/** * Class init * * Fetches CSRF settings and current token * * @throws SecurityException it the CSRF token validation failed * @throws FuelException if no security output filter is defined */ public static function _init() { static::$csrf_token_key = \Config::get('security.csrf_token_key', 'fuel_csrf_token'); static::$csrf_old_token = \Input::cookie(static::$csrf_token_key, false); // if csrf automatic checking is enabled, and it fails validation, bail out! if (\Config::get('security.csrf_autoload', true)) { $check_token_methods = \Config::get('security.csrf_autoload_methods', array('post', 'put', 'delete')); if (in_array(strtolower(\Input::method()), $check_token_methods) and !static::check_token()) { throw new \SecurityException('CSRF validation failed, Possible hacking attempt detected!'); } } // throw an exception if the output filter setting is missing from the app config if (\Config::get('security.output_filter', null) === null) { throw new \FuelException('There is no security.output_filter defined in your application config file'); } // deal with duplicate filters, no need to slow the framework down foreach (array('output_filter', 'uri_filter', 'input_filter') as $setting) { $config = \Config::get('security.' . $setting, array()); is_array($config) and \Config::set('security.' . $setting, \Arr::unique($config)); } }
/** * hook plugin to get multisite tables names.<br> * this will get module's tables that need to be copy while create new site.<br> * attention! you must call this method everytime when you want to access multisite tables list. * * @todo [fuelstart][multisite][plug] get module's multisite tables plug. */ public function hookGetMultisiteTables() { $plugin = new \Library\Plugins(); if ($plugin->hasFilter('SitesGetModulesMultisiteTables') !== false) { $plugin->doFilter('SitesGetModulesMultisiteTables'); if (is_array($plugin->original_data) && !empty($plugin->original_data)) { foreach ($plugin->original_data as $table) { if (!empty($table)) { if (is_array($table) && !\Arr::is_multi($table)) { $this->multisite_tables = array_merge($this->multisite_tables, $table); } elseif (is_string($table)) { $this->multisite_tables = array_merge($this->multisite_tables, [$table]); } } } unset($each_cfg); $this->multisite_tables = \Arr::unique($this->multisite_tables); } } unset($plugin); }