3 files changed, 43 insertions, 6 deletions

diff --git a/_test/tests/inc/input.test.php b/_test/tests/inc/input.test.php
index 59b5ea4b9..cec0b80f6 100644
--- a/_test/tests/inc/input.test.php
+++ b/_test/tests/inc/input.test.php
@@ -214,6 +214,25 @@ class input_test extends DokuWikiTest {
         $this->assertEquals('bla',$test);
     }
 
+    public function test_valid(){
+        $_REQUEST = $this->data;
+        $_POST    = $this->data;
+        $_GET     = $this->data;
+        $INPUT    = new Input();
+
+        $valids = array(17, 'foo');
+        $this->assertSame(null, $INPUT->valid('nope', $valids));
+        $this->assertSame('bang', $INPUT->valid('nope', $valids, 'bang'));
+        $this->assertSame(17, $INPUT->valid('int', $valids));
+        $this->assertSame('foo', $INPUT->valid('string', $valids));
+        $this->assertSame(null, $INPUT->valid('array', $valids));
+
+        $valids = array(true);
+        $this->assertSame(true, $INPUT->valid('string', $valids));
+        $this->assertSame(true, $INPUT->valid('one', $valids));
+        $this->assertSame(null, $INPUT->valid('zero', $valids));
+    }
+
     public function test_extract(){
         $_REQUEST = $this->data;
         $_POST    = $this->data;
diff --git a/feed.php b/feed.php
index c1a5f4503..40f9af659 100644
--- a/feed.php
+++ b/feed.php
@@ -141,12 +141,10 @@ function rss_parseOptions() {
 
     $opt['guardmail'] = ($conf['mailguard'] != '' && $conf['mailguard'] != 'none');
 
-    $type = valid_input_set(
-        'type', array(
-                     'rss', 'rss2', 'atom', 'atom1', 'rss1',
-                     'default' => $conf['rss_type']
-                ),
-        $_REQUEST
+    $type = $INPUT->valid(
+        'type',
+        array( 'rss', 'rss2', 'atom', 'atom1', 'rss1'),
+        $conf['rss_type']
     );
     switch($type) {
         case 'rss':
diff --git a/inc/Input.class.php b/inc/Input.class.php
index de8bf5b97..e7eef1c29 100644
--- a/inc/Input.class.php
+++ b/inc/Input.class.php
@@ -144,6 +144,26 @@ class Input {
     }
 
     /**
+     * Access a request parameter and make sure it is has a valid value
+     *
+     * Please note that comparisons to the valid values are not done typesafe (request vars
+     * are always strings) however the function will return the correct type from the $valids
+     * array when an match was found.
+     *
+     * @param string $name    Parameter name
+     * @param array  $valids  Array of valid values
+     * @param mixed  $default Default to return if parameter isn't set or not valid
+     * @return null|mixed
+     */
+    public function valid($name, $valids, $default = null) {
+        if(!isset($this->access[$name])) return $default;
+        if(is_array($this->access[$name])) return $default; // we don't allow arrays
+        $found = array_search($this->access[$name], $valids);
+        if($found !== false) return $valids[$found]; // return the valid value for type safety
+        return $default;
+    }
+
+    /**
      * Access a request parameter as bool
      *
      * Note: $nonempty is here for interface consistency and makes not much sense for booleans