/** * @return void */ public function filterInput() { $encrypt_cookie_list = $this->security_config->get('encrypt_cookie_list'); foreach ($this->cookie_input as $name => $value) { if (in_array($name, $encrypt_cookie_list)) { $this->cookie_input->{$name} = $this->simple_encrypt->decrypt($value); } } }
/** * @return void */ public function filterInput() { $encrypt_prefix = $this->security_config->get('encrypt_form_name_with_prefix'); foreach ($this->post_input as $name => $value) { if ($encrypt_prefix and mb_stripos($name, $encrypt_prefix) === 0) { $decrypted_name = $this->simple_encrypt->decrypt(str_replace($encrypt_prefix, '', $name)); $this->post_input->{$decrypted_name} = $value; } } }
/** * @return void */ public function filterInput() { if (!in_array($this->request_info->REQUEST_METHOD, ['POST', 'PUT', 'DELETE', 'PATCH'])) { return; } $csrf_form_name = $this->security_config->get('csrf_form_name'); $csrf_cookie_name = $this->security_config->get('csrf_cookie_name'); if (!($form_token = $this->post_input->{$csrf_form_name})) { trigger_error('Csrf form token lost!!!'); return; } if (!($cookie_token = $this->cookie_input->{$csrf_cookie_name})) { trigger_error('Csrf cookie token lost!!!'); return; } if ($this->simple_encrypt->decrypt($form_token) !== $cookie_token) { trigger_error('Cross site request forgery found!!!'); } }