Example #1
0
 public function process_livesearch()
 {
     $controlOrigin = Config::getConfig('accessControlAllowOrigin');
     header("Access-Control-Allow-Origin: {$controlOrigin}");
     header('Access-Control-Allow-Methods: *');
     header('Content-Type: application/json');
     $errors = Handler::validateInput($_POST);
     if (!empty($errors)) {
         // Required inputs are not provided
         $this->handler->formResponse('failed', 'Error: Required or invalid inputs: ' . implode(',', $errors));
     }
     // 2. A layer of security against those Bots that submit a form quickly
     if (!$this->handler->verifyBotSearched($_POST['ls_page_loaded_at'])) {
         // Searching is started sooner than the search start time offset
         $this->handler->formResponse('failed', 'Error: You are too fast, or this is a Bot. Please search now.');
     }
     // 3. Verify the token - CSRF protection
     if (!$this->handler->verifySessionValue('token', $_POST['ls_token']) || !$this->handler->verifySessionValue('anti_bot', $_POST['ls_anti_bot'])) {
         // Tokens are not matched
         $this->handler->formResponse('failed', 'Error: Please refresh the page. It seems that your session is expired.');
     }
     try {
         // 4. Start looking for the query
         $result = json_encode($this->handler->getResult($_POST['ls_query_id'], $_POST['ls_query'], (int) $_POST['ls_current_page'], (int) $_POST['ls_items_per_page']));
     } catch (\Exception $e) {
         $catchedError = $e->getMessage();
     }
     if (empty($catchedError)) {
         // 5. Return the result
         $this->handler->formResponse('success', 'Successful request', $result);
     } else {
         $this->handler->formResponse('failed', $catchedError);
     }
 }
Example #2
0
 /**
  * Calculate the timestamp difference between the time page is loaded
  * and the time searching is started for the first time in seconds
  *
  * @param  $page_loaded_at
  * @return bool
  */
 public function verifyBotSearched($page_loaded_at)
 {
     // if searching starts less than start time offset it seems it's a Bot
     return time() - $page_loaded_at < Config::getConfig('searchStartTimeOffset') ? false : true;
 }