From 22a47785c54469d6cb8b979c3f3be607c9dc0891 Mon Sep 17 00:00:00 2001
From: Joe Huss <detain@interserver.net>
Date: Tue, 11 May 2021 17:01:31 -0400
Subject: [PATCH 1/5] Moved the post data for the php curl target into its own
 variable and utilized http_build_query() so we can work with a nicely
 formatted array instead of  that long string

---
 src/targets/php/curl.js | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/targets/php/curl.js b/src/targets/php/curl.js
index 1a7b6a8be..0c1797457 100644
--- a/src/targets/php/curl.js
+++ b/src/targets/php/curl.js
@@ -11,6 +11,7 @@
 'use strict'
 
 const util = require('util')
+const helpers = require('./helpers')
 const CodeBuilder = require('../../helpers/code-builder')
 
 module.exports = function (source, options) {
@@ -31,6 +32,16 @@ module.exports = function (source, options) {
       .blank()
   }
 
+  if (source.postData) {
+    if (source.postData.mimeType == 'application/x-www-form-urlencoded') {
+      code.push('$postData = http_build_query('+helpers.convert(source.postData.paramsObj, opts.indent)+');')
+        .blank()
+    } else {
+      code.push('$postData = "'+source.postData.text+'"')
+        .blank()
+    }
+  }
+
   code.push('$curl = curl_init();')
     .blank()
 
@@ -67,9 +78,9 @@ module.exports = function (source, options) {
     name: 'CURLOPT_CUSTOMREQUEST',
     value: source.method
   }, {
-    escape: true,
+    escape: false,
     name: 'CURLOPT_POSTFIELDS',
-    value: source.postData ? source.postData.text : undefined
+    value: source.postData ? '$postData' : undefined
   }]
 
   code.push('curl_setopt_array($curl, [')

From e1e6b158ee997c9abca5fe165113f7d18efb976e Mon Sep 17 00:00:00 2001
From: Joe Huss <detain@interserver.net>
Date: Tue, 11 May 2021 17:09:31 -0400
Subject: [PATCH 2/5] fixed missing semicolon

---
 src/targets/php/curl.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/targets/php/curl.js b/src/targets/php/curl.js
index 0c1797457..c007c2f7c 100644
--- a/src/targets/php/curl.js
+++ b/src/targets/php/curl.js
@@ -37,7 +37,7 @@ module.exports = function (source, options) {
       code.push('$postData = http_build_query('+helpers.convert(source.postData.paramsObj, opts.indent)+');')
         .blank()
     } else {
-      code.push('$postData = "'+source.postData.text+'"')
+      code.push('$postData = "'+source.postData.text+'";')
         .blank()
     }
   }

From c93a38d98041f34e2eb419b43c02ced5ceb1e807 Mon Sep 17 00:00:00 2001
From: Joe Huss <detain@interserver.net>
Date: Wed, 12 May 2021 05:00:46 -0400
Subject: [PATCH 3/5] fixed styling conformity issues

---
 src/targets/php/curl.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/targets/php/curl.js b/src/targets/php/curl.js
index c007c2f7c..4befb65be 100644
--- a/src/targets/php/curl.js
+++ b/src/targets/php/curl.js
@@ -33,11 +33,11 @@ module.exports = function (source, options) {
   }
 
   if (source.postData) {
-    if (source.postData.mimeType == 'application/x-www-form-urlencoded') {
-      code.push('$postData = http_build_query('+helpers.convert(source.postData.paramsObj, opts.indent)+');')
+    if (source.postData.mimeType === 'application/x-www-form-urlencoded') {
+      code.push('$postData = http_build_query(' + helpers.convert(source.postData.paramsObj, opts.indent) + ');')
         .blank()
     } else {
-      code.push('$postData = "'+source.postData.text+'";')
+      code.push('$postData = "' + source.postData.text + '";')
         .blank()
     }
   }

From 5ecedf6d33c427e7bdef77eb72dd6db9a3b26d16 Mon Sep 17 00:00:00 2001
From: Joe Huss <detain@interserver.net>
Date: Wed, 12 May 2021 08:00:24 -0400
Subject: [PATCH 4/5] Updated the code improving the logic so it displays
 properly in all test situations, and updated the test output fixtures with
 the expected changes so that it passes all tests.

---
 src/targets/php/curl.js                          | 16 +++++++---------
 .../output/php/curl/application-form-encoded.php |  7 ++++++-
 .../output/php/curl/application-json.php         |  4 +++-
 test/fixtures/output/php/curl/full.php           |  6 +++++-
 .../output/php/curl/jsonObj-multiline.php        |  4 +++-
 .../output/php/curl/jsonObj-null-value.php       |  4 +++-
 test/fixtures/output/php/curl/multipart-data.php |  4 +++-
 test/fixtures/output/php/curl/multipart-file.php |  4 +++-
 .../output/php/curl/multipart-form-data.php      |  4 +++-
 test/fixtures/output/php/curl/text-plain.php     |  4 +++-
 10 files changed, 39 insertions(+), 18 deletions(-)

diff --git a/src/targets/php/curl.js b/src/targets/php/curl.js
index 4befb65be..ebc98a031 100644
--- a/src/targets/php/curl.js
+++ b/src/targets/php/curl.js
@@ -32,14 +32,12 @@ module.exports = function (source, options) {
       .blank()
   }
 
-  if (source.postData) {
-    if (source.postData.mimeType === 'application/x-www-form-urlencoded') {
-      code.push('$postData = http_build_query(' + helpers.convert(source.postData.paramsObj, opts.indent) + ');')
-        .blank()
-    } else {
-      code.push('$postData = "' + source.postData.text + '";')
-        .blank()
-    }
+  if (source.postData.mimeType === 'application/x-www-form-urlencoded') {
+    code.push('$postData = http_build_query(' + helpers.convert(source.postData.paramsObj, opts.indent) + ');')
+      .blank()
+  } else if (source.postData.text) {
+    code.push('$postData = ' + JSON.stringify(source.postData.text) + ';')
+      .blank()
   }
 
   code.push('$curl = curl_init();')
@@ -80,7 +78,7 @@ module.exports = function (source, options) {
   }, {
     escape: false,
     name: 'CURLOPT_POSTFIELDS',
-    value: source.postData ? '$postData' : undefined
+    value: source.postData.text || (source.postData.mimeType === 'application/x-www-form-urlencoded' && source.postData.paramsObj) ? '$postData' : undefined
   }]
 
   code.push('curl_setopt_array($curl, [')
diff --git a/test/fixtures/output/php/curl/application-form-encoded.php b/test/fixtures/output/php/curl/application-form-encoded.php
index 0892dd3ed..f7dc7aa37 100644
--- a/test/fixtures/output/php/curl/application-form-encoded.php
+++ b/test/fixtures/output/php/curl/application-form-encoded.php
@@ -1,5 +1,10 @@
 <?php
 
+$postData = http_build_query([
+  'foo' => 'bar',
+  'hello' => 'world'
+]);
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +15,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "foo=bar&hello=world",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: application/x-www-form-urlencoded"
   ],
diff --git a/test/fixtures/output/php/curl/application-json.php b/test/fixtures/output/php/curl/application-json.php
index 8a0f0c1e4..9a4bacc6b 100644
--- a/test/fixtures/output/php/curl/application-json.php
+++ b/test/fixtures/output/php/curl/application-json.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "{\"number\":1,\"string\":\"f\\\"oo\",\"arr\":[1,2,3],\"nested\":{\"a\":\"b\"},\"arr_mix\":[1,\"a\",{\"arr_mix_nested\":{}}],\"boolean\":false}";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "{\"number\":1,\"string\":\"f\\\"oo\",\"arr\":[1,2,3],\"nested\":{\"a\":\"b\"},\"arr_mix\":[1,\"a\",{\"arr_mix_nested\":{}}],\"boolean\":false}",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: application/json"
   ],
diff --git a/test/fixtures/output/php/curl/full.php b/test/fixtures/output/php/curl/full.php
index 6f342b6dd..ba6bbb4de 100644
--- a/test/fixtures/output/php/curl/full.php
+++ b/test/fixtures/output/php/curl/full.php
@@ -1,5 +1,9 @@
 <?php
 
+$postData = http_build_query([
+  'foo' => 'bar'
+]);
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +14,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "foo=bar",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_COOKIE => "foo=bar; bar=baz",
   CURLOPT_HTTPHEADER => [
     "accept: application/json",
diff --git a/test/fixtures/output/php/curl/jsonObj-multiline.php b/test/fixtures/output/php/curl/jsonObj-multiline.php
index 19f772744..8995007ba 100644
--- a/test/fixtures/output/php/curl/jsonObj-multiline.php
+++ b/test/fixtures/output/php/curl/jsonObj-multiline.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "{\n  \"foo\": \"bar\"\n}";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "{\n  \"foo\": \"bar\"\n}",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: application/json"
   ],
diff --git a/test/fixtures/output/php/curl/jsonObj-null-value.php b/test/fixtures/output/php/curl/jsonObj-null-value.php
index 99a228991..8620b3b76 100644
--- a/test/fixtures/output/php/curl/jsonObj-null-value.php
+++ b/test/fixtures/output/php/curl/jsonObj-null-value.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "{\"foo\":null}";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "{\"foo\":null}",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: application/json"
   ],
diff --git a/test/fixtures/output/php/curl/multipart-data.php b/test/fixtures/output/php/curl/multipart-data.php
index d6ce07fe3..024c8333a 100644
--- a/test/fixtures/output/php/curl/multipart-data.php
+++ b/test/fixtures/output/php/curl/multipart-data.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"; filename=\"hello.txt\"\r\nContent-Type: text/plain\r\n\r\nHello World\r\n-----011000010111000001101001--\r\n";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"; filename=\"hello.txt\"\r\nContent-Type: text/plain\r\n\r\nHello World\r\n-----011000010111000001101001--\r\n",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: multipart/form-data; boundary=---011000010111000001101001"
   ],
diff --git a/test/fixtures/output/php/curl/multipart-file.php b/test/fixtures/output/php/curl/multipart-file.php
index e238b8edf..0eafff894 100644
--- a/test/fixtures/output/php/curl/multipart-file.php
+++ b/test/fixtures/output/php/curl/multipart-file.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"; filename=\"hello.txt\"\r\nContent-Type: text/plain\r\n\r\n\r\n-----011000010111000001101001--\r\n";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"; filename=\"hello.txt\"\r\nContent-Type: text/plain\r\n\r\n\r\n-----011000010111000001101001--\r\n",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: multipart/form-data; boundary=---011000010111000001101001"
   ],
diff --git a/test/fixtures/output/php/curl/multipart-form-data.php b/test/fixtures/output/php/curl/multipart-form-data.php
index 038aa49c9..b665dfcf4 100644
--- a/test/fixtures/output/php/curl/multipart-form-data.php
+++ b/test/fixtures/output/php/curl/multipart-form-data.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"\r\n\r\nbar\r\n-----011000010111000001101001--\r\n";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"foo\"\r\n\r\nbar\r\n-----011000010111000001101001--\r\n",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "Content-Type: multipart/form-data; boundary=---011000010111000001101001"
   ],
diff --git a/test/fixtures/output/php/curl/text-plain.php b/test/fixtures/output/php/curl/text-plain.php
index 8fbb09dff..3a8cf897a 100644
--- a/test/fixtures/output/php/curl/text-plain.php
+++ b/test/fixtures/output/php/curl/text-plain.php
@@ -1,5 +1,7 @@
 <?php
 
+$postData = "Hello World";
+
 $curl = curl_init();
 
 curl_setopt_array($curl, [
@@ -10,7 +12,7 @@
   CURLOPT_TIMEOUT => 30,
   CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
   CURLOPT_CUSTOMREQUEST => "POST",
-  CURLOPT_POSTFIELDS => "Hello World",
+  CURLOPT_POSTFIELDS => $postData,
   CURLOPT_HTTPHEADER => [
     "content-type: text/plain"
   ],

From 9bfee4b64f7c2317d6935a0e98e1445729540c2a Mon Sep 17 00:00:00 2001
From: "whitesource-bolt-for-github[bot]"
 <42819689+whitesource-bolt-for-github[bot]@users.noreply.github.com>
Date: Sat, 1 Jan 2022 22:55:43 +0000
Subject: [PATCH 5/5] Add .whitesource configuration file

---
 .whitesource | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 .whitesource

diff --git a/.whitesource b/.whitesource
new file mode 100644
index 000000000..55b922e8c
--- /dev/null
+++ b/.whitesource
@@ -0,0 +1,12 @@
+{
+  "scanSettings": {
+    "baseBranches": []
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff"
+  },
+  "issueSettings": {
+    "minSeverityLevel": "LOW"
+  }
+}
\ No newline at end of file