static void fillPost(
Env env,
ArrayValue postArray,
ArrayValue files,
InputStream is,
String contentType,
String encoding,
int contentLength,
boolean addSlashesToValues,
boolean isAllowUploads) {
long maxPostSize = env.getIniBytes("post_max_size", 0);
try {
if (encoding == null) encoding = env.getHttpInputEncoding();
if (contentType != null && contentType.startsWith("multipart/form-data")) {
String boundary = getBoundary(contentType);
ReadStream rs = new ReadStream(new VfsStream(is, null));
if (boundary == null) {
env.warning(L.l("multipart/form-data POST is missing boundary"));
return;
}
MultipartStream ms = new MultipartStream(rs, boundary);
if (encoding != null) ms.setEncoding(encoding);
readMultipartStream(env, ms, postArray, files, addSlashesToValues, isAllowUploads);
rs.close();
if (rs.getLength() > maxPostSize) {
env.warning(
L.l("POST length of {0} exceeds max size of {1}", rs.getLength(), maxPostSize));
postArray.clear();
files.clear();
return;
}
} else {
StringValue bb = env.createBinaryBuilder();
bb.appendReadAll(is, Integer.MAX_VALUE);
if (bb.length() > maxPostSize) {
env.warning(L.l("POST length of {0} exceeds max size of {1}", bb.length(), maxPostSize));
return;
}
env.setInputData(bb);
if (contentType != null && contentType.startsWith("application/x-www-form-urlencoded"))
StringUtility.parseStr(env, bb, postArray, false, encoding);
}
} catch (IOException e) {
env.warning(e);
} finally {
}
}
private static void readMultipartStream(
Env env,
MultipartStream ms,
ArrayValue postArray,
ArrayValue files,
boolean addSlashesToValues,
boolean isAllowUploads)
throws IOException {
ReadStream is;
while ((is = ms.openRead()) != null) {
String attr = (String) ms.getAttribute("content-disposition");
if (attr == null || !attr.startsWith("form-data")) {
// XXX: is this an error?
continue;
}
String name = getAttribute(attr, "name", addSlashesToValues);
String filename = getAttribute(attr, "filename", addSlashesToValues);
if (filename != null) {
int slashIndex = filename.lastIndexOf('/');
int slashIndex2 = filename.lastIndexOf('\\');
slashIndex = Math.max(slashIndex, slashIndex2);
if (slashIndex >= 0) filename = filename.substring(slashIndex + 1);
}
int bracketIndex = -1;
if (name != null) bracketIndex = name.lastIndexOf(']');
if (bracketIndex >= 0 && bracketIndex < name.length() - 1) {
// php/085c
} else if (filename == null) {
StringValue value = env.createStringBuilder();
value.appendReadAll(is, Integer.MAX_VALUE);
if (name != null) {
addFormValue(env, postArray, name, value, null, addSlashesToValues);
} else {
env.warning(L.l("file upload is missing name and filename"));
}
} else {
if (!isAllowUploads) {
continue;
}
String tmpName = "";
long tmpLength = 0;
// A POST file upload with an empty string as the filename does not
// create a temp file in the upload directory.
if (filename.length() > 0) {
Path tmpPath = env.getUploadDirectory().createTempFile("php", ".tmp");
env.addRemovePath(tmpPath);
WriteStream os = tmpPath.openWrite();
try {
os.writeStream(is);
} finally {
os.close();
}
tmpName = tmpPath.getFullPath();
tmpLength = tmpPath.getLength();
}
// php/0865
//
// A header like "Content-Type: image/gif" indicates the mime type
// for an uploaded file.
String mimeType = getAttribute(attr, "mime-type", addSlashesToValues);
if (mimeType == null) {
mimeType = (String) ms.getAttribute("content-type");
// php/085f
if (mimeType != null && mimeType.endsWith(";"))
mimeType = mimeType.substring(0, mimeType.length() - 1);
}
// php/0864
//
// mime type is empty string when no file is uploaded.
if (filename.length() == 0) {
mimeType = "";
}
long maxFileSize = Long.MAX_VALUE;
Value maxFileSizeV = postArray.get(MAX_FILE_SIZE);
if (!maxFileSizeV.isNull()) maxFileSize = maxFileSizeV.toLong();
if (name != null) {
addFormFile(
env,
files,
name,
filename,
tmpName,
mimeType,
tmpLength,
addSlashesToValues,
maxFileSize);
} else {
addFormFile(
env, files, filename, tmpName, mimeType, tmpLength, addSlashesToValues, maxFileSize);
}
}
}
}