search

akeeba / fof

Rapid Application Development framework for Joomla!™ 3 and 4
0 stars 0 forks source link

Input Parsing when DELETE / PUT requests #576

Closed Skullbock closed 8 years ago

Skullbock commented 8 years ago

Hi @nikosdion ! I was dealing in a custom component with a standard DELETE request. Usually i just do

DELETE "index.php?option=com_foo&view=Bars&format=json&id=12"

and everything works

This time i did

DELETE "index.php?option=com_foo&view=Bars&format=json"

and passed the id=12 as a body param (either json encoded or form data)

In this case, FOF doesn't pick up the id correctly. I backtraced this to the JInput class in Joomla. Essentially, JInput just picks up from the $_POST, $_GET or $_REQUEST variables, but both DELETE and PUT doesn't fill those in. Instead, we should access the php://input stream directly and either parse_str or json_decode them

I know that joomla also has the $input->json-> call that deals with the json part.

My question therefore is: how do you prefer this to be implemented in FOF? New "Input" classes that gets instantiated based on the Content Type or format variable?

nikosdion commented 8 years ago

According to my experience PUT and DELETE populate $_REQUEST but not the other two arrays.

On Tuesday, November 24, 2015, Daniele Rosario notifications@github.com wrote:

Hi @nikosdion https://github.com/nikosdion ! I was dealing in a custom component with a standard DELETE request. Usually i just do

DELETE "index.php?option=com_foo&view=Bars&format=json&id=12"

and everything works

This time i did

DELETE "index.php?option=com_foo&view=Bars&format=json"

and passed the id=12 as a body param (either json encoded or form data)

In this case, FOF doesn't pick up the id correctly. I backtraced this to the JInput class in Joomla. Essentially, JInput just picks up from the $_POST, $_GET or $_REQUEST variables, but both DELETE and PUT doesn't fill those in. Instead, we should access the php://input stream directly and either parse_str or json_decode them

I know that joomla also has the $input->json-> call that deals with the json part.

My question therefore is: how do you prefer this to be implemented in FOF? New "Input" classes that gets instantiated based on the Content Type or format variable?

— Reply to this email directly or view it on GitHub https://github.com/akeeba/fof/issues/576.

Nicholas K. Dionysopoulos Director, Akeeba Ltd https://www.AkeebaBackup.com

Skullbock commented 8 years ago

It populates the $_REQUEST if you send it in the query params. If you send it as body data (either json encoded or form-data) it doesn't

http://stackoverflow.com/questions/9130915/put-delete-data-from-jquery-to-php

nikosdion commented 8 years ago

Yes, correct. FOF can only handle query parameters through Input. If you want to process the raw body of a POST, PUT or DELETE request you need to do that manually. We cannot assume anything about the data in this case. It is very likely it's raw binary data you definitely do not want to try and parse.

Skullbock commented 8 years ago

That's what i'm doing currently. Whata i would like to do in FOF is to get either the Header of the parameter "format" to check for at least JSON format and parse it :)

Daniele Rosario

Il giorno mer 25 nov 2015 alle ore 12:06 Nicholas K. Dionysopoulos < notifications@github.com> ha scritto:

Yes, correct. FOF can only handle query parameters through Input. If you want to process the raw body of a POST, PUT or DELETE request you need to do that manually. We cannot assume anything about the data in this case. It is very likely it's raw binary data you definitely do not want to try and parse.

— Reply to this email directly or view it on GitHub https://github.com/akeeba/fof/issues/576#issuecomment-159573446.

Daniele Rosario CTO Via F.Filzi, 56/A 36051 Creazzo (Vicenza) Tel.: +39 0444 1454934 Mob: +39 328 3017134 Immagine in linea 1

nikosdion commented 8 years ago

How about adding a new JInput class to parse the input:// stream?

Skullbock commented 8 years ago

In FOF3 you mean? Then i would instantiate the different class based on the format / header... yes could work!

Daniele Rosario

Il giorno mer 25 nov 2015 alle ore 12:47 Nicholas K. Dionysopoulos < notifications@github.com> ha scritto:

How about adding a new JInput class to parse the input:// stream?

— Reply to this email directly or view it on GitHub https://github.com/akeeba/fof/issues/576#issuecomment-159584007.

Daniele Rosario CTO Via F.Filzi, 56/A 36051 Creazzo (Vicenza) Tel.: +39 0444 1454934 Mob: +39 328 3017134 Immagine in linea 1

nikosdion commented 8 years ago

Yup. That's the entire point of having multiple input classes ;)