public static function check(Request $request)
{
if (($formVarLen = $request->count()) == 0) {
return true;
}
foreach ($request as $key => $val) {
if (in_array($key, self::$knownFields)) {
$formVarLen--;
}
}
if ($formVarLen <= 0) {
return true;
}
if (($checksum = $request->getVar(self::CHECKSUM)) == '') {
$request->clear();
if (Cfg::get('jb_tamper_detail', false)) {
return 'Checksum Variable Missing from the request.';
} else {
self::$log->error('Checksum Variable Missing from the request: ' . $_SERVER['SCRIPT_NAME']);
return false;
}
} else {
if (!is_array($checksum)) {
$request->clear();
if (Cfg::get('jb_tamper_detail', false)) {
return 'Checksum Variable not an array.';
} else {
self::$log->error('Checksum Variable not an array: ' . $_SERVER['SCRIPT_NAME']);
return false;
}
} else {
if (count($checksum) != 2) {
$request->clear();
if (Cfg::get('jb_tamper_detail', false)) {
return 'Checksum Variable not 2 elements.';
} else {
self::$log->error('Checksum Variable not 2 elements: ' . $_SERVER['SCRIPT_NAME']);
return false;
}
} else {
if (!empty($checksum[0])) {
$keys = explode(',', $checksum[0]);
$allVariablesJoined = $checksum[0];
foreach ($keys as $key) {
$allVariablesJoined .= $request->getRaw($key);
}
} else {
$allVariablesJoined = '';
}
if (md5($allVariablesJoined) != $checksum[1]) {
$request->clear();
if (Cfg::get('jb_tamper_detail', false)) {
return 'Checksum failed md5(' . $allVariablesJoined . ')<>' . $checksum[1];
} else {
self::$log->error('The checksum has failed. The request variables have been tampered: ' . $_SERVER['SCRIPT_NAME']);
return false;
}
self::$log->error('The checksum has failed. The request variables have been tampered. ' . $_SERVER['SCRIPT_NAME']);
} else {
return true;
}
}
}
}
}
