public static function render()
{
self::$attributes['class'] = implode(' ', self::$classes);
$attributesString = "";
foreach (self::$attributes as $attribute => $value) {
$attributesString .= " {$attribute} = " . "\"{$value}\"";
}
$result = "<form" . $attributesString . ">";
foreach (self::$elements as $element) {
$result .= "<{$element->elementName}";
$attributesString = "";
foreach ($element->attributes as $attribute => $value) {
if ($attribute != 'value' && $element->innerValue === false) {
$attributesString .= " {$attribute} = " . "\"{$value}\"";
}
}
$result .= $attributesString . ">";
if ($element->innerValue === true) {
$result .= isset($element->attributes['value']) ? $element->attributes['value'] : "";
$result .= "</{$element->elementName}>";
}
}
$result .= '<input type="hidden" name="csrf_token" value="' . Csrf::getCSRFToken() . '" />';
$result .= "</form>";
return $result;
}
public function run()
{
error_reporting(E_ALL);
Session::start();
$this->initRouteService();
$this->registerDatabaseConfiguration();
if (Csrf::getCSRFToken() == null) {
Csrf::setCSRFToken();
}
$this->loadRoles();
// RouteScanner::performScan();
$this->frontController = new FrontController(new Router());
$this->frontController->dispatch();
}
<div class="col-sm-9 padding-right">
<div class="features_items"><!--features_items-->
<h2 class="title text-center">Features Items</h2>
<?php
if (\DF\Services\RoleService::isAdministrator() || \DF\Services\RoleService::isEditor()) {
?>
<form action="<?php
echo \DF\Services\RouteService::getUrl('products', '');
?>
" method="POST">
<input type="text" name="productName" placeholder="name">
<input type="text" name="productPrice" placeholder="price">
<input type="text" name="categoryId" placeholder="category id">
<input type="text" name="quantity" placeholder="quantity">
<input type="hidden" name="csrf_token" value="<?php
echo \DF\Helpers\Csrf::getCSRFToken();
?>
">
<input type="submit" value="Add Product">
</form>
<?php
}
?>
<?php
foreach ($model->products as $product) {
?>
<div class="col-sm-4">
<div class="product-image-wrapper">
<div class="single-products">
<div class="productinfo text-center">
<img src="images/home/product1.jpg" alt="" />
private function checkActionSignature()
{
if (count($this->getRouter()->routeInfo['bindingModels']) > 0) {
if (count($this->request->getParams()) == 0) {
throw new \Exception("Action expecting post/put binding model, request has 0");
}
$requestParameters = $this->request->getParams();
$requestParamsKeys = array_keys($requestParameters);
$csrfToken = false;
if (in_array('csrf_token', $requestParamsKeys)) {
$csrfToken = $requestParameters['csrf_token'];
unset($requestParameters['csrf_token']);
}
foreach ($this->getRouter()->routeInfo['bindingModels'] as $bindingModelName) {
$refClass = new \ReflectionClass($bindingModelName);
$bindingModel = new $bindingModelName(null);
foreach ($refClass->getProperties() as $property) {
$propertyName = $property->getName();
$property->setAccessible(true);
if (!$property->isDefault() && !in_array($propertyName, $requestParamsKeys)) {
throw new \Exception("Binding model does not have property with name: {$propertyName}");
}
if (!$property->isProtected()) {
$property->setValue($bindingModel, $requestParameters[$propertyName]);
}
unset($requestParameters[$propertyName]);
unset($requestParamsKeys[array_search($propertyName, $requestParamsKeys)]);
}
$this->getRouter()->routeParams[] = $bindingModel;
}
if (Request::needToChangeCsrf()) {
if (Csrf::getCSRFToken() != $csrfToken) {
throw new \Exception("Invalid token");
}
}
}
}
