Added: "all" parameter.

Changed: match type name.

Author: dave83649

src/Processor.php

@@ -289,7 +289,7 @@ public function matchParameterValue($match, $value)
             return $matchValue == $value;
         }
 
-        if ($matchType == 'bigger_than' && is_scalar($value) && is_scalar($matchValue)) {
+        if ($matchType == 'more_than' && is_scalar($value) && is_scalar($matchValue)) {
             return $value > $matchValue;
         }
 
@@ -317,7 +317,7 @@ public function matchParameterValue($match, $value)
             return @stripos($value, $matchValue) !== false;
         }
 
-        if ($matchType == 'regex' && is_scalar($value)) {
+        if ($matchType == 'regex' && is_string($matchValue) && is_scalar($value)) {
             return @preg_match($matchValue, @urldecode($value)) === 1;
         }
 
@@ -368,6 +368,14 @@ public function getParameterValue($parameter, $data = [])
         }
 
         switch ($type) {
+            case 'all':
+                $data = [
+                    'post' => $_POST,
+                    'get' => $_GET,
+                    'url' => isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '',
+                    'raw' => ['raw' => $this->getParameterValue('raw')]
+                ];
+                break;
             case 'post':
                 $data = $_POST;
                 break;
@@ -479,6 +487,14 @@ public function applyMutation($mutations, $value)
             'intval' => [
                 'args' => [],
                 'type' => 'is_scalar'
+            ],
+            'urldecode' => [
+                'args' => [],
+                'type' => 'is_string'
+            ],
+            'getArrayValues' => [
+                'args' => [],
+                'type' => 'is_array'
             ]
         ];
 
@@ -498,8 +514,12 @@ public function applyMutation($mutations, $value)
                 }
 
                 // Call the function with given arguments.
-                $value = call_user_func_array($mutation, array_merge([$value], $allowed[$mutation]['args']));
-
+                if ($mutation == 'getArrayValues') {
+                    $value = $this->getArrayValues($value);
+                } else {
+                    $value = call_user_func_array($mutation, array_merge([$value], $allowed[$mutation]['args']));
+                }
+                
                 // No need to continue in these scenarios.
                 if (is_null($value) || $value === false || $value === 0) {
                     return $value;
@@ -512,6 +532,31 @@ public function applyMutation($mutations, $value)
         return $value;
     }
 
+    /**
+     * Given an array, multi-dimensional or not, extract all of its values.
+     * 
+     * @param array $data
+     * @return string
+     */
+    public function getArrayValues($data, $glue = '&')
+    {
+		$ret = '';
+
+		foreach ($data as $key => $item) {
+            if (empty($item)) {
+                continue;
+            }
+
+			if (is_array($item)) {
+				$ret .= $this->getArrayValues($item, $glue) . $glue;
+			} else {
+				$ret .= $key . '=' . $item . $glue;
+			}
+		}
+
+		return substr($ret, 0, 0 - strlen($glue));
+    }
+
     /**
      * The legacy firewall processor will only iterate over the general firewall rules.
      * Will return true if $mustExit is false and all of the rules were processed without a positive detection.

tests/data/Rules.json

@@ -50,7 +50,7 @@
     {
         "id":7,
         "title":"Block access to endpoint that should only accept an integer of less than 101.",
-        "rules":[{"parameter":"get.pid","match":{"type":"ctype_digit","value":false}},{"parameter":"get.pid","match":{"type":"bigger_than","value":100}}],
+        "rules":[{"parameter":"get.pid","match":{"type":"ctype_digit","value":false}},{"parameter":"get.pid","match":{"type":"more_than","value":100}}],
         "cat":"TEST",
         "type":"BLOCK",
         "type_params":null
@@ -102,5 +102,13 @@
         "cat":"TEST",
         "type":"BLOCK",
         "type_params":null
+    },
+    {
+        "id":14,
+        "title":"Determine if a certain value is present anywhere in the request.",
+        "rules":[{"parameter":"all","mutations":["getArrayValues"],"match":{"type":"regex","value":"\/(\\\/something\\\/)\/msi"}}],
+        "cat":"TEST",
+        "type":"BLOCK",
+        "type_params":null
     }
 ]