}); # A view $klein->respond('GET', '/view', function ($req, $res) use($parser, $stringifier) { $page = $parser->parseJade($_GET['form']); $view = $page->getView($_GET['view']); $render = $view->makeView($view->query($req->paramsGet()->get('page', 1))); $stringifier->writeResponse(new PageWrapper($render), $res); }); # A form itself $klein->respond('GET', '/forms/[:formID]', function ($req, $res) use($parser, $stringifier) { $config = Config::get(); # This code caches the HTML associated with a form if "cache-forms" is enabled $cache = $config['cache-forms'] ? new Cache() : new FakeCache(); $cache->setPrefixSize(0); $html = $cache->getOrCreate('jade-' . sha1_file($parser->getForm($req->formID)) . '-' . sha1_file('config/config.toml'), [], function () use($req, $parser, $stringifier) { return json_encode($stringifier->makeArray($parser->parseJade($req->formID)->makeFormPart())); }); # We add asset URLs and the CSRF token outside of the getOrCreate function # so that these aren't getting cached. # Create a XSRF token $csrf = new \Riimu\Kit\CSRF\CSRFHandler(); $token = $csrf->getToken(); # Write the response $stringifier->writeArray(json_decode($html, true), $res, $token); }); $klein->respond('POST', '/submit', function ($req, $res) use($parser, $stringifier) { $res->header('X-Frame-Options', 'DENY'); # Check for XSRF $csrf = new \Riimu\Kit\CSRF\CSRFHandler(); $csrf->validateRequest(true); # The name of the form is provided in the $_POST data,