function FormHandler($tablename = null, $instance_name = null, $action = null, $tablename_count = null) { Console::log('Construct FormHandler'); Console::logMemory($this, 'FormHandler Class : Line ' . __LINE__); Console::logSpeed('FormHandler Class : Line ' . __LINE__); self::$Instance = $this; $this->FG_TABLE_NAME = $tablename; $this->FG_INSTANCE_NAME = $instance_name; $this->FG_TABLE_NAME_COUNT = $tablename_count; if ($this->FG_DEBUG) { echo "" . $this->Host . ""; } $this->set_regular_expression(); $this->_action = $action ? $action : $_SERVER['PHP_SELF']; $this->_vars = array_merge((array) $_GET, (array) $_POST); $this->def_list(); //initializing variables with gettext $this->CV_NO_FIELDS = gettext("No data found!"); $this->CV_TEXT_TITLE_ABOVE_TABLE = gettext("DIRECTORY"); $this->CV_TITLE_TEXT = $instance_name . ' ' . gettext("list"); $this->FG_FILTER_SEARCH_TOP_TEXT = gettext("Define criteria to make a precise search"); $this->FG_INTRO_TEXT = gettext("You can browse through our") . " #FG_INSTANCE_NAME# " . gettext("and modify their different properties") . '<br>'; $this->FG_DELETE_ALT = gettext("Delete this record"); $this->FG_EDIT_ALT = gettext("Edit this record"); $this->FG_ADITION_GO_EDITION_MESSAGE = gettext("The document has been created correctly. Now, you can define the different tariff that you want to associate."); $this->FG_INTRO_TEXT_EDITION = gettext("You can modify, through the following form, the different properties of your") . " #FG_INSTANCE_NAME#" . '<br>'; $this->FG_INTRO_TEXT_ASK_DELETION = gettext("If you really want remove this") . " #FG_INSTANCE_NAME#, " . gettext("Click on the delete button."); $this->FG_INTRO_TEXT_DELETION = gettext("One") . " #FG_INSTANCE_NAME# " . gettext("has been deleted!"); $this->FG_INTRO_TEXT_ADD = gettext("you can add easily a new") . " #FG_INSTANCE_NAME#.<br>" . gettext("Fill the following fields and confirm by clicking on the button add."); $this->FG_INTRO_TEXT_ADITION = gettext("Add a") . " \"#FG_INSTANCE_NAME#\" " . gettext("now."); $this->FG_TEXT_ADITION_CONFIRMATION = gettext("Your new") . " #FG_INSTANCE_NAME# " . gettext("has been inserted." . '<br>'); $this->FG_TEXT_ADITION_ERROR = '<font color="Red">' . gettext("Your new") . " #FG_INSTANCE_NAME# " . gettext("hasn't been inserted.") . '<br>' . "</font>"; $this->FG_TEXT_ERROR_DUPLICATION = gettext("You cannot choose more than one !"); $this->FG_FK_DELETE_MESSAGE = gettext("Are you sure to delete all records connected to this instance."); $this->FG_EDIT_PAGE_CONFIRM_BUTTON = gettext("CONFIRM DATA"); $this->FG_DELETE_PAGE_CONFIRM_BUTTON = gettext('DELETE'); $this->FG_ADD_PAGE_CONFIRM_BUTTON = gettext('CONFIRM DATA'); if ($this->FG_ENABLE_LOG == 1) { $this->logger = new Logger(); } }
function FormHandler($tablename = null, $instance_name = null, $action = null, $tablename_count = null) { Console::log('Construct FormHandler'); Console::logMemory($this, 'FormHandler Class : Line ' . __LINE__); Console::logSpeed('FormHandler Class : Line ' . __LINE__); self::$Instance = $this; $this->FG_TABLE_NAME = $tablename; $this->FG_INSTANCE_NAME = $instance_name; $this->FG_TABLE_NAME_COUNT = $tablename_count; if ($this->FG_DEBUG) { echo "" . $this->Host . ""; } $this->set_regular_expression(); $this->_action = $action ? $action : filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_URL); // If anti CSRF protection is enabled if ($this->FG_CSRF_STATUS == true) { // Initializing anti csrf token (Generate a key, concat it with salt and hash it) $this->FG_CSRF_TOKEN_KEY = $this->genCsrfTokenKey(); $this->FG_CSRF_TOKEN = $this->FG_CSRF_TOKEN_SALT . $this->FG_CSRF_TOKEN_KEY; $this->FG_CSRF_TOKEN = hash('SHA256', $this->FG_CSRF_TOKEN); $this->FG_FORM_UNIQID = uniqid(); // print $this -> FG_FORM_UNIQID; // echo "<br/>------_POST-------<br/>"; // print_r($_POST); // echo "<br/>-------_SESSION------<br/>"; // print_r($_SESSION); $this->FG_FORM_RECEIVED_UNIQID = $_POST[$this->FG_FORM_UNIQID_FIELD]; $this->FG_FORM_RECEIVED_TOKEN = $_POST[$this->FG_CSRF_FIELD]; $this->FG_CSRF_RECEIVED_TOKEN = $_SESSION['CSRF_TOKEN'][$this->FG_FORM_RECEIVED_UNIQID]; $_SESSION['CSRF_TOKEN'][$this->FG_FORM_UNIQID] = $this->FG_CSRF_TOKEN; // echo "<br/>------_SESSION::-------<br/>"; // print_r($_SESSION); if ($this->FG_DEBUG) { echo 'FG_FORM_UNIQID : ' . $this->FG_FORM_UNIQID . '<br />'; echo 'CSRF NEW TOKEN : ' . $this->FG_CSRF_TOKEN . '<br />'; echo 'CSRF RECEIVED TOKEN : ' . $this->FG_CSRF_RECEIVED_TOKEN . '<br />'; } if (!empty($_POST)) { // Check CSRF if (!$this->FG_CSRF_RECEIVED_TOKEN or $this->FG_CSRF_RECEIVED_TOKEN != $this->FG_FORM_RECEIVED_TOKEN) { echo "CSRF Error!"; exit; } else { //Remove key from the session // echo "Remove key from the session"; unset($_SESSION['CSRF_TOKEN'][$this->FG_FORM_RECEIVED_UNIQID]); } } } $this->_vars = array_merge((array) $_GET, (array) $_POST); $this->def_list(); //initializing variables with gettext $this->CV_NO_FIELDS = gettext("No data found!"); $this->CV_TEXT_TITLE_ABOVE_TABLE = gettext("DIRECTORY"); $this->CV_TITLE_TEXT = $instance_name . ' ' . gettext("list"); $this->FG_FILTER_SEARCH_TOP_TEXT = gettext("Define criteria to make a precise search"); $this->FG_INTRO_TEXT = gettext("You can browse through our") . " #FG_INSTANCE_NAME# " . gettext("and modify their different properties") . '<br>'; $this->FG_DELETE_ALT = gettext("Delete this record"); $this->FG_EDIT_ALT = gettext("Edit this record"); $this->FG_ADITION_GO_EDITION_MESSAGE = gettext("The document has been created correctly. Now, you can define the different tariff that you want to associate."); $this->FG_INTRO_TEXT_EDITION = gettext("You can modify, through the following form, the different properties of your") . " #FG_INSTANCE_NAME#" . '<br>'; $this->FG_INTRO_TEXT_ASK_DELETION = gettext("If you really want remove this") . " #FG_INSTANCE_NAME#, " . gettext("Click on the delete button."); $this->FG_INTRO_TEXT_DELETION = gettext("One") . " #FG_INSTANCE_NAME# " . gettext("has been deleted!"); $this->FG_INTRO_TEXT_ADD = gettext("you can add easily a new") . " #FG_INSTANCE_NAME#.<br>" . gettext("Fill the following fields and confirm by clicking on the button add."); $this->FG_INTRO_TEXT_ADITION = gettext("Add a") . " \"#FG_INSTANCE_NAME#\" " . gettext("now."); $this->FG_TEXT_ADITION_CONFIRMATION = gettext("Your new") . " #FG_INSTANCE_NAME# " . gettext("has been inserted." . '<br>'); $this->FG_TEXT_ADITION_ERROR = '<font color="Red">' . gettext("Your new") . " #FG_INSTANCE_NAME# " . gettext("hasn't been inserted.") . '<br>' . "</font>"; $this->FG_TEXT_ERROR_DUPLICATION = gettext("You cannot choose more than one !"); $this->FG_FK_DELETE_MESSAGE = gettext("Are you sure to delete all records connected to this instance."); $this->FG_EDIT_PAGE_CONFIRM_BUTTON = gettext("CONFIRM DATA"); $this->FG_DELETE_PAGE_CONFIRM_BUTTON = gettext('DELETE'); $this->FG_ADD_PAGE_CONFIRM_BUTTON = gettext('CONFIRM DATA'); if ($this->FG_ENABLE_LOG == 1) { $this->logger = new Logger(); } }