Only allow scalars and null as parameter values

Arrays, objects and resources can't be set via configuration files.
This prevents gateway developers to require setting objects (like XML parsers) as parameters

Author: aimeos

src/Omnipay/Common/AbstractGateway.php

@@ -9,6 +9,7 @@
 use Guzzle\Http\Client as HttpClient;
 use Symfony\Component\HttpFoundation\ParameterBag;
 use Symfony\Component\HttpFoundation\Request as HttpRequest;
+use Omnipay\Common\Exception\RuntimeException;
 
 /**
  * Base payment gateway class
@@ -138,6 +139,10 @@ public function getParameter($key)
      */
     public function setParameter($key, $value)
     {
+        if($value !== null && !is_scalar($value)) {
+            throw new RuntimeException('Only scalar values are allowed for parameters');
+        }
+
         $this->parameters->set($key, $value);
 
         return $this;

src/Omnipay/Common/Message/AbstractRequest.php

@@ -170,6 +170,10 @@ protected function setParameter($key, $value)
             throw new RuntimeException('Request cannot be modified after it has been sent!');
         }
 
+        if($value !== null && !is_scalar($value)) {
+            throw new RuntimeException('Only scalar values are allowed for parameters');
+        }
+
         $this->parameters->set($key, $value);
 
         return $this;
@@ -243,7 +247,13 @@ public function setCard($value)
             $value = new CreditCard($value);
         }
 
-        return $this->setParameter('card', $value);
+        if (null !== $this->response) {
+            throw new RuntimeException('Request cannot be modified after it has been sent!');
+        }
+
+        $this->parameters->set('card', $value);
+
+        return $this;
     }
 
     /**
@@ -528,7 +538,13 @@ public function setItems($items)
             $items = new ItemBag($items);
         }
 
-        return $this->setParameter('items', $items);
+        if (null !== $this->response) {
+            throw new RuntimeException('Request cannot be modified after it has been sent!');
+        }
+
+        $this->parameters->set('items', $items);
+
+        return $this;
     }
 
     /**

tests/Omnipay/Common/Message/AbstractRequestTest.php

@@ -78,6 +78,15 @@ public function testSetCardWithArray()
         $this->assertSame('1234', $card->getNumber());
     }
 
+    public function testSetCardAfterRequestSent()
+    {
+        $this->request = new AbstractRequestTest_MockAbstractRequest($this->getHttpClient(), $this->getHttpRequest());
+        $this->request->send();
+
+        $this->setExpectedException('\Omnipay\Common\Exception\RuntimeException');
+        $this->request->setCard(array('number' => '1234'));
+    }
+
     public function testToken()
     {
         $this->assertSame($this->request, $this->request->setToken('12345'));
@@ -340,6 +349,18 @@ public function testItemsBag()
         $this->assertSame($itemBag, $this->request->getItems());
     }
 
+    public function testSetItemsBagAfterRequestSent()
+    {
+        $this->request = new AbstractRequestTest_MockAbstractRequest($this->getHttpClient(), $this->getHttpRequest());
+        $this->request->send();
+
+        $itemBag = new ItemBag;
+        $itemBag->add(array('name' => 'Floppy Disk'));
+
+        $this->setExpectedException('\Omnipay\Common\Exception\RuntimeException');
+        $this->request->setItems($itemBag);
+    }
+
     public function testClientIp()
     {
         $this->assertSame($this->request, $this->request->setClientIp('127.0.0.1'));
@@ -397,6 +418,12 @@ public function testGetParameters()
         $this->assertEquals($expected, $this->request->getParameters());
     }
 
+    public function testSetParameterObject()
+    {
+        $this->setExpectedException('\Omnipay\Common\Exception\RuntimeException');
+        $this->request->setParameter('test', new \stdClass());
+    }
+
     /**
      * @expectedException \Omnipay\Common\Exception\RuntimeException
      * @expectedExceptionMessage Request cannot be modified after it has been sent!