diff --git a/system/CodeIgniter.php b/system/CodeIgniter.php index 3eecebfbed31..3e12e4e121b1 100644 --- a/system/CodeIgniter.php +++ b/system/CodeIgniter.php @@ -21,6 +21,7 @@ use CodeIgniter\HTTP\DownloadResponse; use CodeIgniter\HTTP\Exceptions\RedirectException; use CodeIgniter\HTTP\IncomingRequest; +use CodeIgniter\HTTP\Method; use CodeIgniter\HTTP\RedirectResponse; use CodeIgniter\HTTP\Request; use CodeIgniter\HTTP\ResponsableInterface; @@ -1027,7 +1028,7 @@ public function storePreviousURL($uri) public function spoofRequestMethod() { // Only works with POSTED forms - if ($this->request->getMethod() !== 'POST') { + if ($this->request->getMethod() !== Method::POST) { return; } @@ -1038,7 +1039,7 @@ public function spoofRequestMethod() } // Only allows PUT, PATCH, DELETE - if (in_array($method, ['PUT', 'PATCH', 'DELETE'], true)) { + if (in_array($method, [Method::PUT, Method::PATCH, Method::DELETE], true)) { $this->request = $this->request->setMethod($method); } } diff --git a/system/HTTP/CURLRequest.php b/system/HTTP/CURLRequest.php index 48605b1e8274..9f5cd61ab275 100644 --- a/system/HTTP/CURLRequest.php +++ b/system/HTTP/CURLRequest.php @@ -112,7 +112,7 @@ public function __construct(App $config, URI $uri, ?ResponseInterface $response throw HTTPException::forMissingCurl(); // @codeCoverageIgnore } - parent::__construct('GET', $uri); + parent::__construct(Method::GET, $uri); $this->responseOrig = $response ?? new Response(config(App::class)); $this->baseURI = $uri->useRawQueryString(); @@ -177,7 +177,7 @@ protected function resetOptions() */ public function get(string $url, array $options = []): ResponseInterface { - return $this->request('GET', $url, $options); + return $this->request(Method::GET, $url, $options); } /** @@ -217,7 +217,7 @@ public function patch(string $url, array $options = []): ResponseInterface */ public function post(string $url, array $options = []): ResponseInterface { - return $this->request('POST', $url, $options); + return $this->request(Method::POST, $url, $options); } /** @@ -225,7 +225,7 @@ public function post(string $url, array $options = []): ResponseInterface */ public function put(string $url, array $options = []): ResponseInterface { - return $this->request('PUT', $url, $options); + return $this->request(Method::PUT, $url, $options); } /** @@ -445,7 +445,7 @@ protected function applyMethod(string $method, array $curlOptions): array return $this->applyBody($curlOptions); } - if ($method === 'PUT' || $method === 'POST') { + if ($method === Method::PUT || $method === Method::POST) { // See http://tools.ietf.org/html/rfc7230#section-3.3.2 if ($this->header('content-length') === null && ! isset($this->config['multipart'])) { $this->setHeader('Content-Length', '0'); diff --git a/system/HTTP/IncomingRequest.php b/system/HTTP/IncomingRequest.php index 3acd90b2a00b..8af3e86991ac 100755 --- a/system/HTTP/IncomingRequest.php +++ b/system/HTTP/IncomingRequest.php @@ -404,7 +404,7 @@ public function is(string $type): bool { $valueUpper = strtoupper($type); - $httpMethods = ['GET', 'POST', 'PUT', 'DELETE', 'HEAD', 'PATCH', 'OPTIONS']; + $httpMethods = Method::all(); if (in_array($valueUpper, $httpMethods, true)) { return $this->getMethod() === $valueUpper; diff --git a/system/HTTP/Request.php b/system/HTTP/Request.php index 462cb5731952..1466175c7b8f 100644 --- a/system/HTTP/Request.php +++ b/system/HTTP/Request.php @@ -41,7 +41,7 @@ class Request extends OutgoingRequest implements RequestInterface public function __construct($config = null) // @phpstan-ignore-line { if (empty($this->method)) { - $this->method = $this->getServer('REQUEST_METHOD') ?? 'GET'; + $this->method = $this->getServer('REQUEST_METHOD') ?? Method::GET; } if (empty($this->uri)) { diff --git a/system/HTTP/ResponseTrait.php b/system/HTTP/ResponseTrait.php index 9c4344e81c40..8d8cad504866 100644 --- a/system/HTTP/ResponseTrait.php +++ b/system/HTTP/ResponseTrait.php @@ -442,9 +442,9 @@ public function redirect(string $uri, string $method = 'auto', ?int $code = null isset($_SERVER['SERVER_PROTOCOL'], $_SERVER['REQUEST_METHOD']) && $this->getProtocolVersion() >= 1.1 ) { - if ($_SERVER['REQUEST_METHOD'] === 'GET') { + if ($_SERVER['REQUEST_METHOD'] === Method::GET) { $code = 302; - } elseif (in_array($_SERVER['REQUEST_METHOD'], ['POST', 'PUT', 'DELETE'], true)) { + } elseif (in_array($_SERVER['REQUEST_METHOD'], [Method::POST, Method::PUT, Method::DELETE], true)) { // reference: https://en.wikipedia.org/wiki/Post/Redirect/Get $code = 303; } else { diff --git a/system/Security/Security.php b/system/Security/Security.php index 3868b19f8d84..9c28b82335b0 100644 --- a/system/Security/Security.php +++ b/system/Security/Security.php @@ -13,6 +13,7 @@ use CodeIgniter\Cookie\Cookie; use CodeIgniter\HTTP\IncomingRequest; +use CodeIgniter\HTTP\Method; use CodeIgniter\HTTP\Request; use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\I18n\Time; @@ -281,7 +282,7 @@ public function verify(RequestInterface $request) { // Protects POST, PUT, DELETE, PATCH $method = $request->getMethod(); - $methodsToProtect = ['POST', 'PUT', 'DELETE', 'PATCH']; + $methodsToProtect = [Method::POST, Method::PUT, Method::DELETE, Method::PATCH]; if (! in_array($method, $methodsToProtect, true)) { return $this; } diff --git a/system/Validation/Validation.php b/system/Validation/Validation.php index ae4f030907b4..6313ea62c4fa 100644 --- a/system/Validation/Validation.php +++ b/system/Validation/Validation.php @@ -13,6 +13,7 @@ use Closure; use CodeIgniter\HTTP\IncomingRequest; +use CodeIgniter\HTTP\Method; use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\Validation\Exceptions\ValidationException; use CodeIgniter\View\RendererInterface; @@ -501,7 +502,7 @@ public function withRequest(RequestInterface $request): ValidationInterface return $this; } - if (in_array($request->getMethod(), ['PUT', 'PATCH', 'DELETE'], true) + if (in_array($request->getMethod(), [Method::PUT, Method::PATCH, Method::DELETE], true) && strpos($request->getHeaderLine('Content-Type'), 'multipart/form-data') === false ) { $this->data = $request->getRawInput();