getQueryParameter

Author: simonLeary42

resources/lib/UnityHTTPD.php

@@ -235,6 +235,25 @@ public static function getPostData(string $key): mixed
         }
     }
 
+    /* returns null if not found and not $throw_if_not_found */
+    public static function getQueryParameter(string $key, bool $throw_if_not_found = true): mixed
+    {
+        if (isset($_GET)) {
+            self::badRequest('$_GET is unset');
+        }
+        if ($_GET === null) {
+            self::badRequest('$_GET is null');
+        }
+        if (!array_key_exists($key, $_GET)) {
+            if ($throw_if_not_found) {
+                self::badRequest("\$_GET has no array key '$key'");
+            } else {
+                return null;
+            }
+        }
+        return $_GET[$key];
+    }
+
     public static function getUploadedFileContents(
         string $filename,
         bool $do_delete_tmpfile_after_read = true,

webroot/admin/ajax/get_group_members.php

@@ -9,11 +9,8 @@
     UnityHTTPD::forbidden("not an admin");
 }
 
-if (!isset($_GET["gid"])) {
-    UnityHTTPD::badRequest("PI UID not set");
-}
-
-$group = new UnityGroup($_GET["gid"], $LDAP, $SQL, $MAILER, $WEBHOOK);
+$gid = UnityHTTPD::getQueryParameter("gid");
+$group = new UnityGroup($gid, $LDAP, $SQL, $MAILER, $WEBHOOK);
 $members = $group->getGroupMembersAttributes(["gecos", "mail"]);
 $requests = $group->getRequests();
 

webroot/admin/ajax/get_page_contents.php

@@ -8,9 +8,6 @@
     UnityHTTPD::forbidden("not an admin");
 }
 
-if (!isset($_GET["pageid"])) {
-    UnityHTTPD::badRequest("Pageid not found");
-}
-
-$page = $SQL->getPage($_GET["pageid"]);
+$pageid = UnityHTTPD::getQueryParameter("pageid");
+$page = $SQL->getPage($pageid);
 echo $page["content"];

webroot/api/content/index.php

@@ -6,14 +6,6 @@
 
 require_once __DIR__ . "/../../../resources/autoload.php";
 
-if (isset($_GET["line_wrap"])) {
-    $CHAR_WRAP = $_GET["line_wrap"];
-} else {
-    $CHAR_WRAP = 80;
-}
-
-if (!isset($_GET["content_name"])) {
-    UnityHTTPD::badRequest("content_name not set");
-}
-
-echo $SQL->getPage($_GET["content_name"])["content"];
+$CHAR_WRAP = UnityHTTPD::getQueryParameter("line_wrap", false) ?? 80;
+$content_name = UnityHTTPD::getQueryParameter("content_name");
+echo $SQL->getPage($content_name)["content"];

webroot/js/ajax/ssh_generate.php

@@ -3,6 +3,7 @@
 require "../../../resources/autoload.php";
 
 use phpseclib3\Crypt\EC;
+use UnityWebPortal\lib\UnityHTTPD;
 
 echo "<pre>";
 
@@ -13,7 +14,7 @@
 echo $public->toString('OpenSSH');
 echo "</section>";
 echo "<section class='privKey'>";
-if (isset($_GET["type"]) && $_GET["type"] == "ppk") {
+if (UnityHTTPD::getQueryParameter("type", false) == "ppk") {
     echo $private->toString('PuTTY');
 } else {
     echo $private->toString('OpenSSH');

webroot/panel/ajax/get_group_members.php

@@ -5,11 +5,9 @@
 use UnityWebPortal\lib\UnityGroup;
 use UnityWebPortal\lib\UnityHTTPD;
 
-if (!isset($_GET["gid"])) {
-    UnityHTTPD::badRequest("PI UID not set");
-}
 
-$group = new UnityGroup($_GET["gid"], $LDAP, $SQL, $MAILER, $WEBHOOK);
+$gid = UnityHTTPD::getQueryParameter("gid");
+$group = new UnityGroup($gid, $LDAP, $SQL, $MAILER, $WEBHOOK);
 if (!$group->memberExists($USER)) {
     UnityHTTPD::forbidden("not a group member");
 }

webroot/panel/modal/pi_search.php

@@ -4,7 +4,7 @@
 
 use UnityWebPortal\lib\UnityHTTPD;
 
-$search_query = $_GET["search"];  // Search is passed as a get var
+$search_query = UnityHTTPD::getQueryParameter("search");
 if (empty($search_query)) {
     echo "<span>No Results</span>";
     UnityHTTPD::die();
@@ -27,7 +27,11 @@
     try {
         $fn = strtolower($assoc_obj->getOwner()->getFullName());
     } catch (Throwable $e) {
-        UnitySite::errorLog("warning", "failed to get owner name for PI group '$assoc'", error: $e);
+        UnityHTTPD::errorLog(
+            "warning",
+            "failed to get owner name for PI group '$assoc'",
+            error: $e
+        );
         $fn = "";
     }
     if (strpos($fn, strtolower($search_query)) !== false) {