/** * check if passed string is secured compatible operations in `GetSecureString()` function * @param \zinux\kernel\security\type $target_string * @param array $based_upon * @param string $for_uri Explicitly define the uri that request has come from(default: @$_SERVER['HTTP_REFERER']) * @param type $has_expire_date */ public static function __validate_request(array $target_array, array $based_upon = array(), $has_expire_date = 0) { # generating security fields name $tn = "__s_" . substr(sha1('t'), 0, 5); $hn = "__s_" . substr(sha1('h'), 0, 5); $en = "__s_" . substr(sha1('e'), 0, 5); $rn = "__s_" . substr(sha1('r'), 0, 5); # assertion array for security checking $asserts = array(); # final $based_upon array for asserting $target_array $isSecure_based_upon = array($tn, $hn, $rn); # essential component of secure Array self::IsSecure($target_array, $isSecure_based_upon); # add time value of array to $based_upon[] required for hash $based_upon[] = $target_array[$tn]; $based_upon[] = @session_id(); # if array should has expiration value if ($has_expire_date) { # check expiration field existance self::IsSecure($target_array, array($en)); # if it does not exists we will never reach this line be cause of exception arising in above line } # if we make here and $has_expire_date is enabled? OR naturally $target_array contains an expiration field if ($has_expire_date || isset($target_array[$en])) { # then for sure the exipration field is exists # adding expiration value of array to $based_upon[] required for hash $based_upon[] = $target_array[$en]; # adding expiration value of array to $isSecure_based_upon[] required for hash $isSecure_based_upon[] = $en; # anonymous function for asserting expiration value $expire_checkFunc = function ($en) { # check if the expiration value is less than current time or not return $en <= time(); }; # register expiration assertion function/value $asserts[$en] = $expire_checkFunc; } # get referer URI $refer = self::getRefererURI(); # require hashing module require_once 'hash.php'; # final checking of $target_array via its assertions self::IsSecure($target_array, $isSecure_based_upon, $asserts, array($hn => hash::Generate(implode("", $based_upon)), $rn => self::getURIHash(@$target_array[$tn] . $refer))); # if we reach this line its all OK return true; }