public static function render()
 {
     self::$attributes['class'] = implode(' ', self::$classes);
     $attributesString = "";
     foreach (self::$attributes as $attribute => $value) {
         $attributesString .= " {$attribute} = " . "\"{$value}\"";
     }
     $result = "<form" . $attributesString . ">";
     foreach (self::$elements as $element) {
         $result .= "<{$element->elementName}";
         $attributesString = "";
         foreach ($element->attributes as $attribute => $value) {
             if ($attribute != 'value' && $element->innerValue === false) {
                 $attributesString .= " {$attribute} = " . "\"{$value}\"";
             }
         }
         $result .= $attributesString . ">";
         if ($element->innerValue === true) {
             $result .= isset($element->attributes['value']) ? $element->attributes['value'] : "";
             $result .= "</{$element->elementName}>";
         }
     }
     $result .= '<input type="hidden" name="csrf_token" value="' . Csrf::getCSRFToken() . '" />';
     $result .= "</form>";
     return $result;
 }
Ejemplo n.º 2
0
 public function run()
 {
     error_reporting(E_ALL);
     Session::start();
     $this->initRouteService();
     $this->registerDatabaseConfiguration();
     if (Csrf::getCSRFToken() == null) {
         Csrf::setCSRFToken();
     }
     $this->loadRoles();
     //        RouteScanner::performScan();
     $this->frontController = new FrontController(new Router());
     $this->frontController->dispatch();
 }
Ejemplo n.º 3
0
<div class="col-sm-9 padding-right">
    <div class="features_items"><!--features_items-->
        <h2 class="title text-center">Features Items</h2>
        <?php 
if (\DF\Services\RoleService::isAdministrator() || \DF\Services\RoleService::isEditor()) {
    ?>
        <form action="<?php 
    echo \DF\Services\RouteService::getUrl('products', '');
    ?>
" method="POST">
            <input type="text" name="productName" placeholder="name">
            <input type="text" name="productPrice" placeholder="price">
            <input type="text" name="categoryId" placeholder="category id">
            <input type="text" name="quantity" placeholder="quantity">
            <input type="hidden" name="csrf_token" value="<?php 
    echo \DF\Helpers\Csrf::getCSRFToken();
    ?>
">
            <input type="submit" value="Add Product">
        </form>
        <?php 
}
?>
        <?php 
foreach ($model->products as $product) {
    ?>
        <div class="col-sm-4">
            <div class="product-image-wrapper">
                <div class="single-products">
                    <div class="productinfo text-center">
                        <img src="images/home/product1.jpg" alt="" />
 private function checkActionSignature()
 {
     if (count($this->getRouter()->routeInfo['bindingModels']) > 0) {
         if (count($this->request->getParams()) == 0) {
             throw new \Exception("Action expecting post/put binding model, request has 0");
         }
         $requestParameters = $this->request->getParams();
         $requestParamsKeys = array_keys($requestParameters);
         $csrfToken = false;
         if (in_array('csrf_token', $requestParamsKeys)) {
             $csrfToken = $requestParameters['csrf_token'];
             unset($requestParameters['csrf_token']);
         }
         foreach ($this->getRouter()->routeInfo['bindingModels'] as $bindingModelName) {
             $refClass = new \ReflectionClass($bindingModelName);
             $bindingModel = new $bindingModelName(null);
             foreach ($refClass->getProperties() as $property) {
                 $propertyName = $property->getName();
                 $property->setAccessible(true);
                 if (!$property->isDefault() && !in_array($propertyName, $requestParamsKeys)) {
                     throw new \Exception("Binding model does not have property with name: {$propertyName}");
                 }
                 if (!$property->isProtected()) {
                     $property->setValue($bindingModel, $requestParameters[$propertyName]);
                 }
                 unset($requestParameters[$propertyName]);
                 unset($requestParamsKeys[array_search($propertyName, $requestParamsKeys)]);
             }
             $this->getRouter()->routeParams[] = $bindingModel;
         }
         if (Request::needToChangeCsrf()) {
             if (Csrf::getCSRFToken() != $csrfToken) {
                 throw new \Exception("Invalid token");
             }
         }
     }
 }