/**
* Add a filter to the element
*
* @param string|\Engine\Filter\FilterInterface|array
* @return \Engine\Crud\Tools\Filters
*/
public function addFilter($filter)
{
if ($filter instanceof FilterInterface) {
$parts = explode("\\", get_class($filter));
$origName = strtolower(end($parts));
$this->_filter->add($origName, $filter);
} elseif (is_array($filter)) {
$origName = strtolower($filter['filter']);
if ($class = $this->getFilterClassName($origName)) {
if (empty($filter['options'])) {
$filter = new $class();
} else {
$r = new \ReflectionClass($class);
if ($r->hasMethod('__construct')) {
$filter = $r->newInstanceArgs((array) $filter['options']);
} else {
$filter = $r->newInstance();
}
}
$this->_filter->add($origName, $filter);
}
} elseif (is_string($filter)) {
$origName = strtolower($filter);
if ($class = $this->getFilterClassName($origName)) {
$filter = new $class();
$this->_filter->add($origName, $filter);
}
} else {
throw new \Engine\Exception("Invalid filter passed to addFilter");
}
$this->_sanitize[] = $origName;
return $this;
}
/**
* Vote action (Vote a post action)
*
* @throws \Modules\Core\Exceptions\HTTPException
* @return int Votes after the vote
*/
public function vote()
{
//Check if user is authorized
\Modules\Core\Library\Authorize::isAuthorized();
$post = new Posts();
$vote = new Votes();
$filter = new Filter();
$filter->add('vote', function ($value) {
if ($value > 0) {
return 1;
}
if ($value < 0) {
return -1;
}
return 0;
});
$params = array('id' => $this->getDI()->get('requestBody')->id, 'uid' => \Modules\Core\Library\Authorize::getUid(), 'vote' => $filter->sanitize((int) $this->getDI()->get('requestBody')->vote, 'vote'));
$userVote = Votes::find("id = 0x" . $params['id'] . " AND uid = 0x" . $params['uid']);
$oldVote = 0;
if (isset($userVote->getFirst()->vote)) {
$oldVote = $userVote->getFirst()->vote;
}
if ((int) $oldVote == (int) $params['vote']) {
$params['vote'] = 0;
}
$vote->save($params);
return $post->getVotes($this->getDI()->get('requestBody')->id);
}
/**
* @param Filter $filter
*/
public static function install($filter)
{
foreach (get_class_methods(get_called_class()) as $method) {
if ($method != __METHOD__) {
$filter->add(Text::uncamelize($method), function ($value) use($method) {
return call_user_func([get_called_class(), $method], $value);
});
}
}
}
/**
* query suricata alerts
* @return array
*/
public function queryAlertsAction()
{
if ($this->request->isPost()) {
$this->sessionClose();
// create filter to sanitize input data
$filter = new Filter();
$filter->add('query', new QueryFilter());
// fetch query parameters
$itemsPerPage = $this->request->getPost('rowCount', 'int', 9999);
$currentPage = $this->request->getPost('current', 'int', 1);
if ($this->request->getPost('searchPhrase', 'string', '') != "") {
$filterTag = $filter->sanitize($this->request->getPost('searchPhrase'), "query");
$searchPhrase = 'alert,src_ip/"*' . $filterTag . '*"';
} else {
$searchPhrase = '';
}
if ($this->request->getPost('fileid', 'string', '') != "") {
$fileid = $this->request->getPost('fileid', 'int', -1);
} else {
$fileid = null;
}
$backend = new Backend();
$response = $backend->configdpRun("ids query alerts", array($itemsPerPage, ($currentPage - 1) * $itemsPerPage, $searchPhrase, $fileid));
$result = json_decode($response, true);
if ($result != null) {
$result['rowCount'] = count($result['rows']);
$result['total'] = $result['total_rows'];
$result['current'] = (int) $currentPage;
return $result;
}
}
return array();
}
/**
* search installed ids rules
* @return array
*/
public function searchInstalledRulesAction()
{
if ($this->request->isPost()) {
$this->sessionClose();
// create filter to sanitize input data
$filter = new Filter();
$filter->add('query', new QueryFilter());
// fetch query parameters
$itemsPerPage = $this->request->getPost('rowCount', 'int', 9999);
$currentPage = $this->request->getPost('current', 'int', 1);
if ($this->request->hasPost('sort') && is_array($this->request->getPost("sort"))) {
$sortStr = '';
$sortBy = array_keys($this->request->getPost("sort"));
if ($this->request->getPost("sort")[$sortBy[0]] == "desc") {
$sortOrd = 'desc';
} else {
$sortOrd = 'asc';
}
foreach ($sortBy as $sortKey) {
if ($sortStr != '') {
$sortStr .= ',';
}
$sortStr .= $filter->sanitize($sortKey, "query") . ' ' . $sortOrd . ' ';
}
} else {
$sortStr = 'sid';
}
if ($this->request->getPost('searchPhrase', 'string', '') != "") {
$searchTag = $filter->sanitize($this->request->getPost('searchPhrase'), "query");
$searchPhrase = 'msg,source,sid/"*' . $searchTag . '"';
} else {
$searchPhrase = '';
}
// add filter for classtype
if ($this->request->getPost("classtype", "string", '') != "") {
$searchTag = $filter->sanitize($this->request->getPost('classtype'), "query");
$searchPhrase .= " classtype/" . $searchTag . ' ';
}
// request list of installed rules
$backend = new Backend();
$response = $backend->configdpRun("ids query rules", array($itemsPerPage, ($currentPage - 1) * $itemsPerPage, $searchPhrase, $sortStr));
$data = json_decode($response, true);
if ($data != null && array_key_exists("rows", $data)) {
$result = array();
$result['rows'] = $data['rows'];
// update rule status with own administration
foreach ($result['rows'] as &$row) {
$row['enabled_default'] = $row['enabled'];
$row['enabled'] = $this->getModel()->getRuleStatus($row['sid'], $row['enabled']);
}
$result['rowCount'] = count($result['rows']);
$result['total'] = $data['total_rows'];
$result['parameters'] = $data['parameters'];
$result['current'] = (int) $currentPage;
return $result;
} else {
return array();
}
} else {
return array();
}
}
public function add($name, $handler)
{
return parent::add($name, $handler);
}
<?php
use Phalcon\Filter;
$filter = new Filter();
/*
* Users Filters
*/
$filter->add('login', function ($value) {
return preg_replace('/[^0-9a-fA-Z]/', '', $value);
});
// 8 chars min, any type, any order
$filter->add('pwd', function ($value) {
return preg_replace('/([a-zA-Z0-9.*!?_-]){8,}\\w+/', '', $value);
});
$filter->add('email', function ($value) {
return preg_replace('/[^0-9a-f]/', '', $value);
});
$filter->add('phone', function ($value) {
return preg_replace('/[^0-9a-f]/', '', $value);
});
$filter->add('team', function ($value) {
return preg_replace('/[^0-9a-f]/', '', $value);
});
/**
* Tests a custom filter Lambda
*
* @author Nikos Dimopoulos <*****@*****.**>
* @since 2012-11-30
*/
public function testSanitizeCustomLambdaFalseTrue()
{
$filter = new PhFilter();
$filter->add('md5', function ($value) {
$filtered = preg_replace('/[^0-9a-f]/', '', $value);
return strlen($filtered) != 32 ? false : $value;
});
$expected = md5('why?');
$actual = $filter->sanitize(md5('why?'), 'md5');
$this->assertEquals($expected, $actual, 'Lambda Custom filter is not correct True');
}
$di->setShared('security', function () {
return new Security();
});
$di->setShared('cookies', function () {
$cookies = new Cookies();
$cookies->useEncryption(false);
return $cookies;
});
$di->setShared('activation', function () {
return new ActivationComponent();
});
$di->setShared('filter', function () {
$filter = new Filter();
$filter->add('hash', function ($value) {
var_dump(password_hash($value, PASSWORD_BCRYPT));
die;
return password_hash($value, PASSWORD_BCRYPT);
});
return $filter;
});
$di->setShared('translate', function () use($di) {
$cookies = $di->get('cookies');
$language = $cookies->has('language') ? $cookies->get('language') : 'en';
$file = APP_DIR . '/messages/' . $language . '.php';
//Check if we have a translation file for that lang
if (file_exists($file)) {
require_once $file;
} else {
// fallback to some default
require_once APP_DIR . '/messages/en.php';
}
