mirror of
https://github.com/skipperbent/simple-php-router.git
synced 2026-07-11 22:32:14 +00:00
Development
- Optimized Uri class. - Request class now uses SimpleRouter to get default-namespace as was originally the intended behavior. - Documentation changes.
This commit is contained in:
@@ -726,6 +726,36 @@ When you've created your CSRF-verifier you need to tell simple-php-router that i
|
|||||||
Router::csrfVerifier(new \Demo\Middlewares\CsrfVerifier());
|
Router::csrfVerifier(new \Demo\Middlewares\CsrfVerifier());
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Getting CSRF-token
|
||||||
|
|
||||||
|
When posting to any of the urls that has CSRF-verification enabled, you need post your CSRF-token or else the request will get rejected.
|
||||||
|
|
||||||
|
You can get the CSRF-token by calling the helper method:
|
||||||
|
|
||||||
|
```php
|
||||||
|
csrf_token();
|
||||||
|
```
|
||||||
|
|
||||||
|
You can also get the token directly:
|
||||||
|
|
||||||
|
```php
|
||||||
|
return Router::router()->getCsrfVerifier()->getTokenProvider()->getToken();
|
||||||
|
```
|
||||||
|
|
||||||
|
The default name/key for the input-field is `csrf_token` and is defined in the `POST_KEY` constant in the `BaseCsrfVerifier` class.
|
||||||
|
You can change the key by overwriting the constant in your own CSRF-verifier class.
|
||||||
|
|
||||||
|
**Example:**
|
||||||
|
|
||||||
|
The example below will post to the current url with a hidden field "`csrf_token`".
|
||||||
|
|
||||||
|
```html
|
||||||
|
<form method="post" action="<?= url(); ?>">
|
||||||
|
<input type="hidden" name="csrf_token" value="<?= csrf_token(); ?>">
|
||||||
|
<!-- other input elements here -->
|
||||||
|
</form>
|
||||||
|
```
|
||||||
|
|
||||||
## Custom CSRF-verifier
|
## Custom CSRF-verifier
|
||||||
|
|
||||||
Create a new class and extend the `BaseCsrfVerifier` middleware class provided by default with the simple-php-router library.
|
Create a new class and extend the `BaseCsrfVerifier` middleware class provided by default with the simple-php-router library.
|
||||||
@@ -790,36 +820,6 @@ $verifier->setTokenProvider(new SessionTokenProvider());
|
|||||||
Router::csrfVerifier($verifier);
|
Router::csrfVerifier($verifier);
|
||||||
```
|
```
|
||||||
|
|
||||||
## Getting CSRF-token
|
|
||||||
|
|
||||||
When posting to any of the urls that has CSRF-verification enabled, you need post your CSRF-token or else the request will get rejected.
|
|
||||||
|
|
||||||
You can get the CSRF-token by calling the helper method:
|
|
||||||
|
|
||||||
```php
|
|
||||||
csrf_token();
|
|
||||||
```
|
|
||||||
|
|
||||||
You can also get the token directly:
|
|
||||||
|
|
||||||
```php
|
|
||||||
return Router::router()->getCsrfVerifier()->getTokenProvider()->getToken();
|
|
||||||
```
|
|
||||||
|
|
||||||
The default name/key for the input-field is `csrf_token` and is defined in the `POST_KEY` constant in the `BaseCsrfVerifier` class.
|
|
||||||
You can change the key by overwriting the constant in your own CSRF-verifier class.
|
|
||||||
|
|
||||||
**Example:**
|
|
||||||
|
|
||||||
The example below will post to the current url with a hidden field "`csrf_token`".
|
|
||||||
|
|
||||||
```html
|
|
||||||
<form method="post" action="<?= url(); ?>">
|
|
||||||
<input type="hidden" name="csrf_token" value="<?= csrf_token(); ?>">
|
|
||||||
<!-- other input elements here -->
|
|
||||||
</form>
|
|
||||||
```
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
# Middlewares
|
# Middlewares
|
||||||
|
|||||||
@@ -28,7 +28,7 @@ class InputFile implements IInputItem
|
|||||||
*/
|
*/
|
||||||
public static function createFromArray(array $values)
|
public static function createFromArray(array $values)
|
||||||
{
|
{
|
||||||
if (array_key_exists('index', $values) === false) {
|
if (isset('index', $values) === false) {
|
||||||
throw new \InvalidArgumentException('Index key is required');
|
throw new \InvalidArgumentException('Index key is required');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -227,26 +227,7 @@ class Request
|
|||||||
*/
|
*/
|
||||||
public function setRewriteRoute(ILoadableRoute $route)
|
public function setRewriteRoute(ILoadableRoute $route)
|
||||||
{
|
{
|
||||||
$this->rewriteRoute = $route;
|
$this->rewriteRoute = SimpleRouter::addDefaultNamespace($route);
|
||||||
|
|
||||||
$callback = $route->getCallback();
|
|
||||||
|
|
||||||
/* Only add default namespace on relative callbacks */
|
|
||||||
if ($callback === null || $callback[0] !== '\\') {
|
|
||||||
|
|
||||||
$namespace = SimpleRouter::getDefaultNamespace();
|
|
||||||
|
|
||||||
if ($namespace !== null) {
|
|
||||||
|
|
||||||
if ($this->rewriteRoute->getNamespace() !== null) {
|
|
||||||
$namespace .= '\\' . $this->rewriteRoute->getNamespace();
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->rewriteRoute->setDefaultNamespace($namespace);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|||||||
+10
-18
@@ -6,20 +6,20 @@ class Uri
|
|||||||
{
|
{
|
||||||
private $originalUrl;
|
private $originalUrl;
|
||||||
private $data = [
|
private $data = [
|
||||||
'scheme',
|
'scheme' => '',
|
||||||
'host',
|
'host' => '',
|
||||||
'port',
|
'port' => '',
|
||||||
'user',
|
'user' => '',
|
||||||
'pass',
|
'pass' => '',
|
||||||
'path',
|
'path' => '',
|
||||||
'query',
|
'query' => '',
|
||||||
'fragment',
|
'fragment' => '',
|
||||||
];
|
];
|
||||||
|
|
||||||
public function __construct($url)
|
public function __construct($url)
|
||||||
{
|
{
|
||||||
$this->originalUrl = $url;
|
$this->originalUrl = $url;
|
||||||
$this->data = array_merge($this->data, $this->parseUrl(urldecode($url)));
|
$this->data = $this->parseUrl($url) + $this->data;
|
||||||
|
|
||||||
if (isset($this->data['path']) === true && $this->data['path'] !== '/') {
|
if (isset($this->data['path']) === true && $this->data['path'] !== '/') {
|
||||||
$this->data['path'] = rtrim($this->data['path'], '/') . '/';
|
$this->data['path'] = rtrim($this->data['path'], '/') . '/';
|
||||||
@@ -134,15 +134,7 @@ class Uri
|
|||||||
*/
|
*/
|
||||||
public function parseUrl($url, $component = -1)
|
public function parseUrl($url, $component = -1)
|
||||||
{
|
{
|
||||||
$encodedUrl = preg_replace_callback(
|
$parts = parse_url(urlencode($url), $component);
|
||||||
'%[^:/@?&=#]+%u',
|
|
||||||
function ($matches) {
|
|
||||||
return urlencode($matches[0]);
|
|
||||||
},
|
|
||||||
$url
|
|
||||||
);
|
|
||||||
|
|
||||||
$parts = parse_url($encodedUrl, $component);
|
|
||||||
|
|
||||||
if ($parts === false) {
|
if ($parts === false) {
|
||||||
throw new \InvalidArgumentException('Malformed URL: ' . $url);
|
throw new \InvalidArgumentException('Malformed URL: ' . $url);
|
||||||
|
|||||||
@@ -420,7 +420,7 @@ class SimpleRouter
|
|||||||
* @param IRoute $route
|
* @param IRoute $route
|
||||||
* @return IRoute
|
* @return IRoute
|
||||||
*/
|
*/
|
||||||
protected static function addDefaultNamespace(IRoute $route)
|
public static function addDefaultNamespace(IRoute $route)
|
||||||
{
|
{
|
||||||
if (static::$defaultNamespace !== null) {
|
if (static::$defaultNamespace !== null) {
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user