Merge pull request php-curl-class#401 from zachborboa/master

Use sequential ids

Author: zachborboa

SECURITY.md

@@ -44,7 +44,7 @@ if (!is_website_url(http://github.com/$url)) {
 
 ```bash
 # Attacker.
-$ curl https://www.example.com/upload_photo.php --data "photo=@/etc/password"
+$ curl https://www.example.com/upload_photo.php --data "photo=@/etc/passwd"
 ```
 
 ```php

examples/multi_curl_get_load_test.php

@@ -30,7 +30,7 @@
 $limit = 1000;
 for ($i = 0; $i < $limit; $i++) {
     $url = $urls[mt_rand(0, count($urls) - 1)];
-    $instance = $multi_curl->addGet($url);
+    $multi_curl->addGet($url);
 }
 
 $multi_curl->start();

src/Curl/MultiCurl.php

@@ -11,6 +11,7 @@ class MultiCurl
     private $activeCurls = array();
     private $isStarted = false;
     private $concurrency = 25;
+    private $nextCurlId = 0;
 
     private $beforeSendFunction = null;
     private $successFunction = null;
@@ -736,6 +737,8 @@ public function __destruct()
      */
     private function queueHandle($curl)
     {
+        // Use sequential ids to allow for ordered post processing.
+        $curl->id = $this->nextCurlId++;
         $this->curls[$curl->id] = $curl;
     }
 

tests/PHPCurlClass/PHPMultiCurlClassTest.php

@@ -2420,4 +2420,25 @@ public function testAddCurl()
         $multi_curl->addCurl($curl);
         $multi_curl->start();
     }
+
+    public function testSequentialId()
+    {
+        $completed = array();
+
+        $multi_curl = new MultiCurl();
+        $multi_curl->complete(function ($instance) use (&$completed) {
+            $completed[] = $instance;
+        });
+
+        for ($i = 0; $i < 100; $i++) {
+            $multi_curl->addPost(Test::TEST_URL, $i);
+        }
+
+        $multi_curl->start();
+
+        foreach ($completed as $instance) {
+            $sequential_id = $instance->getOpt(CURLOPT_POSTFIELDS);
+            $this->assertEquals($sequential_id, $instance->id);
+        }
+    }
 }