feat: complete Superglobals implementation (codeigniter4#9858)

Co-authored-by: John Paul E. Balandan, CPA <paulbalandan@gmail.com>
Co-authored-by: neznaika0 <ozornick.ks@gmail.com>

Author: 3 people

system/Commands/Utilities/Environment.php

@@ -86,7 +86,7 @@ final class Environment extends BaseCommand
     public function run(array $params)
     {
         if ($params === []) {
-            CLI::write(sprintf('Your environment is currently set as %s.', CLI::color($_SERVER['CI_ENVIRONMENT'] ?? ENVIRONMENT, 'green')));
+            CLI::write(sprintf('Your environment is currently set as %s.', CLI::color(service('superglobals')->server('CI_ENVIRONMENT', ENVIRONMENT), 'green')));
             CLI::newLine();
 
             return EXIT_ERROR;
@@ -119,7 +119,8 @@ public function run(array $params)
         // force DotEnv to reload the new environment
         // however we cannot redefine the ENVIRONMENT constant
         putenv('CI_ENVIRONMENT');
-        unset($_ENV['CI_ENVIRONMENT'], $_SERVER['CI_ENVIRONMENT']);
+        unset($_ENV['CI_ENVIRONMENT']);
+        service('superglobals')->unsetServer('CI_ENVIRONMENT');
         (new DotEnv((new Paths())->envDirectory ?? ROOTPATH))->load();
 
         CLI::write(sprintf('Environment is successfully changed to "%s".', $env), 'green');
@@ -149,7 +150,7 @@ private function writeNewEnvironmentToEnvFile(string $newEnv): bool
             copy($baseEnv, $envFile);
         }
 
-        $pattern = preg_quote($_SERVER['CI_ENVIRONMENT'] ?? ENVIRONMENT, '/');
+        $pattern = preg_quote(service('superglobals')->server('CI_ENVIRONMENT', ENVIRONMENT), '/');
         $pattern = sprintf('/^[#\s]*CI_ENVIRONMENT[=\s]+%s$/m', $pattern);
 
         return file_put_contents(

system/Commands/Utilities/Routes.php

@@ -87,17 +87,14 @@ public function run(array $params)
 
         // Set HTTP_HOST
         if ($host !== null) {
-            $request              = service('request');
-            $_SERVER              = $request->getServer();
-            $_SERVER['HTTP_HOST'] = $host;
-            $request->setGlobal('server', $_SERVER);
+            service('superglobals')->setServer('HTTP_HOST', $host);
         }
 
         $collection = service('routes')->loadRoutes();
 
         // Reset HTTP_HOST
         if ($host !== null) {
-            unset($_SERVER['HTTP_HOST']);
+            service('superglobals')->unsetServer('HTTP_HOST');
         }
 
         $methods = Router::HTTP_METHODS;

system/Config/Services.php

@@ -543,7 +543,7 @@ public static function createRequest(App $config, bool $isCli = false): void
             $request = AppServices::incomingrequest($config);
 
             // guess at protocol if needed
-            $request->setProtocolVersion($_SERVER['SERVER_PROTOCOL'] ?? 'HTTP/1.1');
+            $request->setProtocolVersion(static::superglobals()->server('SERVER_PROTOCOL', 'HTTP/1.1'));
         }
 
         // Inject the request object into Services.
@@ -746,13 +746,17 @@ public static function siteurifactory(
     public static function superglobals(
         ?array $server = null,
         ?array $get = null,
+        ?array $post = null,
+        ?array $cookie = null,
+        ?array $files = null,
+        ?array $request = null,
         bool $getShared = true,
     ) {
         if ($getShared) {
-            return static::getSharedInstance('superglobals', $server, $get);
+            return static::getSharedInstance('superglobals', $server, $get, $post, $cookie, $files, $request);
         }
 
-        return new Superglobals($server, $get);
+        return new Superglobals($server, $get, $post, $cookie, $files, $request);
     }
 
     /**

system/HTTP/DownloadResponse.php

@@ -171,9 +171,9 @@ private function getDownloadFileName(): string
          *
          * Reference: http://digiblog.de/2011/04/19/android-and-the-download-file-headers/
          */
-        // @todo: depend super global
-        if (count($x) !== 1 && isset($_SERVER['HTTP_USER_AGENT'])
-                && preg_match('/Android\s(1|2\.[01])/', $_SERVER['HTTP_USER_AGENT'])) {
+        $userAgent = service('superglobals')->server('HTTP_USER_AGENT');
+        if (count($x) !== 1 && $userAgent !== null
+                && preg_match('/Android\s(1|2\.[01])/', $userAgent)) {
             $x[count($x) - 1] = strtoupper($extension);
             $filename         = implode('.', $x);
         }

system/HTTP/Files/FileCollection.php

@@ -150,11 +150,13 @@ protected function populateFiles()
 
         $this->files = [];
 
-        if ($_FILES === []) {
+        $files = service('superglobals')->getFilesArray();
+
+        if ($files === []) {
             return;
         }
 
-        $files = $this->fixFilesArray($_FILES);
+        $files = $this->fixFilesArray($files);
 
         foreach ($files as $name => $file) {
             $this->files[$name] = $this->createFileObject($file);

system/HTTP/IncomingRequest.php

@@ -266,7 +266,9 @@ public function isAJAX(): bool
      */
     public function isSecure(): bool
     {
-        if (! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') {
+        $https = service('superglobals')->server('HTTPS');
+
+        if ($https !== null && strtolower($https) !== 'off') {
             return true;
         }
 
@@ -599,9 +601,9 @@ public function getPostGet($index = null, $filter = null, $flags = null)
         // Use $_POST directly here, since filter_has_var only
         // checks the initial POST data, not anything that might
         // have been added since.
-        return isset($_POST[$index])
+        return service('superglobals')->post($index) !== null
             ? $this->getPost($index, $filter, $flags)
-            : (isset($_GET[$index]) ? $this->getGet($index, $filter, $flags) : $this->getPost($index, $filter, $flags));
+            : (service('superglobals')->get($index) !== null ? $this->getGet($index, $filter, $flags) : $this->getPost($index, $filter, $flags));
     }
 
     /**
@@ -622,9 +624,9 @@ public function getGetPost($index = null, $filter = null, $flags = null)
         // Use $_GET directly here, since filter_has_var only
         // checks the initial GET data, not anything that might
         // have been added since.
-        return isset($_GET[$index])
+        return service('superglobals')->get($index) !== null
             ? $this->getGet($index, $filter, $flags)
-            : (isset($_POST[$index]) ? $this->getPost($index, $filter, $flags) : $this->getGet($index, $filter, $flags));
+            : (service('superglobals')->post($index) !== null ? $this->getPost($index, $filter, $flags) : $this->getGet($index, $filter, $flags));
     }
 
     /**

system/HTTP/MessageTrait.php

@@ -86,19 +86,21 @@ public function appendBody($data): self
      */
     public function populateHeaders(): void
     {
-        $contentType = $_SERVER['CONTENT_TYPE'] ?? getenv('CONTENT_TYPE');
+        $contentType = service('superglobals')->server('CONTENT_TYPE', (string) getenv('CONTENT_TYPE'));
         if (! empty($contentType)) {
             $this->setHeader('Content-Type', $contentType);
         }
         unset($contentType);
 
-        foreach (array_keys($_SERVER) as $key) {
+        $serverArray = service('superglobals')->getServerArray();
+
+        foreach (array_keys($serverArray) as $key) {
             if (sscanf($key, 'HTTP_%s', $header) === 1) {
                 // take SOME_HEADER and turn it into Some-Header
                 $header = str_replace('_', ' ', strtolower($header));
                 $header = str_replace(' ', '-', ucwords($header));
 
-                $this->setHeader($header, $_SERVER[$key]);
+                $this->setHeader($header, $serverArray[$key]);
 
                 // Add us to the header map, so we can find them case-insensitively
                 $this->headerMap[strtolower($header)] = $header;

system/HTTP/RedirectResponse.php

@@ -93,8 +93,8 @@ public function withInput()
     {
         $session = service('session');
         $session->setFlashdata('_ci_old_input', [
-            'get'  => $_GET ?? [], // @phpstan-ignore nullCoalesce.variable
-            'post' => $_POST ?? [], // @phpstan-ignore nullCoalesce.variable
+            'get'  => service('superglobals')->getGetArray(),
+            'post' => service('superglobals')->getPostArray(),
         ]);
 
         $this->withErrors();

system/HTTP/RequestTrait.php

@@ -47,6 +47,8 @@ trait RequestTrait
      * Stores values we've retrieved from PHP globals.
      *
      * @var array{get?: array, post?: array, request?: array, cookie?: array, server?: array}
+     *
+     * @deprecated 4.7.0 Use the Superglobals service instead
      */
     protected $globals = [];
 
@@ -231,8 +233,12 @@ public function getEnv($index = null, $filter = null, $flags = null)
      */
     public function setGlobal(string $name, $value)
     {
+        // Keep BC with $globals array
         $this->globals[$name] = $value;
 
+        // Also update Superglobals via service
+        service('superglobals')->setGlobalArray($name, $value);
+
         return $this;
     }
 
@@ -342,35 +348,16 @@ public function fetchGlobal(string $name, $index = null, ?int $filter = null, $f
      * @param 'cookie'|'get'|'post'|'request'|'server' $name Superglobal name (lowercase)
      *
      * @return void
+     *
+     * @deprecated 4.7.0 No longer needs to be called explicitly. Used internally to maintain BC with $globals.
      */
     protected function populateGlobals(string $name)
     {
         if (! isset($this->globals[$name])) {
             $this->globals[$name] = [];
         }
 
-        // Don't populate ENV as it might contain
-        // sensitive data that we don't want to get logged.
-        switch ($name) {
-            case 'get':
-                $this->globals['get'] = $_GET;
-                break;
-
-            case 'post':
-                $this->globals['post'] = $_POST;
-                break;
-
-            case 'request':
-                $this->globals['request'] = $_REQUEST;
-                break;
-
-            case 'cookie':
-                $this->globals['cookie'] = $_COOKIE;
-                break;
-
-            case 'server':
-                $this->globals['server'] = $_SERVER;
-                break;
-        }
+        // Get data from Superglobals service instead of direct access
+        $this->globals[$name] = service('superglobals')->getGlobalArray($name);
     }
 }

system/HTTP/ResponseTrait.php

@@ -451,21 +451,26 @@ public function sendBody()
     public function redirect(string $uri, string $method = 'auto', ?int $code = null)
     {
         // IIS environment likely? Use 'refresh' for better compatibility
+        $superglobals   = service('superglobals');
+        $serverSoftware = $superglobals->server('SERVER_SOFTWARE');
         if (
             $method === 'auto'
-            && isset($_SERVER['SERVER_SOFTWARE'])
-            && str_contains($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS')
+            && $serverSoftware !== null
+            && str_contains($serverSoftware, 'Microsoft-IIS')
         ) {
             $method = 'refresh';
         } elseif ($method !== 'refresh' && $code === null) {
             // override status code for HTTP/1.1 & higher
+            $serverProtocol = $superglobals->server('SERVER_PROTOCOL');
+            $requestMethod  = $superglobals->server('REQUEST_METHOD');
             if (
-                isset($_SERVER['SERVER_PROTOCOL'], $_SERVER['REQUEST_METHOD'])
+                $serverProtocol !== null
+                && $requestMethod !== null
                 && $this->getProtocolVersion() >= 1.1
             ) {
-                if ($_SERVER['REQUEST_METHOD'] === Method::GET) {
+                if ($requestMethod === Method::GET) {
                     $code = 302;
-                } elseif (in_array($_SERVER['REQUEST_METHOD'], [Method::POST, Method::PUT, Method::DELETE], true)) {
+                } elseif (in_array($requestMethod, [Method::POST, Method::PUT, Method::DELETE], true)) {
                     // reference: https://en.wikipedia.org/wiki/Post/Redirect/Get
                     $code = 303;
                 } else {