private function checkActionSignature() { if (count($this->getRouter()->routeInfo['bindingModels']) > 0) { if (count($this->request->getParams()) == 0) { throw new \Exception("Action expecting post/put binding model, request has 0"); } $requestParameters = $this->request->getParams(); $requestParamsKeys = array_keys($requestParameters); $csrfToken = false; if (in_array('csrf_token', $requestParamsKeys)) { $csrfToken = $requestParameters['csrf_token']; unset($requestParameters['csrf_token']); } foreach ($this->getRouter()->routeInfo['bindingModels'] as $bindingModelName) { $refClass = new \ReflectionClass($bindingModelName); $bindingModel = new $bindingModelName(null); foreach ($refClass->getProperties() as $property) { $propertyName = $property->getName(); $property->setAccessible(true); if (!$property->isDefault() && !in_array($propertyName, $requestParamsKeys)) { throw new \Exception("Binding model does not have property with name: {$propertyName}"); } if (!$property->isProtected()) { $property->setValue($bindingModel, $requestParameters[$propertyName]); } unset($requestParameters[$propertyName]); unset($requestParamsKeys[array_search($propertyName, $requestParamsKeys)]); } $this->getRouter()->routeParams[] = $bindingModel; } if (Request::needToChangeCsrf()) { if (Csrf::getCSRFToken() != $csrfToken) { throw new \Exception("Invalid token"); } } } }