Beispiel #1
0
 /**
  * @return void
  */
 public function filterInput()
 {
     $encrypt_cookie_list = $this->security_config->get('encrypt_cookie_list');
     foreach ($this->cookie_input as $name => $value) {
         if (in_array($name, $encrypt_cookie_list)) {
             $this->cookie_input->{$name} = $this->simple_encrypt->decrypt($value);
         }
     }
 }
Beispiel #2
0
 /**
  * @return void
  */
 public function filterInput()
 {
     $encrypt_prefix = $this->security_config->get('encrypt_form_name_with_prefix');
     foreach ($this->post_input as $name => $value) {
         if ($encrypt_prefix and mb_stripos($name, $encrypt_prefix) === 0) {
             $decrypted_name = $this->simple_encrypt->decrypt(str_replace($encrypt_prefix, '', $name));
             $this->post_input->{$decrypted_name} = $value;
         }
     }
 }
Beispiel #3
0
 /**
  * @return void
  */
 public function filterInput()
 {
     if (!in_array($this->request_info->REQUEST_METHOD, ['POST', 'PUT', 'DELETE', 'PATCH'])) {
         return;
     }
     $csrf_form_name = $this->security_config->get('csrf_form_name');
     $csrf_cookie_name = $this->security_config->get('csrf_cookie_name');
     if (!($form_token = $this->post_input->{$csrf_form_name})) {
         trigger_error('Csrf form token lost!!!');
         return;
     }
     if (!($cookie_token = $this->cookie_input->{$csrf_cookie_name})) {
         trigger_error('Csrf cookie token lost!!!');
         return;
     }
     if ($this->simple_encrypt->decrypt($form_token) !== $cookie_token) {
         trigger_error('Cross site request forgery found!!!');
     }
 }