/**
* Class init
*
* Fetches CSRF settings and current token
*
* @throws SecurityException it the CSRF token validation failed
* @throws FuelException if no security output filter is defined
*/
public static function _init()
{
static::$csrf_token_key = \Config::get('security.csrf_token_key', 'fuel_csrf_token');
static::$csrf_old_token = \Input::cookie(static::$csrf_token_key, false);
// if csrf automatic checking is enabled, and it fails validation, bail out!
if (\Config::get('security.csrf_autoload', true)) {
$check_token_methods = \Config::get('security.csrf_autoload_methods', array('post', 'put', 'delete'));
if (in_array(strtolower(\Input::method()), $check_token_methods) and !static::check_token()) {
throw new \SecurityException('CSRF validation failed, Possible hacking attempt detected!');
}
}
// throw an exception if the output filter setting is missing from the app config
if (\Config::get('security.output_filter', null) === null) {
throw new \FuelException('There is no security.output_filter defined in your application config file');
}
// deal with duplicate filters, no need to slow the framework down
foreach (array('output_filter', 'uri_filter', 'input_filter') as $setting) {
$config = \Config::get('security.' . $setting, array());
is_array($config) and \Config::set('security.' . $setting, \Arr::unique($config));
}
}
/**
* hook plugin to get multisite tables names.<br>
* this will get module's tables that need to be copy while create new site.<br>
* attention! you must call this method everytime when you want to access multisite tables list.
*
* @todo [fuelstart][multisite][plug] get module's multisite tables plug.
*/
public function hookGetMultisiteTables()
{
$plugin = new \Library\Plugins();
if ($plugin->hasFilter('SitesGetModulesMultisiteTables') !== false) {
$plugin->doFilter('SitesGetModulesMultisiteTables');
if (is_array($plugin->original_data) && !empty($plugin->original_data)) {
foreach ($plugin->original_data as $table) {
if (!empty($table)) {
if (is_array($table) && !\Arr::is_multi($table)) {
$this->multisite_tables = array_merge($this->multisite_tables, $table);
} elseif (is_string($table)) {
$this->multisite_tables = array_merge($this->multisite_tables, [$table]);
}
}
}
unset($each_cfg);
$this->multisite_tables = \Arr::unique($this->multisite_tables);
}
}
unset($plugin);
}
