/**
  * @param bool $shouldCheckTokenOfUnsafeMethods
  * @return void
  */
 public function run($shouldCheckTokenOfUnsafeMethods = true)
 {
     $tokenName = $this->getTokenName();
     $token = Request::getCookieParam($tokenName);
     if ($shouldCheckTokenOfUnsafeMethods === false || $this->isSafeMethod(Request::getMethod())) {
         if ($token === null) {
             $this->initializeToken();
         }
     } else {
         if ($token === null) {
             throw new ForbiddenException();
         } else {
             $tmp = Request::getBodyParam($tokenName);
             if ($tmp === $token) {
                 return;
             }
             if ($tmp !== null) {
                 $this->initializeToken();
             }
             throw new ForbiddenException();
         }
     }
 }
Esempio n. 2
0
 /**
  * @param array $options
  * @return bool
  */
 private function checkMethod($options)
 {
     if (isset($options['methods'])) {
         if (is_array($options['methods']) === false) {
             throw new RoutingException("Option 'methods' must be an array, " . gettype($options['methods']) . " given.");
         }
         $isMethodAllowed = false;
         $requestMethod = Request::getMethod();
         foreach ($options['methods'] as $method) {
             if (strtoupper($method) === $requestMethod) {
                 $isMethodAllowed = true;
                 break;
             }
         }
         if ($isMethodAllowed === false) {
             $this->setMatchStatus(self::MATCH_STATUS_METHOD_NOT_MATCHED);
             $this->addAllowedMethods($options['methods']);
             return false;
         }
     }
     return true;
 }