d6d9 Mon Sep 17 00:00:00 2001
From: Guillaume Rousse <guillaume.rousse@renater.fr>
Date: Fri, 3 Nov 2017 16:30:28 +0100
Subject: [PATCH] process input parameters only once
---
lib/IdPAccountManager/WebRequest.pm | 89 +++++++++++++----------------
1 file changed, 41 insertions(+), 48 deletions(-)
diff --git a/lib/IdPAccountManager/WebRequest.pm b/lib/IdPAccountManager/WebRequest.pm
index 8e9f5d9..561d6ee 100755
--- a/lib/IdPAccountManager/WebRequest.pm
+++ b/lib/IdPAccountManager/WebRequest.pm
@@ -41,45 +41,7 @@ sub new {
);
$self->{db} = IdPAccountManager::DB->new();
-
- my $http_query = CGI->new();
-
- ## Input parameters
- my %in_vars = $http_query->Vars;
- $self->{param_in} = \%in_vars;
-
- ## Usefull data for output (web pages or mail notices)
- $self->{param_out}->{url_cgi} = $ENV{SCRIPT_NAME};
- $self->{param_out}->{env} = \%ENV;
- $self->{param_out}->{actions} = $args{actions};
- $self->{param_out}->{conf} = $self->{configuration};
-
- ## Clean input vars
- foreach my $key (keys %{ $self->{param_in} }) {
-
- ## Removing all ^M (0D)
- $self->{param_in}->{$key} =~ s/\r//g;
-
- $self->{param_in}->{$key} =~ s/\s+$//; ## Remove trailing spaces
- $self->{param_in}->{$key} =~ s/^\s+//; ## Remove leading spaces
-
- ## If action_xx param is set, then action=xx
- ## Usefull to have sementicless values in submit forms
- if ($key =~ /^action_(\w+)$/) {
-
- #$self->{logger}->log(level => LOG_TRACE, message => "ACTION $key");
- $self->{param_in}->{action} = $1;
- }
- }
-
- ## Check the requested action
- if ($self->{param_in}->{action}) {
- $self->{action} = $self->{param_in}->{action};
- } else {
- ## Default action
- $self->{logger}->log(level => LOG_INFO, message => 'Default action');
- $self->{action} = 'home';
- }
+ $self->{cgi} = CGI->new();
bless $self, $pkg;
@@ -93,23 +55,54 @@ sub execute {
my $status;
- ## Check input parameters format
- foreach my $key (keys %{ $self->{param_in} }) {
- if ( $self->{param_in}->{$key} !~ /^\s*$/
- && defined $self->{format}->{$key}
- && !ref($self->{format}->{$key}))
- {
- unless ($self->{param_in}->{$key} =~ /^$self->format->{$key}$/) {
- push @{ $self->{param_out}->{errors} }, "format_$key";
+ # initialize output parameters
+ $self->{param_out} = {
+ url_cgi => $ENV{SCRIPT_NAME},
+ env => \%ENV,
+ actions => $self->{actions},
+ conf => $self->{configuration},
+ };
+
+ # process input parameters
+ my %parameters = $self->{cgi}->Vars();
+
+ foreach my $parameter (keys %parameters) {
+
+ # cleanup
+ $parameters{$parameter} =~ s/\r//g; # remove &0D char
+ $parameters{$parameter} =~ s/\s+$//; # remove trailing spaces
+ $parameters{$parameter} =~ s/^\s+//; # remove leading spaces
+
+ # format check
+ if (defined $self->{format}->{$parameter}
+ && !ref($self->{format}->{$parameter})) {
+ if ($parameters{$parameter} !~ /^$self->format->{$parameter}$/) {
+ push @{ $self->{param_out}->{errors} }, "format_$parameter";
$self->{logger}->log(
level => LOG_ERROR,
- message => "Incorrect parameter format : $key"
+ message => "Incorrect parameter format : $parameter"
);
return undef;
}
}
+
+ # If action_xx parameter is set, set action parameter with value xx
+ if ($parameter =~ /^action_(\w+)$/) {
+ $parameters{action} = $1;
+ }
+
+ # register needed parameters
+ $self->{param_in} = {
+ email_adress => $parameters{action},
+ style => $parameters{style},
+ sp_entityid => $parameters{sp_entityid},
+ authentication_token => $parameters{authentication_token}
+ };
}
+ # Check the requested action
+ $self->{action} = $parameters{action} || 'home';
+
do {
## Actions can be chained
$self->{action} = $self->{next_action} if ($self->{next_action});
--
GitLab