npm - create-prisma-php-app - Versions diffs - 2.0.0-beta.11 → 2.0.0-beta.13 - Mend

create-prisma-php-app 2.0.0-beta.11 → 2.0.0-beta.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/bootstrap.php +7 -6
package/dist/src/Lib/Request.php +5 -0
package/dist/src/Lib/Validator.php +13 -7
package/package.json +1 -1

package/dist/bootstrap.php CHANGED Viewed

@@ -64,6 +64,7 @@ final class Bootstrap
         Request::$pathname = $contentInfo['pathname'] ? '/' . $contentInfo['pathname'] : '/';
         Request::$uri = $contentInfo['uri'] ? $contentInfo['uri'] : '/';
+        Request::$decodedUri = urldecode(Request::$uri);
         if (is_file(self::$contentToInclude)) {
             Request::$fileToInclude = basename(self::$contentToInclude);
@@ -818,16 +819,16 @@ try {
         }
         // If there’s caching
-        if (isset(Bootstrap::$requestFilesData[Request::$uri])) {
+        if (isset(Bootstrap::$requestFilesData[Request::$decodedUri])) {
             if ($_ENV['CACHE_ENABLED'] === 'true') {
-                CacheHandler::serveCache(Request::$uri, intval($_ENV['CACHE_TTL']));
+                CacheHandler::serveCache(Request::$decodedUri, intval($_ENV['CACHE_TTL']));
             }
         }
         // For wire calls, re-include the files if needed
         if (Request::$isWire && !Bootstrap::$secondRequestC69CD) {
-            if (isset(Bootstrap::$requestFilesData[Request::$uri])) {
-                foreach (Bootstrap::$requestFilesData[Request::$uri]['includedFiles'] as $file) {
+            if (isset(Bootstrap::$requestFilesData[Request::$decodedUri])) {
+                foreach (Bootstrap::$requestFilesData[Request::$decodedUri]['includedFiles'] as $file) {
                     if (file_exists($file)) {
                         ob_start();
                         require_once $file;
@@ -852,8 +853,8 @@ try {
         MainLayout::$html = TemplateCompiler::injectDynamicContent(MainLayout::$html);
         MainLayout::$html = "<!DOCTYPE html>\n" . MainLayout::$html;
-        if (isset(Bootstrap::$requestFilesData[Request::$uri]['fileName']) && $_ENV['CACHE_ENABLED'] === 'true') {
-            CacheHandler::saveCache(Request::$uri, MainLayout::$html);
+        if (isset(Bootstrap::$requestFilesData[Request::$decodedUri]['fileName']) && $_ENV['CACHE_ENABLED'] === 'true') {
+            CacheHandler::saveCache(Request::$decodedUri, MainLayout::$html);
         }
         echo MainLayout::$html;

package/dist/src/Lib/Request.php CHANGED Viewed

@@ -88,6 +88,11 @@ class Request
      */
     public static string $uri = '';
+    /**
+     * @var string $decodedUri Holds the decoded request URI.
+     */
+    public static string $decodedUri = '';
     /**
      * @var string $referer Holds the referer of the request.
      */

package/dist/src/Lib/Validator.php CHANGED Viewed

@@ -22,19 +22,25 @@ final class Validator
     /**
      * Validate and sanitize a string.
      *
-     * This function converts the input to a string, trims any leading or trailing
-     * whitespace, and converts special characters to HTML entities to prevent
-     * XSS attacks. If the input is null, an empty string is returned.
+     * This function converts the input to a string, trims any leading or trailing
+     * whitespace, and optionally converts special characters to HTML entities to
+     * prevent XSS attacks. If the input is null, an empty string is returned.
      *
      * @param mixed $value The value to validate and sanitize. This can be of any type.
-     * @return string The sanitized string. If the input is not a string or null, it is converted to its string representation before sanitization. If the input is null, an empty string is returned.
+     * @param bool $escapeHtml Whether to escape special characters as HTML entities.
+     *                         Defaults to true. Set to false when handling database
+     *                         queries or other non-HTML contexts.
+     * @return string The sanitized string. If the input is not a string or null,
+     *                it is converted to its string representation before sanitization.
+     *                If the input is null, an empty string is returned.
      */
-    public static function string($value): string
+    public static function string($value, bool $escapeHtml = true): string
     {
         // Convert the value to a string if it's not null
         $stringValue = $value !== null ? (string)$value : '';
-        // Return the HTML-escaped string
-        return htmlspecialchars(trim($stringValue), ENT_QUOTES, 'UTF-8');
+        // If escaping is enabled, apply htmlspecialchars; otherwise, just trim
+        return $escapeHtml ? htmlspecialchars(trim($stringValue), ENT_QUOTES, 'UTF-8') : trim($stringValue);
     }
     /**

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-prisma-php-app",
-  "version": "2.0.0-beta.11",
+  "version": "2.0.0-beta.13",
   "description": "Prisma-PHP: A Revolutionary Library Bridging PHP with Prisma ORM",
   "main": "dist/index.js",
   "type": "module",