function testDecodeDetectsTampering() { $value = array('foo' => 'bar', 'baz' => 1); $encoded = Pluf_Sign::dumps($value); $transforms = array(strtoupper($encoded), $encoded . 'a', 'a' . substr($encoded, 1), str_replace('M', '', $encoded)); $this->assertEqual($value, Pluf_Sign::loads($encoded)); foreach ($transforms as $t) { try { Pluf_Sign::loads($t); $this->fail(); } catch (Exception $e) { $this->pass(); } } }
/** * Process the response of a view. * * If the request has no cookie and the request has a pabuid, set * the cookie in the response. * * @param Pluf_HTTP_Request The request * @param Pluf_HTTP_Response The response * @return Pluf_HTTP_Response The response */ function process_response($request, $response) { if (!isset($request->COOKIE['pabuid']) and isset($request->pabuid) and $request->pabuid != 'bot') { $response->cookies['pabuid'] = $request->pabuid; } if (isset($request->pabprops) and count($request->pabprops) and $request->pabuid != 'bot') { $response->cookies['pabprops'] = Pluf_Sign::dumps($request->pabprops, null, true); } return $response; }