Development

- Added check in `CsrfToken` class to ensure that IV generation is strong and secure.
- Minor optimisations mostly related to PHPDocs and PHPStorm code-inspection.

src/Pecee/CsrfToken.php

@@ -10,6 +10,7 @@ class CsrfToken
     /**
      * Generate random identifier for CSRF token
      *
+     * @throws \RuntimeException
      * @return string
      */
     public static function generateToken()
@@ -18,7 +19,14 @@ class CsrfToken
             return bin2hex(random_bytes(32));
         }
 
-        return bin2hex(openssl_random_pseudo_bytes(32));
+        $isSourceStrong = false;
+
+        $random = openssl_random_pseudo_bytes(32, $isSourceStrong);
+        if ($isSourceStrong === false || $random === false) {
+            throw new \RuntimeException('IV generation failed');
+        }
+
+        return $random;
     }
 
     /**

src/Pecee/Http/Input/Input.php

@@ -60,7 +60,7 @@ class Input
     {
         $list = [];
 
-        foreach ($_FILES as $key => $value) {
+        foreach ((array)$_FILES as $key => $value) {
 
             // Handle array input
             if (is_array($value['name']) === false) {

src/Pecee/SimpleRouter/Route/RouteController.php

@@ -66,7 +66,7 @@ class RouteController extends LoadableRoute implements IControllerRoute
             foreach (static::$requestTypes as $requestType) {
 
                 if (stripos($method, $requestType) === 0) {
-                    $method = substr($method, strlen($requestType));
+                    $method = (string)substr($method, strlen($requestType));
                     break;
                 }
             }

src/Pecee/SimpleRouter/Route/RouteResource.php

@@ -53,7 +53,7 @@ class RouteResource extends LoadableRoute implements IControllerRoute
 
         /* Remove method/type */
         if (strpos($name, '.') !== false) {
-            $name = substr($name, 0, strrpos($name, '.'));
+            $name = (string)substr($name, 0, strrpos($name, '.'));
         }
 
         return (strtolower($this->name) === strtolower($name));

src/Pecee/SimpleRouter/SimpleRouter.php

@@ -33,6 +33,10 @@ class SimpleRouter
      */
     protected static $response;
 
+    /**
+     * Router instance
+     * @var Router
+     */
     protected static $router;
 
     /**
@@ -214,7 +218,7 @@ class SimpleRouter
      * @param string $url
      * @param string|\Closure $callback
      * @param array|null $settings
-     * @return RouteUrl
+     * @return RouteUrl|IRoute
      */
     public static function match(array $requestMethods, $url, $callback, array $settings = null)
     {
@@ -237,7 +241,7 @@ class SimpleRouter
      * @param string $url
      * @param string|\Closure $callback
      * @param array|null $settings
-     * @return RouteUrl
+     * @return RouteUrl|IRoute
      */
     public static function all($url, $callback, array $settings = null)
     {
@@ -259,7 +263,7 @@ class SimpleRouter
      * @param string $url
      * @param string $controller
      * @param array|null $settings
-     * @return RouteController
+     * @return RouteController|IRoute
      */
     public static function controller($url, $controller, array $settings = null)
     {
@@ -281,7 +285,7 @@ class SimpleRouter
      * @param string $url
      * @param string $controller
      * @param array|null $settings
-     * @return RouteResource
+     * @return RouteResource|IRoute
      */
     public static function resource($url, $controller, array $settings = null)
     {